Page MenuHomeVyOS Platform
Feed Search

Search
Use Results
Hide Query

Jun 27 2021

Viacheslav added a project to T3627: Building Crux from Docker image failing: VyOS 1.2 Crux.
Jun 27 2021, 3:50 PM · VyOS 1.2 Crux, vyos-build

Jun 26 2021

Viacheslav changed the status of T3648: op-mode: nat rules broken from Open to Needs testing.
Jun 26 2021, 2:04 PM · VyOS 1.4 Sagitta

Jun 25 2021

Viacheslav assigned T3648: op-mode: nat rules broken to jack9603301.
Jun 25 2021, 8:49 PM · VyOS 1.4 Sagitta

Jun 24 2021

Viacheslav added a comment to T2661: SSTP wrong certificates check.

@Dmitry Is it an actual task? Code was rewritten.

Jun 24 2021, 8:38 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav closed T2722: get_config_dict() and key_mangling=('-', '_') will alter CLI data for tagNodes as Resolved.

Already fixed with "no_tag_node_value_mangle=True"
https://github.com/vyos/vyos-1x/blob/705eddbc7a2caf09c37ecafb27418a764217975a/python/vyos/config.py#L218

Jun 24 2021, 8:33 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a project to T2770: Allow any character to be used in the SNMP community field: VyOS 1.4 Sagitta.
Jun 24 2021, 8:17 PM · VyOS Rolling
Viacheslav added a project to T2778: Migrate "system syslog" to get_config_dict() to support new features: VyOS 1.4 Sagitta.
Jun 24 2021, 8:10 PM · VyOS 1.4 Sagitta
Viacheslav added a project to T2773: EIGRP support for VRF: VyOS 1.4 Sagitta.
Jun 24 2021, 8:10 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T2773: EIGRP support for VRF.

Eigrp in the FRR doesn't work correctly.
The routes still live even if neighbors in a shutdown state.

Jun 24 2021, 8:09 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T2771: BGP VPNv4 & VPNv6 Address Family Support.

@Cheeze_It can you re-check it?

Jun 24 2021, 8:04 PM · VyOS 1.3 Equuleus (1.3.5)
Viacheslav committed rVYOSONEX50a742b50bc0: IPSec: T3643: Fix path for swanctl.conf file.
Jun 24 2021, 5:00 PM
Viacheslav added a comment to T3640: Allow resetting Wireguard interface.

There is a link to the existing code for configuration mode, not pr.
So we can to add the op-mode function to re-add/reset with a similar logic. Only thoughts

Jun 24 2021, 11:02 AM

Jun 23 2021

Viacheslav added a comment to T3638: Passwords With Dollar Sign Set Incorrectly.

Not sure about double quotes, but for example for cloud-init configs, it is necessary to use single quotes.
Ideally, the configuration should look like in show configuration commands

Jun 23 2021, 6:51 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3640: Allow resetting Wireguard interface.

I think it will be enough to remove the peer and add again.
@hagbard what do you think?
https://github.com/vyos/vyos-1x/blob/d48dddab0509e562209adfb115b0e691b8e47f54/python/vyos/ifconfig/wireguard.py#L197

Jun 23 2021, 6:41 PM
Viacheslav added a project to T1877: Feature Request: Allow NAT to use network and address groups: VyOS 1.4 Sagitta.
Jun 23 2021, 5:06 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3643: show vpn ipsec sa doesn't show tunnels in "down" state.

PR https://github.com/vyos/vyos-1x/pull/897
Fix path for swanctl.conf file

Jun 23 2021, 3:20 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav closed T3646: ospfd logs inacessbile for user as Invalid.

@Harliff Try 1.2.7/1.3 it was fixed with commit https://github.com/vyos/vyos-build/pull/138/files#diff-c7d29a506307d9cf8d86c3cd3f65ca4e4058ea442cacdf9a89d2485b56c7417aR67
T2061

Jun 23 2021, 2:49 PM · vyos-frr, VyOS 1.2 Crux

Jun 22 2021

Viacheslav closed T3582: 'delete log file' does not work as Resolved.
Jun 22 2021, 4:23 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav edited projects for T3582: 'delete log file' does not work, added: VyOS 1.2 Crux (VyOS 1.2.8); removed VyOS 1.2 Crux (VyOS 1.2.7).
Jun 22 2021, 4:22 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav added a comment to T1790: OSPF Exchanged Routes marked as invalid when run through a GRE PTMP/PTP OSPF between peers .

@SquirePug Can you check 1.2.7 release?

Jun 22 2021, 3:51 PM
Viacheslav added a comment to T2892: Remove command: "set firewall options interface <interface> disable".

I don't see the reason to delete the "disable" option, as it uses for adjust-mss and adjust-mss6.
And you need temporarily disable it.

Jun 22 2021, 1:03 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav changed the status of T3636: SSTP / L2TP ipv6 support broken from Open to Needs testing.
Jun 22 2021, 12:56 PM · VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEXb6d2abba08ef: sstp-l2tp: T3636: Add ipv6 options.
Jun 22 2021, 12:54 PM
Viacheslav reassigned T3629: IPoE server shifting address in the range from Viacheslav to Unknown Object (User).
Jun 22 2021, 12:46 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav closed T3629: IPoE server shifting address in the range as Resolved.
Jun 22 2021, 12:45 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T3636: SSTP / L2TP ipv6 support broken.

PR https://github.com/vyos/vyos-1x/pull/895

Jun 22 2021, 12:27 PM · VyOS 1.4 Sagitta
Viacheslav assigned T3643: show vpn ipsec sa doesn't show tunnels in "down" state to sarthurdev.
Jun 22 2021, 10:59 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T3638: Passwords With Dollar Sign Set Incorrectly.

Try to set single quotes.

Jun 22 2021, 10:13 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3643: show vpn ipsec sa doesn't show tunnels in "down" state.

Different format

vyos@r1-roll:~$ show vpn ipsec sa
Connection                State    Uptime    Bytes In/Out    Packets In/Out    Remote address    Remote ID    Proposal
------------------------  -------  --------  --------------  ----------------  ----------------  -----------  ----------
peer_192-0-2-2_tunnel_1   down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_10  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_11  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_12  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_13  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_14  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_15  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_16  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_17  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_18  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_19  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_2   down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_20  down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_3   down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_4   down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_5   down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_6   down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_7   down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_8   down     N/A       N/A             N/A               N/A               N/A          N/A
peer_192-0-2-2_tunnel_9   down     N/A       N/A             N/A               N/A               N/A          N/A
vyos@r1-roll:~$
Jun 22 2021, 10:07 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Jun 21 2021

Viacheslav added a subtask for T2816: Rewrite IPsec scripts with the new XML/Python approach: T3643: show vpn ipsec sa doesn't show tunnels in "down" state.
Jun 21 2021, 8:57 PM · VyOS 1.4 Sagitta
Viacheslav added a parent task for T3643: show vpn ipsec sa doesn't show tunnels in "down" state: T2816: Rewrite IPsec scripts with the new XML/Python approach.
Jun 21 2021, 8:57 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav updated the task description for T3643: show vpn ipsec sa doesn't show tunnels in "down" state.
Jun 21 2021, 8:56 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a project to T3636: SSTP / L2TP ipv6 support broken: VyOS 1.4 Sagitta.
Jun 21 2021, 8:50 PM · VyOS 1.4 Sagitta
Viacheslav changed the subtype of T3636: SSTP / L2TP ipv6 support broken from "Bug" to "Feature Request".
Jun 21 2021, 8:50 PM · VyOS 1.4 Sagitta
Viacheslav renamed T3643: show vpn ipsec sa doesn't show tunnels in "down" state from show vpn ipsec sa doesn't show tunnel in "down" state to show vpn ipsec sa doesn't show tunnels in "down" state.
Jun 21 2021, 8:47 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav created T3643: show vpn ipsec sa doesn't show tunnels in "down" state.
Jun 21 2021, 8:46 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a subtask for T2799: VyOS Certificates Manager: T3642: PKI configuration.
Jun 21 2021, 6:08 PM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav added a parent task for T3642: PKI configuration: T2799: VyOS Certificates Manager.
Jun 21 2021, 6:08 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
Viacheslav added a comment to T3640: Allow resetting Wireguard interface.

We don't use any configuration file for it, so I think we can't use wg-quick
We use "wg set"

$ sudo wg set --help
Usage: wg set <interface> [listen-port <port>] [fwmark <mark>] [private-key <file path>] [peer <base64 public key> [remove] [preshared-key <file path>] [endpoint <ip>:<port>] [persistent-keepalive <interval seconds>] [allowed-ips <ip1>/<cidr1>[,<ip2>/<cidr2>]...] ]...
Jun 21 2021, 4:26 PM
Viacheslav added a comment to T3640: Allow resetting Wireguard interface.

Is it helps in your case?

set interfaces wireguard wg0 disable 
commit
del interfaces wireguard wg0 disable 
commit

There is no any native command for reset wireguard interface in Linux (as I know). Also, we don't use any daemons which we can restart to "re-establish" session.
Is one host behind nat?

Jun 21 2021, 2:48 PM

Jun 18 2021

Viacheslav moved T3633: Add LRO offload for interface ethernet from Open to Backport Candidates on the VyOS 1.4 Sagitta board.

Works fine VyOS 1.4-rolling-202106180929

vyos@r1-roll# set interfaces ethernet eth1 offload lro 
[edit]
vyos@r1-roll# commit
[edit]
vyos@r1-roll# sudo ethtool -k eth1 | match large-receive-offload
large-receive-offload: on
[edit]
vyos@r1-roll#
Jun 18 2021, 1:31 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav committed rVYOSONEX4b2fef88644b: ethernet: T3633: Add LRO offload.
Jun 18 2021, 4:06 AM

Jun 17 2021

Viacheslav added a comment to T3633: Add LRO offload for interface ethernet.

PR https://github.com/vyos/vyos-1x/pull/883

Jun 17 2021, 7:55 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav claimed T3633: Add LRO offload for interface ethernet.
Jun 17 2021, 7:52 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav renamed T3633: Add LRO offload for interface ethernet from Add LRO offload to Add LRO offload for interface ethernet.
Jun 17 2021, 6:08 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a project to T3633: Add LRO offload for interface ethernet: VyOS 1.3 Equuleus.
Jun 17 2021, 6:06 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav created T3633: Add LRO offload for interface ethernet.
Jun 17 2021, 6:05 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Jun 15 2021

Viacheslav added a comment to T3619: Performance Degradation 1.2 --> 1.3 | High ksoftirqd CPU usage.

Flame graph for 1.3-rc4, proxmox/virtio

perf-kernel.png (630×1 px, 111 KB)

Jun 15 2021, 8:50 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav changed the status of T3567: Building Crux from Docker Image failing to download repo index from Confirmed to Needs testing.
Jun 15 2021, 8:10 AM · VyOS 1.2 Crux, vyos-build

Jun 11 2021

Viacheslav closed T3614: Container network name with hyphen fail as Resolved.
Jun 11 2021, 4:34 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3614: Container network name with hyphen fail.

PR https://github.com/vyos/vyos-1x/pull/873

Jun 11 2021, 12:46 PM · VyOS 1.4 Sagitta
Viacheslav claimed T3614: Container network name with hyphen fail.
Jun 11 2021, 12:22 PM · VyOS 1.4 Sagitta
Viacheslav created T3614: Container network name with hyphen fail.
Jun 11 2021, 12:21 PM · VyOS 1.4 Sagitta

Jun 10 2021

Viacheslav added a comment to T3613: Selectors for route-based IPsec tunnel (vti).

@krox2 How should looks like a configuration for many local/remote traffic selectors per one vti interface?

Jun 10 2021, 8:46 PM · VyOS 1.4 Sagitta
Viacheslav awarded T3613: Selectors for route-based IPsec tunnel (vti) a Like token.
Jun 10 2021, 8:37 PM · VyOS 1.4 Sagitta
Viacheslav added a subtask for T2816: Rewrite IPsec scripts with the new XML/Python approach: T3613: Selectors for route-based IPsec tunnel (vti).
Jun 10 2021, 8:36 PM · VyOS 1.4 Sagitta
Viacheslav added a parent task for T3613: Selectors for route-based IPsec tunnel (vti): T2816: Rewrite IPsec scripts with the new XML/Python approach.
Jun 10 2021, 8:36 PM · VyOS 1.4 Sagitta
Viacheslav closed T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting as Resolved.
Jun 10 2021, 8:16 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav closed T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting, a subtask of T2816: Rewrite IPsec scripts with the new XML/Python approach, as Resolved.
Jun 10 2021, 8:16 PM · VyOS 1.4 Sagitta
Viacheslav moved T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting from Backport Candidates to Finished on the VyOS 1.3 Equuleus board.
Jun 10 2021, 8:16 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav added a comment to T3567: Building Crux from Docker Image failing to download repo index.

Should be fixed with commit https://github.com/vyos/vyos-build/commit/7905f0d5715bb8da158d09734ba78dc28b2fd4e1

Jun 10 2021, 2:14 PM · VyOS 1.2 Crux, vyos-build
Viacheslav added a comment to T2645: Editing route-map action requires adding a new rule.

I can't reproduce it, VyOS 1.3-beta-202106081558

set policy prefix-list FOO rule 10 action 'permit'
set policy prefix-list FOO rule 10 prefix '0.0.0.0/0'
set policy route-map FOO rule 10 action 'permit'
set policy route-map FOO rule 10 match ip address prefix-list 'FOO'
set policy route-map FOO rule 10 set distance '220'
set policy route-map FOO rule 1000 action 'permit'
Jun 10 2021, 11:55 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T3609: BGP Peer Group Changes Slow.

Commit with such policies:

vyos@r4-1.3# time commit
Jun 10 2021, 11:40 AM · VyOS 1.3 Equuleus (1.3.0)

Jun 9 2021

Viacheslav added a comment to T3610: DHCP-Server creation for not primary IP address fails.

@n.fort You can try to replace True with False there (1.3 and 1.4). But it needs more tests. In some cases, it was some bugs with the DHCP server and not the primary address.
https://github.com/vyos/vyos-1x/blob/5d068442cf7b1863724c83168176ce2940a023fe/src/conf_mode/dhcp_server.py#L237

Jun 9 2021, 6:52 PM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav added a comment to T3609: BGP Peer Group Changes Slow.

It may be problem with large prefix-lists T2425

Jun 9 2021, 6:11 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T3609: BGP Peer Group Changes Slow.

Try to check the same directly in the FRR.

Jun 9 2021, 5:59 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav moved T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting from Need Triage to Backport Candidates on the VyOS 1.3 Equuleus board.
Jun 9 2021, 5:02 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav moved T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting from Backport Candidates to Finished on the VyOS 1.4 Sagitta board.
Jun 9 2021, 5:02 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav added a comment to T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting.

VyOS 1.3-beta-202106081558
Works as expected.

Jun  9 19:57:38 r4-1 charon: 13[CFG] no IKE_SA named 'peer-192.0.2.2-tunnel-0' found
Jun  9 19:57:38 r4-1 charon: 14[CFG] received stroke: initiate 'peer-192.0.2.2-tunnel-0'
Jun  9 19:57:38 r4-1 charon: 06[IKE] <peer-192.0.2.2-tunnel-0|4> initiating Main Mode IKE_SA peer-192.0.2.2-tunnel-0[4] to 192.0.2.2
Jun  9 19:57:38 r4-1 charon: 06[ENC] <peer-192.0.2.2-tunnel-0|4> generating ID_PROT request 0 [ SA V V V V V ]
Jun  9 19:57:38 r4-1 charon: 06[NET] <peer-192.0.2.2-tunnel-0|4> sending packet: from 192.0.2.1[500] to 192.0.2.2[500] (180 bytes)
Jun  9 19:57:38 r4-1 charon: 07[NET] <peer-192.0.2.2-tunnel-0|4> received packet: from 192.0.2.2[500] to 192.0.2.1[500] (160 bytes)
Jun  9 19:57:38 r4-1 charon: 07[ENC] <peer-192.0.2.2-tunnel-0|4> parsed ID_PROT response 0 [ SA V V V V ]
Jun  9 19:57:38 r4-1 charon: 07[IKE] <peer-192.0.2.2-tunnel-0|4> received XAuth vendor ID
Jun  9 19:57:38 r4-1 charon: 07[IKE] <peer-192.0.2.2-tunnel-0|4> received DPD vendor ID
Jun  9 19:57:38 r4-1 charon: 07[IKE] <peer-192.0.2.2-tunnel-0|4> received FRAGMENTATION vendor ID
Jun  9 19:57:38 r4-1 charon: 07[IKE] <peer-192.0.2.2-tunnel-0|4> received NAT-T (RFC 3947) vendor ID
Jun  9 19:57:38 r4-1 charon: 07[CFG] <peer-192.0.2.2-tunnel-0|4> selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Jun  9 19:57:38 r4-1 charon: 07[ENC] <peer-192.0.2.2-tunnel-0|4> generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Jun  9 19:57:38 r4-1 charon: 07[NET] <peer-192.0.2.2-tunnel-0|4> sending packet: from 192.0.2.1[500] to 192.0.2.2[500] (244 bytes)
Jun  9 19:57:38 r4-1 charon: 05[NET] <peer-192.0.2.2-tunnel-0|4> received packet: from 192.0.2.2[500] to 192.0.2.1[500] (244 bytes)
Jun  9 19:57:38 r4-1 charon: 05[ENC] <peer-192.0.2.2-tunnel-0|4> parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Jun  9 19:57:38 r4-1 charon: 05[ENC] <peer-192.0.2.2-tunnel-0|4> generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
Jun  9 19:57:38 r4-1 charon: 05[NET] <peer-192.0.2.2-tunnel-0|4> sending packet: from 192.0.2.1[500] to 192.0.2.2[500] (108 bytes)
Jun  9 19:57:38 r4-1 charon: 08[NET] <peer-192.0.2.2-tunnel-0|4> received packet: from 192.0.2.2[500] to 192.0.2.1[500] (76 bytes)
Jun  9 19:57:38 r4-1 charon: 08[ENC] <peer-192.0.2.2-tunnel-0|4> parsed ID_PROT response 0 [ ID HASH ]
Jun  9 19:57:38 r4-1 charon: 08[IKE] <peer-192.0.2.2-tunnel-0|4> IKE_SA peer-192.0.2.2-tunnel-0[4] established between 192.0.2.1[192.0.2.1]...192.0.2.2[192.0.2.2]
Jun  9 19:57:38 r4-1 charon: 08[IKE] <peer-192.0.2.2-tunnel-0|4> scheduling reauthentication in 2524s
Jun  9 19:57:38 r4-1 charon: 08[IKE] <peer-192.0.2.2-tunnel-0|4> maximum IKE_SA lifetime 3064s
Jun  9 19:57:38 r4-1 charon: 08[ENC] <peer-192.0.2.2-tunnel-0|4> generating QUICK_MODE request 364019988 [ HASH SA No KE ID ID ]
Jun  9 19:57:38 r4-1 charon: 08[NET] <peer-192.0.2.2-tunnel-0|4> sending packet: from 192.0.2.1[500] to 192.0.2.2[500] (316 bytes)
Jun  9 19:57:38 r4-1 charon: 09[NET] <peer-192.0.2.2-tunnel-0|4> received packet: from 192.0.2.2[500] to 192.0.2.1[500] (316 bytes)
Jun  9 19:57:38 r4-1 charon: 09[ENC] <peer-192.0.2.2-tunnel-0|4> parsed QUICK_MODE response 364019988 [ HASH SA No KE ID ID ]
Jun  9 19:57:38 r4-1 charon: 09[CFG] <peer-192.0.2.2-tunnel-0|4> selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/MODP_1024/NO_EXT_SEQ
Jun  9 19:57:38 r4-1 charon: 09[IKE] <peer-192.0.2.2-tunnel-0|4> CHILD_SA peer-192.0.2.2-tunnel-0{1} established with SPIs cb0aa83a_i c728156c_o and TS 10.1.0.0/24 === 10.2.3.0/24
Jun  9 19:57:38 r4-1 charon: 09[ENC] <peer-192.0.2.2-tunnel-0|4> generating QUICK_MODE request 364019988 [ HASH ]
Jun  9 19:57:38 r4-1 charon: 09[NET] <peer-192.0.2.2-tunnel-0|4> sending packet: from 192.0.2.1[500] to 192.0.2.2[500] (60 bytes)
vyos@r4-1.3:~$
Jun 9 2021, 4:59 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav claimed T2916: A state of VTI interface in a configuration does not being processing properly.
Jun 9 2021, 4:37 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T2855: disabled vti interfaces still working.

Ok it already fixed in 1.3 T2916 and can be migrated to crux

Jun 9 2021, 4:27 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav closed T3602: Renaming BGP Peer Groups Leaves Router Broken, a subtask of T3182: Main blocker Task for FRR 7.4/7.5 series update, as Resolved.
Jun 9 2021, 7:02 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav closed T3602: Renaming BGP Peer Groups Leaves Router Broken as Resolved.
Jun 9 2021, 7:02 AM · VyOS 1.3 Equuleus (1.3.0)

Jun 8 2021

Viacheslav added a comment to T1492: Not able to delete the configured arp-monitor target and interval attribute on VyOS 1.2.0.

It seems Arp monitor not supported in 802.3ad mode

Jun 8 2021, 1:21 PM · VyOS 1.2 Crux
Viacheslav added a comment to T3567: Building Crux from Docker Image failing to download repo index.

It is redirected from

http://archive.repo.saltstack.com/apt/debian/8/amd64/2017.7

to

https://archive.repo.saltproject.io/apt/debian/8/amd64/2017.7
Jun 8 2021, 11:25 AM · VyOS 1.2 Crux, vyos-build
Viacheslav moved T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting from Open to Backport Candidates on the VyOS 1.4 Sagitta board.
Jun 8 2021, 10:53 AM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav added a project to T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting: VyOS 1.2 Crux (VyOS 1.2.8).
Jun 8 2021, 10:49 AM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav changed the status of T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting, a subtask of T2816: Rewrite IPsec scripts with the new XML/Python approach, from Open to Needs testing.
Jun 8 2021, 9:14 AM · VyOS 1.4 Sagitta
Viacheslav changed the status of T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting from Open to Needs testing.
Jun 8 2021, 9:14 AM · VyOS 1.2 Crux (VyOS 1.2.8)

Jun 7 2021

Viacheslav moved T3289: No description for node "service" conf-mode from Open to Finished on the VyOS 1.4 Sagitta board.
Jun 7 2021, 11:15 PM · VyOS 1.2 Crux (VyOS 1.2.7), VyOS 1.4 Sagitta
Viacheslav closed T3455: system users can not be added in "edit" as Resolved.
Jun 7 2021, 11:12 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav changed the status of T3461: OpenConnect Server redundancy check from Unknown Status to Resolved.
Jun 7 2021, 11:10 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav closed T3581: Incomplete command `show ipv6 ospfv3 linkstate` as Resolved.
Jun 7 2021, 11:01 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav created T3606: SNMP unknown notification OID.
Jun 7 2021, 10:37 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting.

PR https://github.com/vyos/vyos-build/pull/169

Jun  8 00:59:20 r1-roll ipsec_starter[2373]: charon (2374) started after 400 ms
Jun  8 00:59:20 r1-roll charon: 05[CFG] received stroke: add connection 'peer-192.0.2.2-tunnel-0'
Jun  8 00:59:20 r1-roll charon: 05[CFG] added configuration 'peer-192.0.2.2-tunnel-0'
Jun  8 00:59:20 r1-roll charon: 07[CFG] received stroke: initiate 'peer-192.0.2.2-tunnel-0'
Jun  8 00:59:20 r1-roll charon: 07[IKE] <peer-192.0.2.2-tunnel-0|1> initiating Main Mode IKE_SA peer-192.0.2.2-tunnel-0[1] to 192.0.2.2
Jun  8 00:59:20 r1-roll charon: 07[ENC] <peer-192.0.2.2-tunnel-0|1> generating ID_PROT request 0 [ SA V V V V V ]
Jun  8 00:59:20 r1-roll charon: 07[NET] <peer-192.0.2.2-tunnel-0|1> sending packet: from 192.0.2.1[500] to 192.0.2.2[500] (180 bytes)
Jun  8 00:59:20 r1-roll charon: 09[NET] <peer-192.0.2.2-tunnel-0|1> received packet: from 192.0.2.2[500] to 192.0.2.1[500] (160 bytes)
Jun  8 00:59:20 r1-roll charon: 09[ENC] <peer-192.0.2.2-tunnel-0|1> parsed ID_PROT response 0 [ SA V V V V ]
Jun  8 00:59:20 r1-roll charon: 09[IKE] <peer-192.0.2.2-tunnel-0|1> received XAuth vendor ID
Jun  8 00:59:20 r1-roll charon: 09[IKE] <peer-192.0.2.2-tunnel-0|1> received DPD vendor ID
Jun  8 00:59:20 r1-roll charon: 09[IKE] <peer-192.0.2.2-tunnel-0|1> received FRAGMENTATION vendor ID
Jun  8 00:59:20 r1-roll charon: 09[IKE] <peer-192.0.2.2-tunnel-0|1> received NAT-T (RFC 3947) vendor ID
Jun  8 00:59:20 r1-roll charon: 09[CFG] <peer-192.0.2.2-tunnel-0|1> selected proposal: IKE:AES_CBC_256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
Jun  8 00:59:20 r1-roll charon: 09[ENC] <peer-192.0.2.2-tunnel-0|1> generating ID_PROT request 0 [ KE No NAT-D NAT-D ]
Jun  8 00:59:20 r1-roll charon: 09[NET] <peer-192.0.2.2-tunnel-0|1> sending packet: from 192.0.2.1[500] to 192.0.2.2[500] (244 bytes)
Jun  8 00:59:20 r1-roll charon: 10[NET] <peer-192.0.2.2-tunnel-0|1> received packet: from 192.0.2.2[500] to 192.0.2.1[500] (244 bytes)
Jun  8 00:59:20 r1-roll charon: 10[ENC] <peer-192.0.2.2-tunnel-0|1> parsed ID_PROT response 0 [ KE No NAT-D NAT-D ]
Jun  8 00:59:20 r1-roll charon: 10[ENC] <peer-192.0.2.2-tunnel-0|1> generating ID_PROT request 0 [ ID HASH N(INITIAL_CONTACT) ]
Jun  8 00:59:20 r1-roll charon: 10[NET] <peer-192.0.2.2-tunnel-0|1> sending packet: from 192.0.2.1[500] to 192.0.2.2[500] (108 bytes)
Jun  8 00:59:20 r1-roll charon: 11[NET] <peer-192.0.2.2-tunnel-0|1> received packet: from 192.0.2.2[500] to 192.0.2.1[500] (76 bytes)
Jun  8 00:59:20 r1-roll charon: 11[ENC] <peer-192.0.2.2-tunnel-0|1> parsed ID_PROT response 0 [ ID HASH ]
Jun  8 00:59:20 r1-roll charon: 11[IKE] <peer-192.0.2.2-tunnel-0|1> IKE_SA peer-192.0.2.2-tunnel-0[1] established between 192.0.2.1[192.0.2.1]...192.0.2.2[192.0.2.2]
Jun  8 00:59:20 r1-roll charon: 11[IKE] <peer-192.0.2.2-tunnel-0|1> scheduling rekeying in 2720s
Jun  8 00:59:20 r1-roll charon: 11[IKE] <peer-192.0.2.2-tunnel-0|1> maximum IKE_SA lifetime 3260s
Jun  8 00:59:20 r1-roll charon: 11[ENC] <peer-192.0.2.2-tunnel-0|1> generating QUICK_MODE request 3783917425 [ HASH SA No KE ID ID ]
Jun  8 00:59:20 r1-roll charon: 11[NET] <peer-192.0.2.2-tunnel-0|1> sending packet: from 192.0.2.1[500] to 192.0.2.2[500] (316 bytes)
Jun  8 00:59:20 r1-roll charon: 12[NET] <peer-192.0.2.2-tunnel-0|1> received packet: from 192.0.2.2[500] to 192.0.2.1[500] (316 bytes)
Jun  8 00:59:20 r1-roll charon: 12[ENC] <peer-192.0.2.2-tunnel-0|1> parsed QUICK_MODE response 3783917425 [ HASH SA No KE ID ID ]
Jun  8 00:59:20 r1-roll charon: 12[CFG] <peer-192.0.2.2-tunnel-0|1> selected proposal: ESP:AES_CBC_256/HMAC_SHA1_96/MODP_1024/NO_EXT_SEQ
Jun  8 00:59:20 r1-roll charon: 12[IKE] <peer-192.0.2.2-tunnel-0|1> CHILD_SA peer-192.0.2.2-tunnel-0{1} established with SPIs c4d940b7_i c9a69e83_o and TS 10.1.0.0/24 === 10.2.3.0/24
Jun  8 00:59:20 r1-roll charon: 12[ENC] <peer-192.0.2.2-tunnel-0|1> generating QUICK_MODE request 3783917425 [ HASH ]
Jun  8 00:59:20 r1-roll charon: 12[NET] <peer-192.0.2.2-tunnel-0|1> sending packet: from 192.0.2.1[500] to 192.0.2.2[500] (60 bytes)
Jun 7 2021, 10:22 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav added a project to T2620: Add ipsec peer-name to log to simplifies grepping and troubleshooting: VyOS 1.4 Sagitta.
Jun 7 2021, 8:50 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav closed T3358: VRRP: Is it necessary to support switches between master and backup with script? as Invalid.

@arvin This functions in all versions of VyOS.

Jun 7 2021, 7:08 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav changed the subtype of T2763: New SNMP resource request - SNMP over TCP from "Task" to "Feature Request".
Jun 7 2021, 6:35 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav added a comment to T2855: disabled vti interfaces still working.

I can't reproduce it in 1.2.7 and VyOS 1.3-beta-202105272051

Jun 7 2021, 6:25 PM · VyOS 1.2 Crux (VyOS 1.2.8)
Viacheslav added a comment to T3017: bridge will lose the tuntap member after reboots.

@jingyun Can you describe steps on how to reproduce it? Or re-check it.
My test config after reboot works fine

set interfaces bridge br0 member interface tun0
set interfaces tunnel tun0 encapsulation 'gre-bridge'
set interfaces tunnel tun0 local-ip '100.64.0.1'
set interfaces tunnel tun0 remote-ip '100.64.0.254'
Jun 7 2021, 6:08 PM · Invalid
Viacheslav moved T3138: ddclient improperly updated when apply rfc2136 config from Open to Backport Candidates on the VyOS 1.4 Sagitta board.
Jun 7 2021, 5:20 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav changed the status of T3602: Renaming BGP Peer Groups Leaves Router Broken, a subtask of T3182: Main blocker Task for FRR 7.4/7.5 series update, from Open to Needs testing.
Jun 7 2021, 4:40 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav changed the status of T3602: Renaming BGP Peer Groups Leaves Router Broken from Open to Needs testing.
Jun 7 2021, 4:40 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav closed T3516: FRR 7.5 adds a second route when you attempt to change a static route distance instead of overwriting the old route, a subtask of T3182: Main blocker Task for FRR 7.4/7.5 series update, as Resolved.
Jun 7 2021, 4:39 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav closed T3516: FRR 7.5 adds a second route when you attempt to change a static route distance instead of overwriting the old route as Resolved.
Jun 7 2021, 4:39 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav claimed T3602: Renaming BGP Peer Groups Leaves Router Broken.
Jun 7 2021, 4:35 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T3602: Renaming BGP Peer Groups Leaves Router Broken.

PR https://github.com/vyos/vyatta-cfg-quagga/pull/81

Jun 7 2021, 4:20 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a subtask for T3182: Main blocker Task for FRR 7.4/7.5 series update: T3602: Renaming BGP Peer Groups Leaves Router Broken.
Jun 7 2021, 2:44 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a parent task for T3602: Renaming BGP Peer Groups Leaves Router Broken: T3182: Main blocker Task for FRR 7.4/7.5 series update.
Jun 7 2021, 2:44 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T3602: Renaming BGP Peer Groups Leaves Router Broken.

https://github.com/vyos/vyatta-cfg-quagga/blob/fef5870b764e6166b639043fadb9317c8a49881d/scripts/bgp/vyatta-bgp.pl#L621-L625
https://github.com/vyos/vyatta-cfg-quagga/blob/fef5870b764e6166b639043fadb9317c8a49881d/scripts/bgp/vyatta-bgp.pl#L802-L806

Jun 7 2021, 2:31 PM · VyOS 1.3 Equuleus (1.3.0)
First
Prev
Next