I also agree that the "default" stripping-behaviour should definitely be rethought for certain parts of the config. For example: the full public-key gets shown of the wireguard-peers on interfaces.

PR https://github.com/vyos/vyos-1x/pull/3466

vyos@r4:~$ show nat cgnat allocation 
Internal IP    External IP      Port range
-------------  ---------------  ------------
100.64.0.0     192.168.122.222  1024-3023
100.64.0.1     192.168.122.222  3024-5023
100.64.0.2     192.168.122.222  5024-7023
100.64.0.3     192.168.122.222  7024-9023
100.64.0.4     192.168.122.222  9024-11023
100.64.0.5     192.168.122.222  11024-13023
100.64.0.6     192.168.122.222  13024-15023
100.64.0.7     192.168.122.222  15024-17023
100.64.0.8     192.168.122.222  17024-19023
100.64.0.9     192.168.122.222  19024-21023
100.64.0.10    192.168.122.222  21024-23023
100.64.0.11    192.168.122.222  23024-25023
100.64.0.12    192.168.122.222  25024-27023
100.64.0.13    192.168.122.222  27024-29023
100.64.0.14    192.168.122.222  29024-31023
100.64.0.15    192.168.122.222  31024-33023
vyos@r4:~$

PR https://github.com/vyos/vyos-1x/pull/3464

set nat cgnat pool external ext1 external-port-range '1024-65535'
set nat cgnat pool external ext1 per-user-limit port '2000'
set nat cgnat pool external ext1 range 192.168.122.222/32
set nat cgnat pool internal int1 range '100.64.0.0/28'
set nat cgnat rule 10 source pool 'fake-pool'
set nat cgnat rule 10 translation pool 'ext1'

I think a warning is better than to block it from being set, specially since the workaround to load it through already existing config still remains.

PR https://github.com/vyos/vyos-1x/pull/3463

sorry for the late reply.You don't need any special commands. The only thing you have to set is the proxy and the commit archive.

@molocho see the tasks T5301 T5154 and https://chrony-project.org/doc/4.3/chrony.conf.html#bindaddress

IMO it would make sense to show the DUID since that has to be passed for static mappings and is also configured on the client side

https://github.com/vyos/vyos-build/pull/624

@thannaske it would be very nice if you could re-check now this with VyOS 1.5. It should be fixed by https://github.com/vyos/vyos-cloud-init/commit/70304ff90d931265cb736ace692967242c9b9729

Question as I don’t know the projects’ history: the Python ipaddress library seems to offer the features of ipaddrcheck plus some additional nice to haves. Is a migration from ipaddrcheck to ipaddress being considered?

This expected behavior due to change from ntpd to chrony
@rob needs to update documentation for 1.4 to reflect changes

Believe this task can be closed the PRs for Sagitta and Current were merged:
Merged PR in Current: https://github.com/vyos/vyos-1x/pull/3307
Merged PR in Sagitta: https://github.com/vyos/vyos-1x/pull/3395

PR: https://github.com/vyos/vyos-1x/pull/3458

Note that T5996 has been backported and a full explanation is to be found in the previous comment. Close as resolved, with the needed workaround for earlier images.

Can I claim this? will submit a Draft PR for review, I have it resolved (see test output below)

This was a worthwhile investigation, with the goal of using Cython as a method of easily wrapping the standard netlink headers. Although workable, it appeared more trouble than it's worth, as one still has to cheat to navigate e.g. pass by reference (1), and limitations of Cython at the time (2). A much better approach would be a standard Python extension module ... set to 'on hold' for reference and until we have a plan for development, as has been recently discussed.

As c-po mentioned above, this was an interesting idea that was not workable; it was subsumed by the investigations in T3876.