Something's wrong with the filesystem; symlinks have been replaced by directories at the root:

Actually there is nothing that stops us from adding rules to netfilter referencing an interface that doesn't exist yet so this could be done at the time of interface and VRRP configuration rather than dynamically.

The problem with "ip" path

It gets DHCP address and removes it

Possible reason https://phabricator.vyos.net/rVYOSONEXff6afe62e801e570f6478decf2b4a813a5c0ee94
Need to check. T3300 T3392

This is an interesting use-case and will not work as of now.

Please try with the next rolling release - issue should be fixed

PR for saving configurations to /run/frr/{daemon}.conf
https://github.com/vyos/vyos-1x/pull/784

We have two problems here

• the execution here is yet not possible with vyos-configd
• also wihthout configd the routes are not always applied into FRR - still investigating

I can confirm:

In T3350#90321, @Viacheslav wrote:

Another solution it include "user" defined file for options
An example CLI

set interfaces openvpn vtun10 openvpn-option-include '/config/openvpn/included.conf'

diff --git a/data/templates/openvpn/server.conf.tmpl b/data/templates/openvpn/server.conf.tmpl
index 79288e40..bcc88c09 100644
--- a/data/templates/openvpn/server.conf.tmpl
+++ b/data/templates/openvpn/server.conf.tmpl
@@ -288,3 +288,8 @@ compat-names
 {%     endfor %}
 {%   endfor %}
 {% endif %}
+
+# Include file for configuration options
+{% if openvpn_option_include is defined and openvpn_option_include is not none %}
+config {{ openvpn_option_include }}
+{% endif %}
diff --git a/interface-definitions/interfaces-openvpn.xml.in b/interface-definitions/interfaces-openvpn.xml.in
index effbdd67..2cba59af 100644
--- a/interface-definitions/interfaces-openvpn.xml.in
+++ b/interface-definitions/interfaces-openvpn.xml.in
@@ -314,6 +314,14 @@
               <multi/>
             </properties>
           </leafNode>
+          <leafNode name="openvpn-option-include">
+            <properties>
+              <help>Additional OpenVPN file configuration. You must
+                use the syntax of openvpn.conf in this file. Using this
+                without proper knowledge may result in a crashed OpenVPN server.
+                Check system log to look for errors.</help>
+            </properties>
+          </leafNode>
           <leafNode name="persistent-tunnel">

Yes, I made mistake when adding the command to the ticket and I corrected it now. It should read:

Something wrong in your configuration

PR: https://github.com/vyos/vyos-1x/pull/783

Fixed in the latest version:1.4-rolling-202103230217

PR: https://github.com/vyos/vyos-build/pull/153

I'm not really sure what the issue is. I can narrow it down to this:

Can you share more examples/configs?
How can we reproduce it?

@Asteroza With Vyos, any service should be turned off by default unless it is explicitly configured by the user

This affects downstream clients as well

There are genuine use cases, especially for small/home networks. But UPnP is a literal minefield of problems, and on top of that has had some serious security issues in the past due to fundamental design. If you were going to do this, I would want it off by default.

@Viacheslav The issue persists in vyos-1.3.0-rc2-amd64.iso

The root of the problem here is changed place for custom options and the ability to configure options that should be applied differently, depending on the place. In other words, "Additional OpenVPN options" becomes "Additional OpenVPN options. You must use the syntax of openvpn.conf in this text-field", but actually these variants are not fully equal and cannot be converted directly.

@francis try please vyos-1.3.0-rc2-amd64.iso
https://community.vyos.net/get/snapshots/

Another solution it include "user" defined file for options
An example CLI

set interfaces openvpn vtun10 openvpn-option-include '/config/openvpn/included.conf'

@c-po, you cherry-picked the wrong commit: equuleus needs the fix from current, not crux.

In T3418#90244, @c-po wrote:

The first error is related to T2759 and can be ignored.

For the second one, can you please provide your full BGP config by pasting the content of show configuration commands | match bgp\|policy

Post the migration of the script from /opt/vyatta/bin/vyos-strip-config.pl to /usr/libexec/vyos/strip-private.py, the strip-private seems to be not working when the ipv6 address is configured to an interface.

@jack9603301 It is not a matter of different codes, but rather what python libraries have been provided so far: the focus has been on abstracting the config session, in several directions, and previously there had not been a use case for reading config settings from op mode.