Also both to IPv4 and IPv6 per applicable vyos adjust-mss options.
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Wed, Jan 21
Wed, Jan 21
Firefishy added a comment to T8196: MTU adjust-mss currently only modifying TCP SYN MSS in single direction.
SrividyaA triaged T8195: "restart ipsec" command does not reinitiate the ipsec connection in DMVPN setup as Normal priority.
Viacheslav changed the status of T8135: CVE-2025-68615: remote DoS in snmptrapd from Open to In progress.
In T7857#247986, @Viacheslav wrote:@patient0 could you confirm it works as expected?
Still under review in FRR, but merged as FRR patch in VyOS.
Done.
It was decided to roll back SNMP update, so fix is not needed.
Resolved with https://github.com/vyos/vyos-build/pull/1098
Tue, Jan 20
Tue, Jan 20
Viacheslav changed the status of T7703: DHCP default route lost in VRF when no static route defined from Open to Needs testing.
@dsg, could you re-check the latest rolling?
Viacheslav closed T7766: add support to receive multiple labels in BGP-LU - FRR feature! as Resolved.
@patient0 could you confirm it works as expected?
@peterablehmann It is not clear what you want in this task. Could you clarify?
Under local-role peer, the strict option is available.
vyos@r16# set vrf name net protocols bgp neighbor 11::5 local-role peer
Possible completions:
strict Neighbor must send this exact capability, otherwise a role
missmatch notification will be sentViacheslav moved T8145: LUKS Encryption Passphrase Observable from Need Triage to Completed on the VyOS Rolling board.
Viacheslav closed T8146: Confirm the key when config encryption is configured without TPM as Resolved.
Viacheslav closed T8138: Modifying firewall groups does not update dependent NAT66 nft rules as Resolved.
Viacheslav closed T8096: Normalize operational mode command names that use capital letters as Resolved.
Updated PR https://github.com/vyos/vyos-build/pull/1092
Viacheslav changed the status of T8190: Password for vyos user in Proxmox image always needs setting from Resolved to Invalid.
Viacheslav moved T7594: The `respond` connection-type in IPSec peer settings must be renamed to `trap` from Need Triage to Completed on the VyOS Rolling board.
Viacheslav changed the status of T8022: Do not assign dynamic prefix assignment mode to transport-mode IPsec tunnels from Open to In progress.
Should be fixed after merging https://github.com/vyos/vyos-1x/pull/4942
Mon, Jan 19
Mon, Jan 19
evgmol added a comment to T8152: Re-instate (vyos.vyos.vyos_command) module parameter support for answer, prompt.
New Playbook
dmbaturin updated the task description for T8193: Show a more descriptive error on trying to use non-existent build types.
dmbaturin renamed T8193: Show a more descriptive error on trying to use non-existent build types from Show a more descriptive error on trying to use non-existent build types and architectures to Show a more descriptive error on trying to use non-existent build types.
Thank you. I see my mistake now. When I read under step 3, "Optionally, the user can attach a CDROM with an ISO as a cloud-init data source", it left me with the impression this was *optional*—that skipping this would not cause problems. I didn't realize that it would mean no default username/password would be set.
If you use the official proxmox image, you have to use cloud-init to set login/pass for the proxmox flavors.
Feel free to improve the documentation.
Thanks.
What is the intended way to apply configuration to a newly created proxmox flavor instance? At the page I referenced, it doesn't give any indication how to login or add a configuration under the "deploy from qcow2" section. Under the deploy from rolling release, it does mention the normal default vyos/vyos credentials.
Viacheslav added a comment to T8165: Add operational commands to display PKI private keys and certificate bundles in PEM format.
We will get rid of this in the near future if we implement it now.
If we are focusing on the Common Criteria Profile for Network Devices, it is not accepted.
Needs to figure out in which form we can/should implement it if we want.
Viacheslav triaged T8189: Configuration of conntrackd PurgeTimeout at the vbash level as Normal priority.
Proxmox images don't use any default passwords.
You use this flavour incorrectly.
We should dissalow to configure PPPoE if we use XDP, XDP wasn't implemented for VPP/PPPoE
Viacheslav added a comment to T8191: Improve clarity of the Packets and Bytes column headings in the show firewall command output..
In my opinion the headers are correct.
It could be described in the documentation.
natali-rs1985 changed the status of T8188: VPP: DHCP client on an interface breaks its configuration, a subtask of T7070: VPP related bugs the root task, from Open to In progress.
natali-rs1985 changed the status of T8188: VPP: DHCP client on an interface breaks its configuration from Open to In progress.
Sun, Jan 18
Sun, Jan 18
n.sambajon updated the task description for T8191: Improve clarity of the Packets and Bytes column headings in the show firewall command output..
a.kudientsov added a parent task for T8192: VPP: pppoe server doesn't work with xdp driver: T7070: VPP related bugs the root task.
I can confirm it is now working on my system since https://github.com/vyos/vyos-1x/pull/4946
Sat, Jan 17
Sat, Jan 17
GitHub <noreply@github.com> committed rVYOSONEX0868f3dc7246: Merge pull request #4852 from scj643/ssh-fido2-options (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX240123722abf: Merge pull request #4946 from Firefishy/T8187-fix-watchdog-timeout-validation (authored by c-po).
c-po moved T8169: vrf: prevent deletion if instance referenced in PBR from Need Triage to Completed on the VyOS Rolling board.
evgmol updated subscribers of T8152: Re-instate (vyos.vyos.vyos_command) module parameter support for answer, prompt.
@nicolas Fort @Srividya Anantapatnaikuni here is the solution
Fri, Jan 16
Fri, Jan 16
As an update, I didn't realize originally but it seems I need to both the new VM once before the password reset option will work. If I go directly to it on first boot I get a message about no config.boot file and this not being a restore tool. Booting normally once seems to create the default config, then the password recovery option works from the serial interface.
bmtauer updated the task description for T8190: Password for vyos user in Proxmox image always needs setting.
GitHub <noreply@github.com> committed rVYOSONEX97e66dfd6dc9: Merge pull request #4944 from jestabro/add-completion-help-to-completion-env (authored by Viacheslav).
zsdc updated the task description for T8188: VPP: DHCP client on an interface breaks its configuration.
Viacheslav added a parent task for T8188: VPP: DHCP client on an interface breaks its configuration: T7070: VPP related bugs the root task.
jestabro added a comment to T8185: config.boot.default path inconsistency between cloud-init and build system causes flavor-defined configs to be ignored.
There is a straightforward solution here, which requires adjusting the image flavor build tools to respect the changes of https://vyos.dev/T6006, which resolved long-standing issues of migration and config initialization.
In short, after T6006:
- the file /usr/share/vyos/config.boot.defult is the build-time source of truth --- the flavor build system should install any flavor-defined config.boot.default at that location
- both /opt/vyatta/etc/config.boot.default and /opt/vyatta/etc/config/config.boot are installed on first boot, at different stages of gathering system-specific information in vyos-router (component version information, respectively, migration and activation updates)
Viacheslav triaged T8083: tacacs: nss_tacplus: buffer truncated due to size limitation as Normal priority.
GideonKuijt added a comment to T8040: vyos.vyos.vyos_config can't use templates anymore with ansible 2.19 and 2.20.
A workaround could be the following:
Old:
vyos_config: src: "templates/template.j2"
New:
vyos_config:
lines: "{{ lookup('template', 'templates/template.j2').splitlines() }}"Viacheslav closed T8170: VPP: 'show vpp ipfix' unhandled exception when vpp is not enabled, a subtask of T7070: VPP related bugs the root task, as Resolved.
Viacheslav closed T8170: VPP: 'show vpp ipfix' unhandled exception when vpp is not enabled as Resolved.
Viacheslav closed T7876: VPP: Increase allowable num-rx-desc limit for DPDK, a subtask of T7221: VPP related features the root task, as Resolved.
Viacheslav triaged T8166: Large prefix lists in config cause VyOS to fail to commit or compare as High priority.
Viacheslav triaged T8186: NetFlow commit fails due to ip6tables hook when version 5 is configured as High priority.
Viacheslav moved T8172: VPP: pppoe doesn't work with vpp in circinus from Open to Finished on the VyOS 1.5 Circinus board.
Viacheslav closed T8172: VPP: pppoe doesn't work with vpp in circinus, a subtask of T7070: VPP related bugs the root task, as Resolved.
Viacheslav changed the status of T8187: Hardware watchdog timeout validation fix - watchdog may report 0 min/max timeout if hardware limit is unknown from Open to In progress.