Thanks! This is definitely a non-issue then, closing.

Since we cannot update the kernel in 1.3 due to the QAT issues, we likely need to backport netmap support. It seems to have been introduced by this commit: https://github.com/torvalds/linux/commit/3ff7ddb1353da

@maznu
Add these lines:

Thank you for pointing that out - updated defaults.json and it seems to have made that issue go away.
For some reason its now breaking on using our internal repo (no TLS there, inside the datacenter), but i suspect its got something to do with the repo itself or some change in Debian since we started using it.

I've tested it on 1.3 with kernel 5.4.138, and for me the persistent option works as expected. I think it's a non-issue for equuleus already and the task can be closed, though I'd like other people to test that first.

Not having much luck with the build environment — and it doesn't seem to be something I've caused, because I get the same error building vyos-1x from mainline:

@stepler interesting - this bahavior changes when running from frr-reload vs. vtysh.

I think all that is required is in: https://github.com/maznu/vyos-1x/commit/68d7897622ddaa4b2e5a98d79154500b33959567

Hello, @Dmitry, I agree. I'll prepare patches for 1.3 and 1.4.

Unhelpfully it looks like Salt has changed repo: https://repo.saltproject.io/#debian

Hello @maznu , I also prefer the first variant set vpn l2tp remote-access lns host-name example.com I'm sure that we no need to overload l2tp remote-access root noded

Made the change to "do" and I noticed that.....DF is used even if there is no DF bit explicitly set...:

It seems the man page that I looked at I either didn't read carefully enough, or I completely messed it up. You're right @Viacheslav.

Did a quick test...

Already rewritten in 1.4 and 1.3 T3535
https://phabricator.vyos.net/rVYOSONEX21527ef4551613fe9b7eed9e4b2ce33ad46fe540

Hmmmm....it worked last time. I'll give it another run.

Reopen
It doesn't work properly

PR https://github.com/vyos/vyatta-cfg-quagga/pull/87
PR https://github.com/vyos/vyos-1x/pull/954
PR https://github.com/vyos/vyos-1x/pull/955

ipsec start error ..

It is not critical, please test without this package "libstrongswan-standard-plugins"
All necessary data is already installed.

1. Upload package to the router
2. Unarchiv it

sudo tar -xvf strongswan.tar

3. Install packages

sudo dpkg -i *.deb

4. Reboot router or reconfigure IPSec

As I understand there are 2 bugs:

1. It expected --iroute-ipv6, i.e

iroute-ipv6 2001:470:1f14:af1:: ffff:ffff:ffff:ffff::

2. Something wrong with such format (ipv6 address/ ipv4 mask)

ifconfig-push 2001:470:1f14:af1::2 255.255.240.0

@SrividyaA does this configuration work or not?

I don't see this bug in 1.3.0-rc5,

@stepler I created https://github.com/FRRouting/frr/pull/9281 for "easier" debugging

OK , Thank you!

I tried this locally and you can do no router bgp 100 vrf blue before no vni 2000, my vtysh instance does not scream for an error - it more feels like a programming issue on our side.

In T2851#99364, @lawrencepan wrote:

As a workaround it can help in such cases:

I get the same issue in 1.2.8.