Sure thing. Note my configuration contains some table maps that I have set up to route VPN traffic, and certain source IPs through specific interfaces. But there is no effect on the load-balancer when these sections are removed. Thank you.

Could you please provide full configuration or at least protocol section configuration?

GNS3 virtualization network verification passed

I will have a look as this was not supported by vyatta and therefore not added to the code when converted to python

Coming with a syntax which is not ultimately going to be as complex as the cli may be an impossible challenge. Changing the API to include in the XML what is path vs payload may indeed lead to indeed a better API tho. The example given use the word create in the path when REST would use POST.

The commit fails when the local-ip option is included only with the 6RD prefix options (without 6RD option, 6in4 tunnel is created). In the tunnel.py script, local value is not defined as result stack trace is received

PR: https://github.com/vyos/vyos-build/pull/116

PR Merged

PR: https://github.com/vyos/vyatta-cfg-system/pull/127

Container fixed, closing this ticket

The CI is now extended to build arm containers by default. they are also exported to dockerhub. closing this ticket

Discussion updated in PR 513.
https://github.com/vyos/vyos-1x/pull/513

This will be a oneliner in the new XML implementation. Just send PR

Reading the UBNT source code I see:

https://github.com/vyos/vyos-1x/pull/522

I find the above mentioned syntax to clumsy:

@srgabrieltelecon create please Pull Request.

I´ve used the version of the software: VyOS 1.3-rolling-202007300117.
As I´ve used GRE tunnels it does not simulates the same scenario reported, which uses pure IPsec. I will configure IPsec tunnels over physical interfaces and log the results here again.

I suspect this could be related to displaying a peer with a hostname that contains a dash, such as, "abc-peer12.dyndns.org." Or, possibly a string matching error getting thrown off by "AES_GCM_16_128/MODP_2048"

The IKE SA appears down in your second example?

vyos@HUB-2# sh vpn
ipsec {

esp-group MyESPGroup {
    proposal 1 {
        encryption aes256
        hash md5
    }
}
ike-group MyIKEGroup {
    proposal 1 {
        dh-group 2
        encryption aes256
        hash md5
    }
}
ipsec-interfaces {
    interface eth0.100
}
site-to-site {
    peer 169.254.100.1 {
        authentication {
            mode pre-shared-secret
            pre-shared-secret MYSECRETKEY
        }
        default-esp-group MyESPGroup
        ike-group MyIKEGroup
        local-address 169.254.100.6
        tunnel 20 {
            protocol gre
        }
    }
}

}
[edit]

I´ve configured a simple P-2P IPsec/GRE Tunnel and the command shows IKE and IPsec SAs UP:

Dependency and VRF support for tcptraceroute6 will be submitted in the next few days

I would have expected the output generated to be an OR of the validators or regexes and allow the output if any would have passed it

Before adding "<defaultValue>" it was working but not now.

Fixed, VyOS 1.3-rolling-202008040823

I wasn't trying to solve any specific issue. I was working on some other project, trying to use GCC as a preprocessor, the same way as it's used here, and ran into those obstacles I listed in the original description, which are present here too. I was made aware m4 is much more suitable to template processing than GCC as it was actually designed and made for it.
As for using any self-made code to do this, I have no problem with that as long as it's well known this is what is now used, is documented, and then an effort made to port all preprocessing to it. I see no sense using two or three different preprocessors.

Update document

Thank you for writing some testing code using the smoketest repository. It may take a few working days for anyone to come back to you.

SSH only supports "source-address" via its BindAddress option

smoketest for nptv6

Welcome! Thanks for beeing an early adopter / tester.

I am very happy to report that the issue id resolved. The router now boots up fully without intervention once again.

Completed!

Awesome! That's really quick turnaround! I'll give it a try when the newer build appears.

Unfortunately this is not possible with WIDE DHCPv6 client

I just started a new ISO build - should be done in 40 minutes!

I have consulted some documents of vyos about DNAT of IPv4, and I don't understand why there seems to be SNAT content in the DNAT IPv4 syntax of vyos, and what is the meaning of supporting the prefix format address setting of dsddr in DNAT syntax? Is there something wrong with me?

Use cases for sNPT testing

I can reproduce it with your supplied config on a fresh router - only on boot time. Will check it out. Thanks for the config.

Entering configure mode and then typing load and then commit brings everything up to what the config in config.boot specifies, and the running configuration shows the correct contents for eth1. It brings the router up to where it should have been at boot.

Let me spawn a fresh router and try again. The meatime, then you boot into thcomfiguration Error, please kog in, enter configure mode and type: load followed by commit and show the results. Thanks