about vyos-1x:
current and sagitta don't use distutils, I found this only for equuleus
https://github.com/vyos/vyos-1x/blob/ae96118ec38c4064552889aea5e50023a66aac1e/src/conf_mode/nat.py#L21
https://github.com/vyos/vyos-1x/blob/ae96118ec38c4064552889aea5e50023a66aac1e/smoketest/scripts/cli/test_system_login.py#L23
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed Search
Apr 5 2024
Apr 5 2024
c-po closed T6089: [1.3.6->1.4.0-epa1 Migration] "ospf passive-interface default" incorrectly added, a subtask of T5938: Migration fail root task for 1.4-rc, as Resolved.
n.fort changed the status of T6205: ipoe: error in migration script logic while renaming mac-address to mac, a subtask of T5938: Migration fail root task for 1.4-rc, from Open to Confirmed.
natali-rs1985 changed the status of T1244: Add support for StartupResync in conntrack-sync from Open to In progress.
We are currently using FRR segment routing set protocols segment-routing srv6
For now, it could be closed
fix for vyos-build: https://github.com/vyos/vyos-build/pull/549
Apr 4 2024
Apr 4 2024
dmbaturin added projects to T5022: VRRP add mail notification: VyOS 1.5 Circinus, Restricted Project.
dmbaturin added a project to T4564: Root task for rewriting [op-mode] to vyos.opmode format: VyOS 1.5 Circinus.
dmbaturin added a project to T4406: Make an API endpoint for for anonymous host info retrieval (e.g. by a login page): Restricted Project.
dmbaturin added a project to T4393: sstp: add support for configuring host-name (SNI): Restricted Project.
dmbaturin edited projects for T4318: Add ability to mark nodes as non-tag nodes, added: Restricted Project, VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.7).
dmbaturin removed a project from T3843: l2tp configuration not cleared after delete: VyOS 1.3 Equuleus (1.3.7).
They are signed with minisign now.
dmbaturin added a project to T6144: Updating the system image without enough space for the files can break the system: Restricted Project.
Apr 4 2024, 7:48 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q2), VyOS 1.4 Sagitta (1.4.3), Restricted Project, VyOS Rolling
dmbaturin closed T6139: Fix generate qcow2 from iso got error on repo https://github.com/vyos/vyos-vm-images as Wontfix.
This will be handled by the redesigned flavor system soon (T3664).
c-po changed the status of T6089: [1.3.6->1.4.0-epa1 Migration] "ospf passive-interface default" incorrectly added, a subtask of T5938: Migration fail root task for 1.4-rc, from Open to In progress.
HollyGurza changed the status of T6166: Allow the user to specify tech support report output location from Open to In progress.
Apr 3 2024
Apr 3 2024
Unknown Object (User) added a comment to T5873: ipsec remote access VPN: support VTI interfaces.
Just wondering - is it possible to add a vti interface to a zone in the firewall?
How would one go about using this with the zone based firewall? 🙂
Does anyone have any thoughts on the best place to start adding this functionality / design ideas for this feature?
n.fort added a comment to T6068: Support active-active and active-passive high availability modes in DHCP server.
PR for Sagitta: https://github.com/vyos/vyos-1x/pull/3239
Try with:
Apr 2 2024
Apr 2 2024
Related to https://vyos.dev/T6080
c-po moved T6198: configverify: add common helper for PKI certificate validation from Open to Finished on the VyOS 1.5 Circinus board.
fernando added a comment to T6151: BGP VRF route-leaking does not work when the next-hop is a recursive route.
this new command was merge in order to solved this problem :
vyos@vrf-test:~$ show configuration commands | match disable set protocols bgp parameters disable-ebgp-connected-route-check
Apr 1 2024
Apr 1 2024
Always exclude this address from any defined range. This address will never be assigned by the DHCP server.
Ok, it will exclude in any range.
Forget about it
@ServerForge It is question for hsflowd
You can open the issue on their git repo
Its no longer failing to start, but it seems to be only capturing inbound traffic on the tunnel, no outbound. I'm also observing this behavior on vlan interfaces, IE bond0.10.
Mar 31 2024
Mar 31 2024
Proposed CLI:
set nat cgnat pool external <external> range 192.0.2.0/30 seq 1 set nat cgnat pool external <external> range 192.0.2.128-192.0.2.132 seq 2 set nat cgnat pool external <external> per-user-limit port 1024 set nat cgnat pool external <external> global-port-range 1024-65535 set nat cgnat pool internal <internal> range 100.64.1.0/24
Viacheslav moved T5832: Allow setting the interface for excluded address in VRRP from Open to Finished on the VyOS 1.4 Sagitta board.
@kevinrausch Thank you for the report, next time it is better to use set of the commands to reproduce
vyos@r4:~$ generate tech-support archive /tmp/foo
Traceback (most recent call last):
File "/usr/libexec/vyos/op_mode/generate_tech-support_archive.py", line 123, in <module>
tmp_dir.mkdir()
File "/usr/lib/python3.11/pathlib.py", line 1117, in mkdir
os.mkdir(self, mode)
FileNotFoundError: [Errno 2] No such file or directory: '/tmp/foo/drops-debug_2024-03-31T12-07-09'
vyos@r4:~$It seems hardcoded here https://github.com/vyos/vyos-1x/blob/252d03d6e419aae14ae75caed38d1b1001c916a2/src/op_mode/generate_tech-support_archive.py#L96
Mar 30 2024
Mar 30 2024
Mar 29 2024
Mar 29 2024
line 107: available_images: list[str] = annotated_list(grub.version_list())
Should be: available_images: list[str] = grub.version_list()
haakon.nore added a comment to T6148: Reset vpn ipsec command breaks tunnel and does not reset SAs that are down.
Not sure if it is meaningful to create a new operational vyos command "initiate" or re-write the reset to be consistent with older VyOS.
Viacheslav changed the status of T6033: hsflowd fails to start when using a tunnel interface from In progress to Needs testing.
Viacheslav changed the status of T6033: hsflowd fails to start when using a tunnel interface from Open to In progress.
@ServerForge, it seems to be working with the v2.0.55-1 version. Could you build a package and re-check?
git clone -b v2.0.55-1 --single-branch https://github.com/sflow/host-sflow.git sudo apt-get install -y libpcap0.8-dev make deb FEATURES="PCAP DROPMON DBUS"
Viacheslav changed the subtype of T6033: hsflowd fails to start when using a tunnel interface from "Task" to "Bug".
Viacheslav added a project to T6033: hsflowd fails to start when using a tunnel interface: VyOS 1.5 Circinus.
Only ethernet interfaces or bridges are allowed; from their docs https://sflow.net/host-sflow-linux-config.php
PCAP Packet Sampling
It seems a broken local build; close the task.
Reopen if necessary.
Viacheslav added a comment to T6148: Reset vpn ipsec command breaks tunnel and does not reset SAs that are down.
"reset vpn ipsec " command and does not reset SAs that are dow
Mar 28 2024
Mar 28 2024
sarthurdev moved T6147: Conntrack not working as expected with global state-policy from In Progress to Finished on the VyOS 1.5 Circinus board.
sarthurdev moved T5606: IPSec VPN: Allow multiple CAs certificates from In Progress to Finished on the VyOS 1.5 Circinus board.
Updated PR to use multi nodes: https://github.com/vyos/vyos-1x/pull/3202
HollyGurza added a comment to T4718: DHCP server listen-address doesn't take effect if the interface is in a VRF.
current - https://github.com/vyos/vyos-1x/pull/3195
sagitta - https://github.com/vyos/vyos-1x/pull/3196
Unknown Object (User) created T6182: Telegramm integration.
Mar 27 2024
Mar 27 2024
HollyGurza changed the status of T4718: DHCP server listen-address doesn't take effect if the interface is in a VRF from Open to In progress.
Mar 26 2024
Mar 26 2024
Have installed 1.5-rolling-202403200018 in a VM as a clean install (no prior configs) to dig at this but have hit a block.
Mar 25 2024
Mar 25 2024
Sure but if the function "port auto-power-down" is mapped to the ethtool function of disabling EEE then it should be safe?
L0crian added a comment to T5991: 1.4.0-RC3 deleting portions of config in error (migration script).
@jestabro Thanks, a solution definitely seems close.
jestabro added a comment to T5991: 1.4.0-RC3 deleting portions of config in error (migration script).
@L0crian thanks for the details: c-po's PR is part of the solution, but there is more to the story, as you point out.
L0crian added a comment to T5991: 1.4.0-RC3 deleting portions of config in error (migration script).
In T5991#181120, @Viacheslav wrote:It is not an actual ethernet interface, but you name it as an ethernet interface.
You can check the output sudo ip link show type wireguard or sudo ip link show type tun
Viacheslav added a comment to T5991: 1.4.0-RC3 deleting portions of config in error (migration script).
It is not an actual ethernet interface, but you name it as an ethernet interface.
You can check the output sudo ip link show type wireguard or sudo ip link show type tun
L0crian updated subscribers of T5991: 1.4.0-RC3 deleting portions of config in error (migration script).
I tested https://github.com/vyos/vyos-1x/pull/3173 today, and it definitely helps the original use-case of this task. Configuration calling interfaces that come up post-boot, like those installed from a container, persist. The one problem is the interface level config is still deleted on-boot from some check that is performed.