I have ntp listening in vrf mgmt, note that i have not set vrf bind-to-all.
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Oct 21 2020
Oct 21 2020
jestabro changed the status of T3004: ConfigSession should (optionally) use config load script from Open to Needs testing.
jestabro changed the status of T3004: ConfigSession should (optionally) use config load script, a subtask of T3003: Extend smoketest framework to allow loading an arbitrary config file, from Open to Needs testing.
Unknown Object (User) added a comment to T2631: l2tp, sstp, pptp add option to disable radius accounting.
@Viacheslav if we set acct-port=0 it should to disable accounting.
[radius] server=x.x.x.x,secret,auth-port=1812,acct-port=0
@Dmitry Your suggestions? Is it possible?
What parameter do we need to change?
We need to check what's going on here https://github.com/vyos/vyatta-cfg/blob/current/etc/bash_completion.d/vyatta-cfg#L930-L962
Viacheslav added a comment to T2977: Permissions Denied doing "show conntrack-sync status" on backup router.
Will be fixed in the new LTS release.
@jack9603301 I tried building jool into the VyOS image but because their deb packages uses DKMS which is not compatible with VyOS so somebody has to create a VyOS specific deb package.
Magnum added a comment to T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.
Also, while setting up test for T2906:
No problem
Magnum added a comment to T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.
I can see why the smoketests pass. They only check if the interface has been removed from the config - not the system.
Possible bug with "admin_state"
Viacheslav added a comment to T2977: Permissions Denied doing "show conntrack-sync status" on backup router.
@tjh can you edit one file?
pasik added a comment to T2977: Permissions Denied doing "show conntrack-sync status" on backup router.
Did this work earlier in previous releases? is this a regression in 1.2.6-S1 ?
Alfa80 updated the task description for T2997: DHCP: disallow/do-not-request certain options when requesting IP address from server.
@c-po What do you propose?
It has passed the GNS test, and the test cases are as follows:
Viacheslav closed T2828: BGP conf_mode error enforce-first-as, a subtask of T2174: Rewrite protocol BGP to new XML/Python style, as Resolved.
@banditos13 can you send a link to the file, which you suggest to fix, or create PR?
Viacheslav changed the status of T2944: NTP by default listen on any address/interface from Open to Needs testing.
Alfa80 updated the task description for T2997: DHCP: disallow/do-not-request certain options when requesting IP address from server.
Do we need it for "crux"?
This does not affect the work of VPN service.
@Magnum Can you test it?
@Cheeze_It thank you for testing.
Oct 20 2020
Oct 20 2020
Here is the test for the LDP session time change.
Here is the test for Explicit Null.
jestabro triaged T3004: ConfigSession should (optionally) use config load script as Normal priority.
Everything seems to be good. Closing case.
jestabro triaged T3003: Extend smoketest framework to allow loading an arbitrary config file as Normal priority.
Simple R1&R2
R2 will have low priority in HA and other ip-adresses in the same subnet
Thanks @Viacheslav; I'm running other tests with vyos-load-config at the moment, and will check and add.
Can you provide a simple config of R1 R3 and R4?
I want to reproduce it in the test lab.
I cannot check rolling release, but on latest 1.2.6 problem is solved.
What content of "conf-path" ?
Which files in /config/tinc0/hosts ?
Hello everyone, I am integrating tinc. At present, I have passed the basic test in a simple virtual machine. The command line is simplified. Examples are as follows:
Unknown Object (User) closed T2984: (igb, ixgbe) HW queues applied only for the first 2 interfaces as Unknown Status.
Viacheslav closed T2987: VxLAN not working properly after upgrading to latest October build and with a new installation as Resolved.
Thank you.
Reopen the task or create a new one if you find some problems.
tom.siewert added a comment to T2987: VxLAN not working properly after upgrading to latest October build and with a new installation.
I have investigated it now a bit deeper and found out that this router got migrated to VRF automatically (Our deployment stack automatically migrates upgraded/new deployed routers to VRF usage for OOB/VxLAN communication).
I think it some code like
Submitted second PR
Many thanks!
Asteroza added a comment to T2997: DHCP: disallow/do-not-request certain options when requesting IP address from server.
I can see a case where people deliberately do NOT want to use ISP provided DNS servers (to avoid DNS NX hijacking) (and/or lock to a major internet DNS server like google 8.8.8.8 or Quad9 9.9.9.9 or Cloudflare 1.1.1.1 for example)
Oct 19 2020
Oct 19 2020
Alfa80 added a comment to T2997: DHCP: disallow/do-not-request certain options when requesting IP address from server.
This is an example scenario in which this comes handy:
You have three ethernet interfaces
Two are connected to different LANs
The third is connected to WAN (another router)
All networks offer DHCP and def gw
The LANs offer it for internet access
The WAN offers it for branch access
We want to keep def gw received for WAN and ignore internet access offered by those LANs
@Merijn Can you check the latest rolling?
Or write please which commands do you use?
@lbv2rus Can you try the latest rolling release?
c-po closed T3000: Mismatch between "prefix-length" and "preference" in dhcp6-server syntax as Resolved.
c-po renamed T2994: Migrate OpenVPN interfaces to get_config_dict() syntax from Migrate OpenVPN interfaces got get_config_dict() syntax to Migrate OpenVPN interfaces to get_config_dict() syntax.
c-po added a comment to T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.
Unfortunately I can not reproduce this issue on my test system and also our smoketests (https://github.com/vyos/vyos-1x/blob/current/smoketest/scripts/cli/test_interfaces_openvpn.py) do not trigger the bug when run locally on the VyOS device by calling:
@Gunni can you check the latest rolling?
@Dmitry
set interfaces ethernet eth1 address 2001:db8::2/64 set interfaces l2tpv3 l2tpeth1010 address '192.168.37.2/27' set interfaces l2tpv3 l2tpeth1010 encapsulation 'ip' set interfaces l2tpv3 l2tpeth1010 local-ip '2001:db8::2' set interfaces l2tpv3 l2tpeth1010 peer-session-id '100' set interfaces l2tpv3 l2tpeth1010 peer-tunnel-id '200' set interfaces l2tpv3 l2tpeth1010 remote-ip '2001:db8::1' set interfaces l2tpv3 l2tpeth1010 session-id '100' set interfaces l2tpv3 l2tpeth1010 tunnel-id '200'
vyos@r4-roll# run show version
c-po added a comment to T2997: DHCP: disallow/do-not-request certain options when requesting IP address from server.
Do other vendors suppert highjacking/altering of DHCP options? I feel this kills the whole concept of DHCP.
@jjcordon can you test the latest rolling?
Alfa80 updated the task description for T2997: DHCP: disallow/do-not-request certain options when requesting IP address from server.
Alfa80 updated the task description for T2997: DHCP: disallow/do-not-request certain options when requesting IP address from server.
Alfa80 updated the task description for T2997: DHCP: disallow/do-not-request certain options when requesting IP address from server.
Alfa80 updated the task description for T2997: DHCP: disallow/do-not-request certain options when requesting IP address from server.
Unknown Object (User) changed the status of T2883: op-mode reset vpn command shows wrong completion from Open to In progress.
It looks like this works, but when we don't have any connected user, it listed the current directory file
vyos@RTR1:~$ touch 1.txt vyos@RTR1:~$ reset vpn remote-access user <tab> Possible completions: 1.txt Terminate specified user's current remote access VPN session(s)
After a user connected, all works properly
vyos@RTR1:~$ reset vpn remote-access user <tab> Possible completions: test1 Terminate specified user's current remote access VPN session(s)
@D0peX Can you check the latest rolling?
Viacheslav closed T752: Add an option to disable IPv4 forwarding on specific interface only as Resolved.
Works as expected.