Oops, sorry about that!
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Sep 20 2023
Sep 20 2023
jestabro triaged T5608: Rewrite add/delete raid member to Python and remove from vyatta-op as Normal priority.
jestabro triaged T5607: Adjust RAID smoketest for non-deterministic SCSI device probing as Normal priority.
GitHub <[email protected]> committed rVYOSONEX11edfade9f5b: Merge pull request #2297 from vyos/mergify/bp/sagitta/pr-2296 (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX398fb266101c: openvpn: T5269: add a deprecation warning for shared-secret (authored by dmbaturin).
GitHub <[email protected]> committed rVYOSONEXf9fd136402e8: Merge pull request #2296 from dmbaturin/T5269-deprecate-shared-secret (authored by c-po).
@Apachez It is not FQDN based
Should I ask this to you.
In T5601#160566, @vvinci00 wrote:Hello,
I need to reverse proxy TCP traffic.
the traffic is not HTTP/HTTPS
Apachez added a comment to T5604: List of debian archives is out of date (non-free-firmware is missing).
PR created: https://github.com/vyos/vyos-build/pull/418
Contact our sales or ask forum
It's possible to use VyOS as reverse proxy on TCP traffic (not HTTP)?
if yes, what configuration it's necessary?
if not, do you know any solutions that can help me?
In T5601#160566, @vvinci00 wrote:Hello,
I need to reverse proxy TCP traffic.
the traffic is not HTTP/HTTPS
I need to reverse proxy TCP traffic.
the traffic is not HTTP/HTTPS
dmbaturin closed T5271: Add support for peer-fingerprint to OpenVPN, a subtask of T5269: OpenVPN non-TLS site-to-site mode deprecation, as Resolved.
Viacheslav moved T5241: Support veth interfaces to working with netns from Open to Finished on the VyOS 1.5 Circinus board.
Viacheslav moved T5241: Support veth interfaces to working with netns from Finished to Backlog on the VyOS 1.4 Sagitta board.
Viacheslav closed T5238: interface virtual-etherne - error when it doesn't use a peer , a subtask of T3829: Support separated TCP/IP stack via "ip netns", as Resolved.
set netns name mgmt
set interfaces virtual-ethernet veth1 address '10.0.0.0/31'
set interfaces virtual-ethernet veth1 peer-name 'veth10'
set interfaces virtual-ethernet veth10 address '10.0.0.1/31'
set interfaces virtual-ethernet veth10 netns 'mgmt'
set interfaces virtual-ethernet veth10 peer-name 'veth1'
Viacheslav closed T5241: Support veth interfaces to working with netns, a subtask of T3829: Support separated TCP/IP stack via "ip netns", as Resolved.
PR https://github.com/vyos/vyos-1x/pull/2295
set system sysctl parameter net.ipv4.tcp_syncookies value '1' set system sysctl parameter net.ipv4.tcp_timestamps value '1'
dmbaturin updated the task description for T5605: Do not generate keysize option in OpenVPN configs.
Viacheslav changed the status of T5602: For reverse-proxy type of load-balancing feature, support "backup" option in backends configuration from Open to In progress.
Viacheslav renamed T5599: Firewall unexpectedly changes some sysctl options from Firwall unexpectedly changes some sysctl options to Firewall unexpectedly changes some sysctl options.
Viacheslav changed the status of T4502: Consider implementing (NAT/other) flow table offload from Open to Needs testing.
You do not use port 80/443, so it does not have HTTP-HEADER (in theory).
service LB_port_451 {
listen-address 10.1.1.1
mode tcp
port 451Try to change to port 80 and check if it works.
You need another solution/configuration
GitHub <[email protected]> committed rVYOSONEXb52cf1b7b3bc: Merge pull request #2293 from sarthurdev/conntrack_flowtable (authored by c-po).
Sep 19 2023
Sep 19 2023
Apachez added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.
Some highly unscientific tests (only did 3 reboots of each to rule out that any uncached data at the host would affect the result since I run this in a VM through VirtualBox 7.0) shows a difference of up to 2.1% improvment when having a config with 200 static routes.
Parent task is completed - Bugs will get their own subtask and linked to this parent if possible.
c-po moved T5239: Host name and domain name missing from the FRR configuration from Finished to In Progress on the VyOS 1.5 Circinus board.
c-po moved T5239: Host name and domain name missing from the FRR configuration from Finished to In Progress on the VyOS 1.4 Sagitta board.
c-po moved T5239: Host name and domain name missing from the FRR configuration from Open to Finished on the VyOS 1.4 Sagitta board.
c-po moved T5239: Host name and domain name missing from the FRR configuration from Open to Finished on the VyOS 1.5 Circinus board.
c-po added a project to T5239: Host name and domain name missing from the FRR configuration: VyOS 1.5 Circinus.
This should fix the hostname issue reported to BGP neighbors: https://github.com/vyos/vyos-1x/pull/2289
c-po moved T5596: bgp: add new features from FRR 9 from Open to Finished on the VyOS 1.5 Circinus board.
c-po moved T5588: Add kernel conntrack_bridge module from Open to Finished on the VyOS 1.4 Sagitta board.
c-po moved T5596: bgp: add new features from FRR 9 from Open to Finished on the VyOS 1.4 Sagitta board.
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXe8581998c2bf: init: T5239: configure system hostname prior to FRR startup (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXbdb00d1c781f: utils: T5239: add low-level read from config.boot (authored by jestabro).
c-po committed rVYOSONEX56d3f75de487: utils: T5239: add low-level read from config.boot (authored by jestabro).
GitHub <[email protected]> committed rVYOSONEX483482f16133: Merge pull request #2289 from c-po/t5239-frr (authored by c-po).
In T4502#160404, @Apachez wrote:Perhaps a possible way to detect if the nic supports hardware flowtables or not.
Try to set sudo ethtool -K eth0 hw-tc-offload on.
If the result becomes:
Actual changes: hw-tc-offload: off [requested on] Could not change any device featuresThen it doesnt support hardware flowtables.
Could also verify by reading the capability like so:
$ ethtool -k eth0 | grep hw-tc-offload hw-tc-offload: off [fixed]
Perhaps a possible way to detect if the nic supports hardware flowtables or not.
n.fort renamed T5600: Firewall - Remove or extend constraint on 'interface-name' from Firewall - Remove contraint on 'interface-name' to Firewall - Remove or extend constraint on 'interface-name'.
Some feedback from the #netfilter channel over at libera.chat:
n.fort changed the status of T5600: Firewall - Remove or extend constraint on 'interface-name' from Open to In progress.
GitHub <[email protected]> committed rVYOSONEX78e07ec57102: Merge pull request #2290 from vyos/mergify/bp/sagitta/pr-2285 (authored by dmbaturin).
Apachez added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.
I got some funny results which I hope somebody else (with a faster cpu) are able to verify?
GitHub <[email protected]> committed rVYOSONEXda4006c2a784: Merge pull request #2282 from nicolas-fort/T5594-equuleus (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX42b06ec46f3c: isis: T5597: add new features from FRR 9 (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX7f08523bb7c5: bgp: T5596: add new features from FRR 9 (authored by c-po).
GitHub <[email protected]> committed rVYOSONEXdb53c8e77cd9: Merge pull request #2284 from c-po/t5596-bgp (authored by c-po).
GitHub <[email protected]> committed rVYOSONEXdcdcc18b2097: Merge pull request #2285 from c-po/T5597-isis (authored by c-po).
GitHub <[email protected]> committed rVYOSONEXe570044ff8a8: Merge pull request #2288 from sarthurdev/flowtable (authored by c-po).
GitHub <[email protected]> committed rVYOSONEX89f650f3db2d: Merge pull request #2287 from vyos/mergify/bp/sagitta/pr-2281 (authored by c-po).
Viacheslav updated the task description for T5599: Firewall unexpectedly changes some sysctl options.
syncer changed the subtype of T2612: HTTPS API, changing API key fails but goes through from "Task" to "Bug".
First tests unsecseful
Viacheslav changed the status of T5588: Add kernel conntrack_bridge module from Open to In progress.
Apachez added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.
Im guessing that what this task complains about has a huge part of the time it takes to complete smoketests.
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX967751b12c98: T5594: vrrp: extend function is_ipv6_tentative to analysis all type of ipv6… (authored by n.fort).
PR updated (again): https://github.com/vyos/vyos-1x/pull/2280
Viacheslav changed the status of T5591: Cleanup of FRR daemons-file and various FRR fixes from Open to In progress.
Viacheslav changed the status of T5590: Firewall "log enable" logs every packet from In progress to Needs testing.
Hello @sdev Sorry to bother you. The issue hasn't been fixed in the recent rolling release: VyOS 1.5-rolling-202309170024
Sep 18 2023
Sep 18 2023
PR updated: https://github.com/vyos/vyos-1x/pull/2280