Assuming T3356 can be backported to equuleus, this fix will not be needed.
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Mar 12 2021
Mar 12 2021
GitHub <noreply@github.com> committed rVYOSONEXca08d8dc51ef: Merge pull request #769 from jack9603301/T2518 (authored by c-po).
Unknown Object (User) updated the task description for T3405: PPPoE server unit-cache.
Unknown Object (User) claimed T3405: PPPoE server unit-cache.
Unknown Object (User) created T3405: PPPoE server unit-cache.
After a while, I may consider how to provide the operation mode command for nat66
Specifically, to reproduce the issue - you need to make the changes in the configuration file - and use load /config/xxx
I use set. Then commit and "save" the configuration and reboot the server.
Unknown Object (User) created T3403: Error on interrupting list of pppoe sessions.
Did you use set commands - or did you use load ...? Its regularly/easily produced here.
I can't reproduce it.
vyos@1.1.8:~$ show interfaces
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
bond0 - u/u
bond0.11 10.0.11.1/24 u/u
100.64.11.1/29
bond0.12 10.0.12.1/24 u/u
100.64.12.1/29
bond0.13 10.0.13.1/24 u/u
100.64.13.1/29
bond0.14 10.0.14.1/24 u/u
100.64.14.1/29
bond0.15 10.0.15.1/24 u/u
100.64.15.1/29
bond0.16 10.0.16.1/24 u/u
100.64.16.1/29
bond0.17 10.0.17.1/24 u/u
100.64.17.1/29
bond0.18 10.0.18.1/24 u/u
100.64.18.1/29
bond0.19 10.0.19.1/24 u/u
100.64.19.1/29
bond0.20 10.0.20.1/24 u/u
100.64.20.1/29
bond0.21 10.0.21.1/24 u/u
100.64.21.1/29
bond0.22 10.0.22.1/24 u/u
100.64.22.1/29
bond0.23 10.0.23.1/24 u/u
100.64.23.1/29
bond0.24 10.0.24.1/24 u/u
100.64.24.1/29
bond0.25 10.0.25.1/24 u/u
100.64.25.1/29
bond0.26 10.0.26.1/24 u/u
100.64.26.1/29
bond0.27 10.0.27.1/24 u/u
100.64.27.1/29
bond0.28 10.0.28.1/24 u/u
100.64.28.1/29
bond0.29 10.0.29.1/24 u/u
100.64.29.1/29
bond0.30 10.0.30.1/24 u/u
100.64.30.1/29
eth0 192.168.122.14/24 u/u
eth1 - u/u
lo 127.0.0.1/8 u/u
::1/128
vyos@1.1.8:~$
vyos@1.1.8:~$
vyos@1.1.8:~$ show vrrp
Name Interface VRID State Last Transition
------ ----------- ------ ------- -----------------
BND011 bond0.11 11 MASTER 2m13s
BND012 bond0.12 12 MASTER 2m13s
BND013 bond0.13 13 MASTER 2m13s
BND014 bond0.14 14 MASTER 2m13s
BND015 bond0.15 15 MASTER 2m13s
BND016 bond0.16 16 MASTER 2m13s
BND017 bond0.17 17 MASTER 2m13s
BND018 bond0.18 18 MASTER 2m13s
BND019 bond0.19 19 MASTER 2m13s
BND020 bond0.20 20 MASTER 2m13s
BND021 bond0.21 21 MASTER 2m13s
BND022 bond0.22 22 MASTER 2m13s
BND023 bond0.23 23 MASTER 2m13s
BND024 bond0.24 24 MASTER 2m13s
BND025 bond0.25 25 MASTER 2m13s
BND026 bond0.26 26 MASTER 2m13s
BND027 bond0.27 27 MASTER 2m13s
BND028 bond0.28 28 MASTER 2m13s
BND029 bond0.29 29 MASTER 2m13s
BND030 bond0.30 30 MASTER 2m13s
vyos@1.1.8:~$Needs to migrate "maximum-paths" to afi and add ipv6 (1.3)
vyos@r1.3# set protocols bgp 65001 maximum-paths Possible completions: ebgp Maximum ebgp multipaths ibgp Maximum ibgp multipaths
GitHub <noreply@github.com> committed rVYOSONEX8262556dd809: Merge pull request #767 from erkin/current (authored by c-po).
Mar 11 2021
Mar 11 2021
zsdc edited a custom field on T905: The command show remote-config does not work for remote-platform openvpn.
zsdc changed the status of T905: The command show remote-config does not work for remote-platform openvpn from Open to Confirmed.
Still does not work in 1.4-rolling-202102060218
Moving tunnels between bridges works well in:
1.3-beta-202103110443
1.4-rolling-202102060218
Unknown Object (User) edited a custom field on T486: Static IPv6 default route via OSPFv3-learned loopback is not activated.
Unknown Object (User) changed the subtype of T486: Static IPv6 default route via OSPFv3-learned loopback is not activated from "Task" to "Bug".
stepler changed the status of T3395: WAN load-balancing fails with nexthop dhcp from Resolved to Unknown Status.
Viacheslav changed the status of T3395: WAN load-balancing fails with nexthop dhcp from Unknown Status to Resolved.
Both UEFI and MBR boot modes are supported currently.
As a replacement for keys from Microsoft, it is possible to use our keys and ask users to install CA into a MOK database.
Unknown Object (User) added a comment to T3242: PPPoE Server overhead on virtual interfaces creation.
Fresh SNMP Daemon has some option which might be helpful
https://manpages.debian.org/unstable/snmpd/snmpd.conf.5.en.html
ifmib_max_num_ifaces NUM
zsdc edited a custom field on T842: Adopt VyOS CLI to latest StrongSwan options and deprecated Keywords.
c-po changed the status of T2271: OSPF: add per VRF instance support, a subtask of T2175: Rewriting all FRR processes allow for reloading and to XML/Python style, from Blocked to In progress.
c-po changed the status of T2271: OSPF: add per VRF instance support, a subtask of T3344: Per VRF dynamic routing support, from Blocked to In progress.
c-po moved T2927: isc-dhcpd release and expiry events never execute from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.7) board.
c-po moved T2927: isc-dhcpd release and expiry events never execute from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2927: isc-dhcpd release and expiry events never execute from Open to Finished on the VyOS 1.4 Sagitta board.
c-po added a project to T2927: isc-dhcpd release and expiry events never execute: VyOS 1.2 Crux (VyOS 1.2.7).
zsdc edited a custom field on T786: new style xml and conf-mode scripts: posibillity to add tagNode value as parameter to conf-script.
Same issue. I'm happy to send my config file (not publically) for further debug if that'll help?
zsdc changed the status of T763: Wireless hw_mode=a with ACS , not working from Open to Needs testing.
Most likely this should be done (after firewall rewrite) as jump statements.
Kernel related part is located here: https://github.com/vyos/vyos-build/tree/current/packages/linux-kernel
The rest is here: https://docs.vyos.io/en/latest/contributing/build-vyos.html
zsdc edited a custom field on T738: Add local-port and resolver port options for powerdns in CLI configuration tree.
The idea stays actual, but unfortunately, it needs now to be rewritten according to the new config implementation.
zsdc edited a custom field on T695: Address-group commits with duplicate, but fails when adding rule later..
olofl added a comment to T1753: Configuring `ip source-validation loose` doesn't properly configure `sysctl`.
just tested - 1.2.6-S1 - it is still working as described by ciprian.craciun
zsdc edited a custom field on T688: Move component versions used for config migration purposes into vyos-1x.
zsdc edited a custom field on T685: Python environment lacks definition of vyos_libexec_dir when calling os.system().
zsdc edited a custom field on T521: Network services may fail if vyatta-router.service startup takes longer than a few seconds.
As a workaround, we can replace https://github.com/vyos/vyos-1x/blob/f892294239101aecc21a45629eb1d10bd89fba0b/python/vyos/ifconfig/vrrp.py#L95 to
from vyos.util import cmd
cmd(f'sudo kill -s {cls._signal[what]} {pid}')And get JSON values
vyos@r-roll01:~$ sudo cat /tmp/keepalived.json
[ { "data": { "iname": "test", "dont_track_primary": 0, "skip_check_adv_addr": 0, "strict_mode": 0, "vmac_ifname": "eth1v1", "track_ifp": [ ], "track_script": [ ], "ifp_ifname": "eth1v1", "master_priority": 100, "last_transition": 1615454936.7267461, "garp_delay": 5, "garp_refresh": 0, "garp_rep": 5, "garp_refresh_rep": 1, "garp_lower_prio_delay": 5, "garp_lower_prio_rep": 5, "lower_prio_no_advert": 0, "higher_prio_send_advert": 0, "vrid": 1, "base_priority": 100, "effective_priority": 100, "vipset": true, "vips": [ "172.20.110.111", "172.20.110.15" ], "evips": [ ], "promote_secondaries": false, "vroutes": [ ], "vrules": [ ], "adver_int": 1, "master_adver_int": 1, "accept": 1, "nopreempt": false, "preempt_delay": 0, "state": 2, "wantstate": 2, "version": 2, "smtp_alert": false, "auth_type": 0 }, "stats": { "advert_rcvd": 983, "advert_sent": 10535, "become_master": 1, "release_master": 0, "packet_len_err": 0, "advert_interval_err": 0, "ip_ttl_err": 0, "invalid_type_rcvd": 0, "addr_list_err": 0, "invalid_authtype": 0, "authtype_mismatch": 0, "auth_failure": 0, "pri_zero_rcvd": 2, "pri_zero_sent": 0 } } ]Or more readable:
{
"data":{
"iname":"test",
"dont_track_primary":0,
"skip_check_adv_addr":0,
"strict_mode":0,
"vmac_ifname":"eth1v1",
"track_ifp":[Unknown Object (User) added a comment to T3242: PPPoE Server overhead on virtual interfaces creation.
Configured SNMP also add impact
top - 12:51:59 up 3:25, 2 users, load average: 1.35, 0.70, 0.28 Tasks: 214 total, 2 running, 210 sleeping, 2 stopped, 0 zombie %Cpu0 : 0.0 us, 0.0 sy, 0.0 ni, 99.7 id, 0.0 wa, 0.0 hi, 0.3 si, 0.0 st %Cpu1 : 22.6 us, 77.4 sy, 0.0 ni, 0.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st %Cpu2 : 0.0 us, 0.3 sy, 0.0 ni, 99.7 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st %Cpu3 : 0.0 us, 0.0 sy, 0.0 ni,100.0 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st MiB Mem : 9972.9 total, 6710.1 free, 2044.5 used, 1218.3 buff/cache MiB Swap: 0.0 total, 0.0 free, 0.0 used. 7195.8 avail Mem
jack9603301 triaged T3305: Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot as High priority.
I don't seem to see the obvious problem (maybe I don't understand what you're referring to), assuming there is a problem and this is also an issue introduced by third party system components, maybe you should go upstream with feedback
VRRP return always [] <= nodata
https://github.com/vyos/vyos-1x/blob/f892294239101aecc21a45629eb1d10bd89fba0b/src/op_mode/show_interfaces.py#L68
Maybe don't have permissions to kill PID https://github.com/vyos/vyos-1x/blob/f892294239101aecc21a45629eb1d10bd89fba0b/python/vyos/ifconfig/vrrp.py#L95
Viacheslav added a project to T3395: WAN load-balancing fails with nexthop dhcp: VyOS 1.2 Crux (VyOS 1.2.7).
The same bug with 1.2.7-epa1
set interfaces dummy dum0 set interfaces ethernet eth1 address dhcp set load-balancing wan interface-health eth1 nexthop dhcp set load-balancing wan rule 1 inbound-interface dum0 set load-balancing wan rule 1 interface eth1 commit
Status
vyos@r2-1.2.7-epa1:~$ show wan-load-balance
Interface: eth1
Status: active
Last Status Change: Thu Mar 11 09:31:54 2021
+Test: ping Target:
Last Interface Success: 0s
Last Interface Failure: 2m35s
# Interface Failure(s): 0mpueschel added a comment to T3399: RPKI: dashes in hostnames are replaced with underscores when rendering the FRR config.
@Viacheslav can confirm, issue is fixed in VyOS 1.3-beta-202103110443
jack9603301 moved T3305: Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot from Open to Finished on the VyOS 1.4 Sagitta board.
jack9603301 closed T3305: Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot as Resolved.
jack9603301 added a comment to T3305: Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot.
Now the problem should be solved
Viacheslav added a comment to T3396: syslog can't be configured with an ipv6 literal destination in 1.2.x.
Fixed in VyOS 1.4-rolling-202103110218
set system syslog global facility all level 'info' set system syslog global facility protocols level 'debug' set system syslog host 192.168.122.1 facility all level 'all' set system syslog host 192.168.122.1 port '514' set system syslog host 2001:db8::2 facility all level 'all' set system syslog host 2001:db8::3 facility all level 'all' set system syslog host 2001:db8::3 port '514' set system syslog host 2001:db8::4 facility all level 'all' set system syslog host 2001:db8::4 port '514'
Viacheslav moved T3396: syslog can't be configured with an ipv6 literal destination in 1.2.x from Open to Backport Candidates on the VyOS 1.4 Sagitta board.
Sure thing, I'll try it again tomorrow.
I can't reproduce it. Updated successfully. from 1.2.6-s1 to 1.2.7-epa1
Viacheslav closed T3399: RPKI: dashes in hostnames are replaced with underscores when rendering the FRR config as Resolved.
Fixed VyOS 1.3-beta-202103110443
set protocols rpki cache rtr-ham1.mhl-lab.net port '3323' set protocols rpki cache rtr-ham1.mhl-lab.net preference '2'
GitHub <noreply@github.com> committed rVYOSONEX2c97f23ae84a: Merge pull request #766 from erkin/current (authored by c-po).
MD5 checksums are generated by Packer at build time (configured in vyos-build). We can switch to SHA256 or SHA512 (which Packer supports) although it seems redundant when the install script also fetches SHA256 sum file (guessed by the ISO URL) and compares against that. I'd say configuring Packer to use SHA256 and omitting SHA256 files from download directories altogether would be the cleanest solution.
jack9603301 added a comment to T3305: Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot.
Now, let's move the patch to 1.3
Mar 10 2021
Mar 10 2021
Curl should only need the private key, since it will extract the public key from it on demand. In any case the private key should probably be password protected and then you'd need some way of prompting for the password and provide it to curl using the --pass parameter.
Is there anything else I can do to help debug this issue?
Viacheslav edited a custom field on T3305: Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot.
Viacheslav changed the status of T3305: Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot from Open to Needs testing.
One solution that I see, uses vif/svlan/cvlan.