@GurliGebis definately
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Nov 19 2023
Nov 19 2023
c-po moved T2405: commit archive to GIT from Need Triage to Finished on the VyOS 1.5 Circinus board.
c-po changed the status of T2405: commit archive to GIT, a subtask of T139: Commit archive backends, from Open to Needs testing.
c-po added a comment to T5686: Loss of connectivity on dhcp enabled ethernet interfaces after abrupt link restarts.
kea-dhcp will only be the server, not the DHCP client that you use here, I am unaware of a Kea based DHCP client.
ishan added a comment to T5686: Loss of connectivity on dhcp enabled ethernet interfaces after abrupt link restarts.
This has happened 2-3 times since my last comment. I'll keep this open until kea-dhcp is merged and then check if this bug remains.
Nov 18 2023
Nov 18 2023
Can this get backported to 1.4?
c-po moved T1354: Add support for VLAN-Aware bridges from Need Triage to Finished on the VyOS 1.5 Circinus board.
c-po moved T1354: Add support for VLAN-Aware bridges from Need Triage to Finished on the VyOS 1.4 Sagitta board.
I agree, even if its "odd" at first sight I like that all interfaces are named ethX within VyOS and then its a matter to map each to physical interface by hw-id (which is done automagically during first install but can be remapped if wanted).
I am against this change, why not use eth0 everywhere? If it's a WAN or LAN port should be user decidable. Please use udev rules to rename those interfaces to eth0...ethXX
ahh.. looking at it now it looks like the new upstream DTB uses lanX for all "lan" switchports..
Enumaration order and names are specified here:
DSA switch ports: https://github.com/torvalds/linux/blob/master/arch/arm64/boot/dts/mediatek/mt7986a-bananapi-bpi-r3.dts#L408-L459
CPU Ethernet ports: https://github.com/torvalds/linux/blob/master/arch/arm64/boot/dts/mediatek/mt7986a-bananapi-bpi-r3.dts#L171-L198
@Apachez no, they are not mapped by hw-id, all mapping of DSA ports are done by the DTB file (Hardware Device Tree) loaded into the kernel. also the enumeration order of cpu ethX interfaces are specified by the DTB file
Does all the interfaces at bananapi represent a hw-id which can be used to map to the ethX syntax of VyOS?
jestabro raised the priority of T5758: Restore scanning configs when live installing from Low to Normal.
Nov 17 2023
Nov 17 2023
Hey @fernando - yes, I tested it with two routers in a test environment, with the following setup: https://docs.vyos.io/en/latest/configuration/vpn/site2site_ipsec.html
Do you tested it ? using our current rolling-release
Viacheslav renamed T5750: Upgrade from 1.3.4 to 1.4 Rolling fails QoS from Upgrade from 1.3.4 to 1.4 Rolling fails. to Upgrade from 1.3.4 to 1.4 Rolling fails QoS.
Viacheslav added a project to T5750: Upgrade from 1.3.4 to 1.4 Rolling fails QoS: VyOS 1.5 Circinus.
Viacheslav changed the status of T5749: Show MAC address VRF and MTU by default for "show interfaces", a subtask of T5747: op-mode add MAC VRF and MTU for show interfaces summary, from Open to In progress.
Viacheslav changed the status of T5749: Show MAC address VRF and MTU by default for "show interfaces" from Open to In progress.
This is on a virtio interface:
Simple reproducer - doesn't need to be an upgrade, just apply this to 1.4
Nov 16 2023
Nov 16 2023
c-po changed the status of T5753: Add VXLAN vnifilter support, a subtask of T3700: Support VLAN tunnel mapping of VLAN aware bridges, from Open to In progress.
Things to note that I'm not sure if they play a part:
jestabro added a project to T4516: Rewrite system image manipulation tools in Python: VyOS 1.5 Circinus.
vyos-1.4.log165 KBDownload
Re-Opening. this need to be extended to bridge firewall
Viacheslav updated the task description for T5749: Show MAC address VRF and MTU by default for "show interfaces".
Viacheslav changed the status of T5747: op-mode add MAC VRF and MTU for show interfaces summary from Open to Needs testing.
c-po renamed T5748: Tunnel class Interface method get_mac() returns IP address for the tunnel interface from Class Interface method get_mac() retruns IP address for the tunnel interface to Tunnel class Interface method get_mac() returns IP address for the tunnel interface.
c-po added a comment to T5748: Tunnel class Interface method get_mac() returns IP address for the tunnel interface.
>>> from vyos.ifconfig import Interface
>>> Interface('tun0').get_mac()
'192.0.2.1'c-po moved T5736: igmp: migrate "protocols igmp" to "protocols pim" from Need Triage to Finished on the VyOS 1.5 Circinus board.
c-po moved T5736: igmp: migrate "protocols igmp" to "protocols pim" from Need Triage to Finished on the VyOS 1.4 Sagitta board.
c-po closed T5595: Multicast - PIM bfd feature enable , a subtask of T5733: pim(6): rewrite FRR PIM daemon configuration to get_config_dict() and add missing IGMP features, as Resolved.
c-po moved T5595: Multicast - PIM bfd feature enable from Need Triage to Finished on the VyOS 1.4 Sagitta board.
c-po moved T5595: Multicast - PIM bfd feature enable from Need Triage to Finished on the VyOS 1.5 Circinus board.
giuavo added a comment to T5722: Commit failure when trying to add a route in failover if the gateway is not in the same interface network.
I would like to contribute with a PR about this. At the same, time I would need some guidance on identifying the conditions requiring the onlink option to be added.
a.hajiyev changed the status of T2816: Rewrite IPsec scripts with the new XML/Python approach from Needs testing to In progress.
n.fort changed the status of T4072: Feature Request: Firewall on bridge interfaces from Needs testing to In progress.
As I undestand it is possible now to create multiple auth ID's
vyos@r4# set vpn ipsec authentication psk FOO id Possible completions: <text> ID used for authentication
Not sure about other options.
Viacheslav added a project to T5747: op-mode add MAC VRF and MTU for show interfaces summary: VyOS 1.4 Sagitta.
Viacheslav renamed T5747: op-mode add MAC VRF and MTU for show interfaces summary from op-mode add MAC and MTU for show interfaces to op-mode add MAC VRF and MTU for show interfaces summary.
Tested in VyOS 1.4-rolling-202311100309 (AES)
Tested in VyOS 1.4-rolling-202311100309 (3DES)
Viacheslav closed T5689: FRR 9.0.1 in VyOS current segfaults on show rpki prefix $prefix as Resolved.
Viacheslav changed the status of T5689: FRR 9.0.1 in VyOS current segfaults on show rpki prefix $prefix from Open to Needs testing.
In VyOS 1.3.4
Configs:
I have a similar setup where I have two VyOS VMs used as VPN routers with some firewalling enabled. Since I use OSPF for dynamic routing I am not able to synchronize the sessions between both routers so in case one VPN router fails the other one can't take over flawlessly. Having conntrack-sync configuration separated from VRRP would be a great benefit.
I tested in VyOS 1.4-rolling-202311100309
Unknown Object (User) added a comment to T4940: Interface debugging.
https://github.com/vyos/vyos-1x/pull/2492
for equuleus
Tested in VyOS 1.4-rolling-202311100309
Tried with single quotes: ''
This can be done in other areas such as firewall rules already:
Nov 15 2023
Nov 15 2023
PR https://github.com/vyos/vyos-1x/pull/2491
vyos@r4# run show interfaces summary
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address MAC VRF MTU S/L Description
----------- ----------------- ----------------- ------- ----- ----- -------------
dum0 203.0.113.1/32 96:44:ad:c5:a1:a5 default 1500 u/u
eth0 192.168.122.14/24 52:54:00:f1:fd:77 default 1500 u/u WAN
eth1 192.0.2.1/24 52:54:00:04:33:2b foo 1500 u/u LAN-eth1
eth1v10v4 10.10.10.10/24 00:00:5e:00:01:0a foo 1500 u/u
eth2 - 52:54:00:40:2e:af default 1504 u/u LAN-eth2
eth3 - 52:54:00:09:a4:b4 default 1500 A/D
eth4 - 52:54:00:2c:51:09 default 1500 A/D
eth5 - 52:54:00:f3:1d:e8 default 1500 A/D
lo 127.0.0.1/8 00:00:00:00:00:00 default 65536 u/u
::1/128