Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Jun 27 2021

c-po added a comment to T3652: BGP handshake with cisco router ends in timeout.

Please share your Cisco and VyOS config, and also the Cisco router Model/Version

Jun 27 2021, 7:41 AM · VyOS 1.4 Sagitta
ernstjo updated the task description for T3652: BGP handshake with cisco router ends in timeout.
Jun 27 2021, 12:43 AM · VyOS 1.4 Sagitta
ernstjo created T3652: BGP handshake with cisco router ends in timeout.
Jun 27 2021, 12:42 AM · VyOS 1.4 Sagitta
raphielscape added a comment to T2869: Intel ethernet driver defaults sub-optimal.

For RPS, we maybe can adapt https://github.com/bhuanand/rps-rfs-configuration to VyOS?

Jun 27 2021, 12:03 AM

Jun 26 2021

GitHub <noreply@github.com> committed rVYOSONEXd34cd9572dd6: Debian: disable systemd salt-minion configuration - all handled in vyos-build (authored by c-po).
Jun 26 2021, 9:39 PM
GitHub <noreply@github.com> committed rVYOSONEXefcce444dbc0: Debian: ensure path for vyos-postconfig-bootup.script exists (authored by c-po).
Jun 26 2021, 9:37 PM
c-po committed rVYOSONEX707fe801eac4: Debian: drop ipsec key removal from postinst script - done on every system boot.
Jun 26 2021, 9:00 PM
c-po committed rVYOSONEXc121218b4883: Import vyos-postconfig-bootup.script from vyatta-cfg-system.
Jun 26 2021, 9:00 PM
c-po committed rVYOSONEX0f6ec4722215: Import configuration files from vyatta-cfg-system.
Jun 26 2021, 9:00 PM
c-po committed rVYOSONEX87c7a1243e0b: Debian: no need to disable salt-minion in postinst script.
Jun 26 2021, 8:12 PM
c-po committed rVYOSONEX120b866bf28f: Import sudoers configuration from vyatta-cfg-system.
Jun 26 2021, 8:12 PM
c-po committed rVYOSONEX2124089f7d83: banner: T2135: adjust to raw strings from vyatta-cfg repo.
Jun 26 2021, 7:32 PM
jestabro added a subtask for T2289: Denest cerbot certificate configuration from service https: T3651: Move certbot request to op-mode.
Jun 26 2021, 6:52 PM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta
jestabro added a parent task for T3651: Move certbot request to op-mode: T2289: Denest cerbot certificate configuration from service https.
Jun 26 2021, 6:52 PM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta
jestabro created T3651: Move certbot request to op-mode.
Jun 26 2021, 6:51 PM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta
c-po committed rVYOSONEX3d2f2ca9696c: banner: T2135: adjust to raw strings from vyatta-cfg repo.
Jun 26 2021, 5:56 PM
sarthurdev added a comment to T3642: PKI configuration.

When using show pki ... commands you would be able to see the relation between certificates and CAs.

Jun 26 2021, 5:27 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
c-po committed rVYOSONEXf98bad44fc9c: nat: T1083: fix Jinja2 templating error.
Jun 26 2021, 2:57 PM
Viacheslav changed the status of T3648: op-mode: nat rules broken from Open to Needs testing.
Jun 26 2021, 2:04 PM · VyOS 1.4 Sagitta
GitHub <noreply@github.com> committed rVYOSONEX166d44b32813: nat: T1083: add translation options for persistent/random mapping of address… (authored by hard).
Jun 26 2021, 7:48 AM
c-po closed T3586: Tunnel/Wireguard/VTI: replace random get_mac function with addrgenmode as Invalid.
Jun 26 2021, 7:43 AM · VyOS 1.4 Sagitta
c-po added a comment to T3586: Tunnel/Wireguard/VTI: replace random get_mac function with addrgenmode.

THis is infact only relevant when IPv6 addressing is used.

Jun 26 2021, 7:39 AM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX3ffe114e8e89: openvpn: T3641: adjust deprecated "openvpn --genkey" command.
Jun 26 2021, 7:34 AM
c-po committed rVYOSONEXa6b526fd9826: ipsec: T3643: us vyos.util.copy_file() over raw UNIX cp command.
Jun 26 2021, 7:25 AM
c-po committed rVYOSONEX5303ec39f6f0: vyos.util: add new helper copy_file().
Jun 26 2021, 7:25 AM
c-po committed rVYOSONEX8108ca69e7d8: ipsec: T3643: use variable for path names.
Jun 26 2021, 7:25 AM
c-po added a reverting change for rVYOSONEX95bbbb8bed92: ipsec: T3643: move swanctl.conf to /run: rVYOSONEX03e1d273acf3: Revert "ipsec: T3643: move swanctl.conf to /run".
Jun 26 2021, 7:25 AM
c-po committed rVYOSONEX03e1d273acf3: Revert "ipsec: T3643: move swanctl.conf to /run".
Jun 26 2021, 7:25 AM

Jun 25 2021

jack9603301 committed rVYOSONEXe2561b55c66c: nat: nat66: T3648: Fix script logic errors and missing logic handling.
Jun 25 2021, 8:56 PM
GitHub <noreply@github.com> committed rVYOSONEX037aa93f4936: Merge pull request #899 from jack9603301/T3648 (authored by c-po).
Jun 25 2021, 8:56 PM
Viacheslav assigned T3648: op-mode: nat rules broken to jack9603301.
Jun 25 2021, 8:49 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T3648: op-mode: nat rules broken.

PR: https://github.com/vyos/vyos-1x/pull/899

Jun 25 2021, 8:33 PM · VyOS 1.4 Sagitta
c-po added a comment to T3642: PKI configuration.

I ver much like this idea. Certificates can then easily be migrated from device to device, and very easy be referenced in a service.

Jun 25 2021, 8:17 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
c-po closed T3641: Upgrade base system from Debian Buster -> Debian Bullseye as Resolved.
Jun 25 2021, 7:42 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEXde065cb9c423: openvpn: T1512: T3641: drop deprecated "compat-names" option.
Jun 25 2021, 7:21 PM
c-po committed rVYOSONEX5187acf7babe: openvpn: T3641: remove deprecated iproute option.
Jun 25 2021, 7:21 PM
c-po committed rVYOSONEX05a7114a4a97: smoketest: ospf: sometimes the passive-interface-test fails - add debug code.
Jun 25 2021, 7:06 PM
jack9603301 added a comment to T3648: op-mode: nat rules broken.

Sorry, this may be my fault. It seems that I only pay attention to modifying the identifier below and forget the top definition. Sorry.

Jun 25 2021, 6:40 PM · VyOS 1.4 Sagitta
c-po committed rVYOSONEX23cb8c338ad3: openvpn: T1704: drop deprecated disable-ncp option.
Jun 25 2021, 5:42 PM
c-po committed rVYOSONEX6b7b19c93f90: openvpn: T1704: drop deprecated disable-ncp option.
Jun 25 2021, 5:40 PM
c-po closed T3650: OpenVPN: Upgrade package to 2.5.1 before releasing VyOS 1.3.0 as Resolved.
Jun 25 2021, 5:28 PM · VyOS 1.3 Equuleus (1.3.0)
c-po moved T3650: OpenVPN: Upgrade package to 2.5.1 before releasing VyOS 1.3.0 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Jun 25 2021, 5:27 PM · VyOS 1.3 Equuleus (1.3.0)
c-po updated the task description for T3650: OpenVPN: Upgrade package to 2.5.1 before releasing VyOS 1.3.0.
Jun 25 2021, 5:26 PM · VyOS 1.3 Equuleus (1.3.0)
c-po changed the status of T3650: OpenVPN: Upgrade package to 2.5.1 before releasing VyOS 1.3.0 from Open to In progress.
Jun 25 2021, 5:20 PM · VyOS 1.3 Equuleus (1.3.0)
c-po created T3650: OpenVPN: Upgrade package to 2.5.1 before releasing VyOS 1.3.0.
Jun 25 2021, 5:20 PM · VyOS 1.3 Equuleus (1.3.0)
c-po closed T3649: Add bonding additional hash-policy as Resolved.
Jun 25 2021, 4:58 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po moved T3649: Add bonding additional hash-policy from Open to Finished on the VyOS 1.4 Sagitta board.
Jun 25 2021, 4:58 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po moved T3649: Add bonding additional hash-policy from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Jun 25 2021, 4:58 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po committed rVYOSONEX3e9aab9adb12: smoketest: bonding: T3649: fix typo in testcase name.
Jun 25 2021, 4:57 PM
c-po committed rVYOSONEX150b1760230b: T3649: bonding: Add additional hash policies (authored by Unknown Object (User)).
Jun 25 2021, 4:57 PM
Unknown Object (User) committed rVYOSONEX9431383abc92: T3649: bonding: Add additional hash policies.
Jun 25 2021, 4:32 PM
GitHub <noreply@github.com> committed rVYOSONEXf33c6e856b2d: Merge pull request #898 from DmitriyEshenko/1x25062021 (authored by c-po).
Jun 25 2021, 4:32 PM
Unknown Object (User) added a comment to T3649: Add bonding additional hash-policy.

PR https://github.com/vyos/vyos-1x/pull/898

Jun 25 2021, 3:35 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) changed the status of T3649: Add bonding additional hash-policy from Open to In progress.
Jun 25 2021, 8:49 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) created T3649: Add bonding additional hash-policy.
Jun 25 2021, 8:48 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
raphielscape created T3648: op-mode: nat rules broken.
Jun 25 2021, 8:48 AM · VyOS 1.4 Sagitta

Jun 24 2021

Viacheslav added a comment to T2661: SSTP wrong certificates check.

@Dmitry Is it an actual task? Code was rewritten.

Jun 24 2021, 8:38 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav closed T2722: get_config_dict() and key_mangling=('-', '_') will alter CLI data for tagNodes as Resolved.

Already fixed with "no_tag_node_value_mangle=True"
https://github.com/vyos/vyos-1x/blob/705eddbc7a2caf09c37ecafb27418a764217975a/python/vyos/config.py#L218

Jun 24 2021, 8:33 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a project to T2770: Allow any character to be used in the SNMP community field: VyOS 1.4 Sagitta.
Jun 24 2021, 8:17 PM · VyOS Rolling
Viacheslav added a project to T2778: Migrate "system syslog" to get_config_dict() to support new features: VyOS 1.4 Sagitta.
Jun 24 2021, 8:10 PM · VyOS 1.4 Sagitta
Viacheslav added a project to T2773: EIGRP support for VRF: VyOS 1.4 Sagitta.
Jun 24 2021, 8:10 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T2773: EIGRP support for VRF.

Eigrp in the FRR doesn't work correctly.
The routes still live even if neighbors in a shutdown state.

Jun 24 2021, 8:09 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T2771: BGP VPNv4 & VPNv6 Address Family Support.

@Cheeze_It can you re-check it?

Jun 24 2021, 8:04 PM · VyOS 1.3 Equuleus (1.3.5)
c-po committed rVYOSONEXc8ef5e8bdce0: openvpn: T1512: T3641: drop deprecated "compat-names" option.
Jun 24 2021, 7:28 PM
c-po committed rVYOSONEX9c8facc69c09: openvpn: T3641: remove deprecated iproute option.
Jun 24 2021, 7:28 PM
c-po added a subtask for T3641: Upgrade base system from Debian Buster -> Debian Bullseye: T1512: vyos 1.2 openvpn client names with spaces created incorrectly.
Jun 24 2021, 7:12 PM · VyOS 1.4 Sagitta
c-po added a parent task for T1512: vyos 1.2 openvpn client names with spaces created incorrectly: T3641: Upgrade base system from Debian Buster -> Debian Bullseye.
Jun 24 2021, 7:12 PM · VyOS 1.3 Equuleus (1.3.0), openvpn
c-po committed rVYOSONEX807f16b6c705: Debian: T3641: bump dh 9 -> 12.
Jun 24 2021, 5:45 PM
c-po committed rVYOSONEX95bbbb8bed92: ipsec: T3643: move swanctl.conf to /run.
Jun 24 2021, 5:45 PM
c-po committed rVYOSONEXf8f867adeb98: systemd: lcdproc: T3641: override upstream files.
Jun 24 2021, 5:24 PM
c-po committed rVYOSONEXc5fcc109e78b: systemd: radvd: T3641: empty ConditionPathExists variable.
Jun 24 2021, 5:24 PM
c-po committed rVYOSONEX3897ffcbcde1: Revert "T3641: lcdproc.service is now shipped in lcdproc package".
Jun 24 2021, 5:24 PM
c-po added a reverting change for rVYOSONEXa4bb1b77ff41: T3641: lcdproc.service is now shipped in lcdproc package: rVYOSONEX3897ffcbcde1: Revert "T3641: lcdproc.service is now shipped in lcdproc package".
Jun 24 2021, 5:24 PM
Viacheslav committed rVYOSONEX50a742b50bc0: IPSec: T3643: Fix path for swanctl.conf file.
Jun 24 2021, 5:00 PM
GitHub <noreply@github.com> committed rVYOSONEX1728c76187da: Merge pull request #897 from sever-sever/T3643 (authored by c-po).
Jun 24 2021, 5:00 PM
Viacheslav added a comment to T3640: Allow resetting Wireguard interface.

There is a link to the existing code for configuration mode, not pr.
So we can to add the op-mode function to re-add/reset with a similar logic. Only thoughts

Jun 24 2021, 11:02 AM
mrozentsvayg added a comment to T3240: Support per-interface DHCPv6 DUIDs.

Not working for me as expected in 1.3.0-rc4
In my current working configuration, the duid is in the /var/lib/dhcpv6/dhcp6c_duid file (29 bytes).

Jun 24 2021, 3:00 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
jestabro committed rVYOSONEX591b8bcadd8b: T3574: add constraintGroup to schema.
Jun 24 2021, 2:02 AM
jestabro committed rVYOSONEX31553283aaa9: T3574: do not add constraintGroup property to xml cache.
Jun 24 2021, 2:02 AM
jestabro committed rVYOSONEX59a4aadfe419: T3574: process constraintGroup elements.
Jun 24 2021, 2:02 AM
GitHub <noreply@github.com> committed rVYOSONEX1a7362622783: Merge pull request #869 from jestabro/T3574 (authored by jestabro).
Jun 24 2021, 2:02 AM

Jun 23 2021

hagbard added a comment to T3640: Allow resetting Wireguard interface.
In T3640#96973, @Viacheslav wrote:

I think it will be enough to remove the peer and add again.
@hagbard what do you think?
https://github.com/vyos/vyos-1x/blob/d48dddab0509e562209adfb115b0e691b8e47f54/python/vyos/ifconfig/wireguard.py#L197

Jun 23 2021, 7:13 PM
Viacheslav added a comment to T3638: Passwords With Dollar Sign Set Incorrectly.

Not sure about double quotes, but for example for cloud-init configs, it is necessary to use single quotes.
Ideally, the configuration should look like in show configuration commands

Jun 23 2021, 6:51 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3640: Allow resetting Wireguard interface.

I think it will be enough to remove the peer and add again.
@hagbard what do you think?
https://github.com/vyos/vyos-1x/blob/d48dddab0509e562209adfb115b0e691b8e47f54/python/vyos/ifconfig/wireguard.py#L197

Jun 23 2021, 6:41 PM
jestabro closed T3647: Bullseye: gcc defaults to passing --as-needed to linker, a subtask of T3641: Upgrade base system from Debian Buster -> Debian Bullseye, as Resolved.
Jun 23 2021, 5:27 PM · VyOS 1.4 Sagitta
jestabro closed T3647: Bullseye: gcc defaults to passing --as-needed to linker as Resolved.
Jun 23 2021, 5:27 PM · VyOS 1.4 Sagitta
Viacheslav added a project to T1877: Feature Request: Allow NAT to use network and address groups: VyOS 1.4 Sagitta.
Jun 23 2021, 5:06 PM · VyOS 1.4 Sagitta
jestabro updated the task description for T3647: Bullseye: gcc defaults to passing --as-needed to linker.
Jun 23 2021, 5:01 PM · VyOS 1.4 Sagitta
c-po renamed T3318: Update Linux Kernel to v5.4.208 / 5.10.142 from Update Linux Kernel to v5.4.127 / 5.10.45 to Update Linux Kernel to v5.4.128 / 5.10.46.
Jun 23 2021, 4:54 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
jestabro added a subtask for T3641: Upgrade base system from Debian Buster -> Debian Bullseye: T3647: Bullseye: gcc defaults to passing --as-needed to linker.
Jun 23 2021, 4:50 PM · VyOS 1.4 Sagitta
jestabro added a parent task for T3647: Bullseye: gcc defaults to passing --as-needed to linker: T3641: Upgrade base system from Debian Buster -> Debian Bullseye.
Jun 23 2021, 4:50 PM · VyOS 1.4 Sagitta
jestabro changed the status of T3647: Bullseye: gcc defaults to passing --as-needed to linker from Open to In progress.
Jun 23 2021, 4:47 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3643: show vpn ipsec sa doesn't show tunnels in "down" state.

PR https://github.com/vyos/vyos-1x/pull/897
Fix path for swanctl.conf file

Jun 23 2021, 3:20 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
raphielscape added a comment to T3640: Allow resetting Wireguard interface.
In T3640#96937, @hagbard wrote:

Wireguard has no link states on the interface, the ip command just does an 'administrative' up down, which won't start a renegotiation. The policy description (remove peer) needs to be removed from the wg interface and re-added, otherwise you need to wait until wg tries to rekey which will then eventually renegotiate the entire connection.
The removal was as far as I recall part of the original vyos code, so it may have been removed at one point, I haven't looked into the code yet.

For NAT, try setting persistent-keepalive, that is supposed to keep the NAT entry active, even if you have no traffic for the tunnel.

Jun 23 2021, 3:14 PM
Viacheslav closed T3646: ospfd logs inacessbile for user as Invalid.

@Harliff Try 1.2.7/1.3 it was fixed with commit https://github.com/vyos/vyos-build/pull/138/files#diff-c7d29a506307d9cf8d86c3cd3f65ca4e4058ea442cacdf9a89d2485b56c7417aR67
T2061

Jun 23 2021, 2:49 PM · vyos-frr, VyOS 1.2 Crux
MaxiM added a comment to T1200: SNMP GET broken at least for BGP4-MIB.

@MaxiM In which exact version was a different behavior?

Jun 23 2021, 2:15 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.6)
hagbard added a comment to T3640: Allow resetting Wireguard interface.

Wireguard has no link states on the interface, the ip command just does an 'administrative' up down, which won't start a renegotiation. The policy description (remove peer) needs to be removed from the wg interface and re-added, otherwise you need to wait until wg tries to rekey which will then eventually renegotiate the entire connection.
The removal was as far as I recall part of the original vyos code, so it may have been removed at one point, I haven't looked into the code yet.

Jun 23 2021, 1:49 PM
FileGo reopened T3556: Commit-archive via scp causes 100% CPU on boot, a subtask of T3356: Script for remote file transfers, as Open.
Jun 23 2021, 10:06 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
FileGo reopened T3556: Commit-archive via scp causes 100% CPU on boot as "Open".

Actually scratch that. I run a HA pair of VyOS routers via VRRP with a transition script on master/backup, and it looks like when it transitions from backup to master, the commit (at the end of the script) still locks in an endless cycle, combined with some sort of memory leak in keepalived-fifo.py (that doesn't occur if commit-archive via scp is not set up).

Jun 23 2021, 10:06 AM · VyOS 1.4 Sagitta
erkin closed T3556: Commit-archive via scp causes 100% CPU on boot, a subtask of T3356: Script for remote file transfers, as Resolved.
Jun 23 2021, 9:51 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
First
Prev
Next