My system finally crashed again today. I found a workload that generates enough traffic over the VPN to reliably re-produce.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Apr 15 2024
Apr 14 2024
Seems like its either fixed or was a quirk in that specific version.
I don't see those logs:
set service monitoring telegraf influxdb authentication organization 'vyos' set service monitoring telegraf influxdb authentication token 'lxxx=' set service monitoring telegraf influxdb bucket 'vyos' set service monitoring telegraf influxdb url 'http://192.168.122.14'
The dictionaries process the \n different way
environment.POSTGRES_HOST_AUTH_METHOD.value.
1.5
vyos@r4# commit [ container ] {'container_remove': ['c1', 'c2'], 'name': {'test-postgres-master': {'allow_host_networks': {}, 'command': 'postgres -c wal_level=replica ' '-c hot_standby=on -c ' 'max_wal_senders=10 -c ' 'max_replication_slots=10 -c ' 'hot_standby_feedback=on', 'environment': {'POSTGRES_HOST_AUTH_METHOD': {'value': 'scram-sha-256\\nhost ' 'replication ' 'all ' '0.0.0.0/0 ' 'md5'}, 'POSTGRES_PASSWORD': {'value': 'password'}}, 'image': 'postgres:14-alpine', 'memory': '512', 'restart': 'always', 'shared_memory': '64'}}, 'network': {'NET01': {'prefix': ['10.0.0.0/24']}}, 'registry': {'docker.io': {}, 'quay.io': {}}}
Diff
check --env "POSTGRES_HOST_AUTH_METHOD=. options
1.5
vyos@r4# cat /run/systemd/system/vyos-container-test-postgres-master.service | grep ExecStart -A2 ExecStartPre=/bin/rm -f %t/%n.pid %t/%n.cid ExecStart=/usr/bin/podman run \ --conmon-pidfile %t/%n.pid --cidfile %t/%n.cid --cgroups=no-conmon \ --detach --interactive --tty --replace --memory 512m --shm-size 64m --memory-swap 0 --restart always --name test-postgres-master --env "POSTGRES_HOST_AUTH_METHOD=scram-sha-256\nhost replication all 0.0.0.0/0 md5" --env "POSTGRES_PASSWORD=password" --net host postgres:14-alpine postgres -c wal_level=replica -c hot_standby=on -c max_wal_senders=10 -c max_replication_slots=10 -c hot_standby_feedback=on
Try the latest version
vyos@r4# set container name test-postgres-master environment POSTGRES_HOST_AUTH_METHOD value 'scram-sha-256\nhost replication all 0.0.0.0/0 md5' [edit] vyos@r4# commit [edit] vyos@r4# run show container CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 75a7fb610b57 localhost/gobgp-new:1 3 weeks ago Created new fdb74e9700e5 docker.io/library/alpine:3.19 /bin/sh 47 minutes ago Up 47 minutes c1 c05806fdb92c docker.io/library/busybox:latest sh 39 minutes ago Up 39 minutes c2 1b5fc3d4a07b docker.io/library/postgres:14-alpine postgres -c wal_l... 24 seconds ago Up 25 seconds test-postgres-master [edit] vyos@r4# run show ver Version: VyOS 1.5-rolling-202404140022 Release train: current
Did you try another image (not hello-world)?
Tested on VyOS 1.5-rolling-202404140022
Apachez, the QOS-MAPPING is FROM:TO, which means egress-priority 0 will be mapped to 2, egress-priority 2 will be mapped to 3. In my case i need only 0:3 or 0:5 on vif-s or vif-c because priority 0 is used by default for iperf application. Hope this helps for your understanding...
How is this supposed to work?
Viacheslav, YES it works, THANK YOU so much, now it's possible to set the priority on vif-c and vif-s. This is a great step forward to have this opportunity in my lab.
Now i have two questions:
-Is there a possibility to make the setting permanent ?
-And do you think, someone in the community is willing to implement a command/parameter to configure the priority on vif-c and vif-s also CLI ?. As i wrote I would pay for this implementation so everyone in the community can use this feature in VyOS.
Does it work?
vyos@r4:~$ sudo cat /proc/net/vlan/eth2.100.200 eth2.100.200 VID: 200 REORDER_HDR: 1 dev->priv_flags: 81121 total frames received 0 total bytes received 0 Broadcast/Multicast Rcvd 0
@dmbaturin hope you don't mind but this looked like a good task for a beginner and with it being low priority thought I'd give it a go.
can we also include this change into sagitta epa3?
Will a migrationsscript be included so that users who used the default of:
Will a migrationsscript be included so that users who used the default of:
Apr 13 2024
The priorisation for data traffic on our DSLAM access network is based on 802.1q because this are mainly Layer2 devices. The network between the DSLAMs prioritize also the data traffic based on 802.1q header. At the moment we need Layer2 ethernet tester which allow us to set the COS bit (0-7) on vif and vif-c+vif-s to measure the QoS through the network. The reason for my request was, to ask some VyOS community member, if this would be possible with VyOS + iperf like we do it today with the Layer2 ethernet tester.
Thanks for the quick fix! I intentionally messed with the file ownership and can confirm that VyOS 1.5-rolling-202404130016 will correct them to the proper values.
You can do the QoS priority on the VyOS by matching the traffic based on VLAN ID and then set the DSCP (TOS) using "set-dscp" according to the manuals below:
Yes, we want to configure the QoS priority "three bits" of the 802.1p field. In our lab the packet forwarding is based on 802.1q priority.
https://en.wikipedia.org/wiki/IEEE_802.1Q
You mean you want QoS based on VLAN which is named 802.1p ?
There is also an inactivity timer in systemd-logind, but this will log you out even while running e.g. htop and just watching - I wonder if that's the preferred way :/
Link to forum thread: https://forum.vyos.io/t/output-similar-to-packet-tracer/
Apr 12 2024
No, this isn't required in 1.4, the script I was using isn't compatible with nftables and the built in support for GeoLocation enabled services is a better solution.
This one can be closed as well, thanks.
Close it as we have nftables flowtable fastpath which works pretty good.
Reopen if required or if you have other ideas.
Thanks
Looks working
We'll backport it to 1.4 when it's done.