Page MenuHomeVyOS Platform
Feed Search

Search
Use Results
Hide Query

Aug 30 2021

Viacheslav added a comment to T3782: Ingress Shaping with IFB No Longer Functional with 1.3.

PR https://github.com/vyos/vyos-1x/pull/983

Aug 30 2021, 7:10 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added projects to T3782: Ingress Shaping with IFB No Longer Functional with 1.3: VyOS 1.4 Sagitta, test.
Aug 30 2021, 7:10 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
erkin renamed T2300: Cannot remove PBR from Delete a PBR show error to Cannot remove PBR.
Aug 30 2021, 7:02 AM · VyOS 1.4 Sagitta
erkin set Issue type to bug on T2328: dhcpv6 server not starting (disable check reversed?).
Aug 30 2021, 6:47 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
erkin set Issue type to improvement on T2416: Do not always delete all bond members when adding new ones.
Aug 30 2021, 6:21 AM · VyOS 1.3 Equuleus (1.3.9), test
erkin set Issue type to bug on T2419: Cannot change udp-fragmentation-offload.
Aug 30 2021, 6:21 AM
erkin set Issue type to bug on T2430: cannot delete specific route static next-hop.
Aug 30 2021, 6:19 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
erkin set Issue type to bug on T2432: dhcpd: Can't create new lease file: Permission denied.
Aug 30 2021, 6:19 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
erkin set Issue type to bug on T2434: Duplicate Address Detection Breaks Interfaces.
Aug 30 2021, 6:18 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
erkin set Issue type to bug on T2503: IPv6 Firewall configuration error: Cannot delete rule set "GUEST-WAN-6" (still in use).
Aug 30 2021, 6:02 AM · VyOS 1.4 Sagitta (1.4.0-GA)
erkin set Issue type to bug on T2525: OSPFv3 missing route map, not establishing.
Aug 30 2021, 5:51 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
erkin set Issue type to bug on T2557: clear interfaces <type> <interface> counters has no effect.
Aug 30 2021, 5:43 AM · VyOS 1.3 Equuleus (1.3.0)
erkin renamed T2567: accel-ppp eats all memory with a small sstp config from accel-ppp eats al memory with small sstp config to accel-ppp eats all memory with a small sstp config.
Aug 30 2021, 5:41 AM · VyOS 1.3 Equuleus (1.3.9)

Aug 29 2021

Viacheslav changed the status of T3777: adding IPv6 EUI64 address fails commit in 1.3.0-rc6 from Open to Needs testing.
Aug 29 2021, 5:18 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav closed T3708: isisd and gre-bridge commit error as Resolved.

1.3 fixed in T3779

Aug 29 2021, 5:07 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav assigned T3763: wireguard checks if port already binding to zsdc.
Aug 29 2021, 3:07 PM · VyOS 1.4 Sagitta
erkin set Issue type to bug on T2623: Creating sit tunnel fails with “Can not set “local” for tunnel sit tun1 at tunnel creation”.
Aug 29 2021, 2:14 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
erkin set Issue type to bug on T2648: router-advert: erroneous syslog warning about invalid all-zeros prefix.
Aug 29 2021, 2:06 PM · VyOS 1.3 Equuleus (1.3.0), test
erkin set Issue type to improvement on T2661: SSTP wrong certificates check.
Aug 29 2021, 2:00 PM · VyOS 1.3 Equuleus (1.3.0)
erkin set Issue type to bug on T2710: Many op mode "show interfaces $type" commands no longer work.
Aug 29 2021, 1:48 PM · Bugs, VyOS 1.3 Equuleus (1.3.9)
erkin set Issue type to internal on T2727: Add a dotted decimal value validator.
Aug 29 2021, 1:45 PM · VyOS 1.3 Equuleus (1.3.0-epa1), Ready for Crux (1.2.x)
erkin set Issue type to bug on T2747: "enable-local-traffic" has no effect in load-balancing to redirect local traffic.
Aug 29 2021, 1:40 PM · VyOS 1.5 Circinus
erkin set Issue type to bug on T2759: validate-value prints error messages from validators that fail even if overall validation succeeds.
Aug 29 2021, 1:35 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
erkin set Issue type to bug on T2776: QAT acceleration not working for IPSec AES-128 (CBC) / SHA256 tunnel .
Aug 29 2021, 1:31 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
erkin set Issue type to bug on T2793: compare + TAB completion does not show proper username if user contains _.
Aug 29 2021, 1:28 PM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.2 Crux (VyOS 1.2.9)
erkin set Issue type to bug on T2851: Invalid passthrough routes installing by strongSwan into table 220.
Aug 29 2021, 1:13 PM · Bugs, VyOS 1.3 Equuleus (1.3.9), test
erkin set Issue type to improvement on T2869: Intel ethernet driver defaults sub-optimal.
Aug 29 2021, 1:09 PM
erkin renamed T2881: Bug in weight calculation for failover mode from Bug in weigt calculation for failover mode to Bug in weight calculation for failover mode.
Aug 29 2021, 1:06 PM
erkin set Issue type to bug on T2920: Commit crash when adding the second mGRE tunnel with the same key.
Aug 29 2021, 12:55 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
erkin set Issue type to bug on T2931: Unicode decode error causes vyos.configd service to restart.
Aug 29 2021, 12:52 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
erkin renamed T2941: Using a non-ASCII character in the description field causes UnicodeDecodeError in configsource.py from Using a unicode character in the description field causes UnicodeDecodeError in configsource.py to Using a non-ASCII character in the description field causes UnicodeDecodeError in configsource.py.
Aug 29 2021, 12:47 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
erkin set Issue type to bug on T2947: Nat translation many-many with prefix does not map 1-1..
Aug 29 2021, 12:46 PM · VyOS 1.4 Sagitta
erkin changed Issue type from unspecified to bug on T2996: Checking digital signature failed on downgrade from rolling to stable..
Aug 29 2021, 12:32 PM · VyOS 1.3 Equuleus (1.3.5)
erkin set Issue type to feature on T3070: Firewall going OOM, possible related to nftables migration.
Aug 29 2021, 12:16 PM · VyOS 1.3 Equuleus (1.3.4)
erkin set Issue type to bug on T3098: Cannot talk to rtnetlink: Message too long Command failed -:1.
Aug 29 2021, 12:10 PM · VyOS 1.3 Equuleus (1.3.4)
Viacheslav added a project to T3777: adding IPv6 EUI64 address fails commit in 1.3.0-rc6: test.
Aug 29 2021, 11:52 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
c-po closed T3783: "set protocols isis spf-delay-ietf" is not working as Resolved.
Aug 29 2021, 9:24 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po moved T3783: "set protocols isis spf-delay-ietf" is not working from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Aug 29 2021, 9:23 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po moved T3783: "set protocols isis spf-delay-ietf" is not working from Open to Finished on the VyOS 1.4 Sagitta board.
Aug 29 2021, 9:23 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po added projects to T3783: "set protocols isis spf-delay-ietf" is not working: test, VyOS 1.3 Equuleus.
Aug 29 2021, 9:23 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Aug 28 2021

c-po triaged T2996: Checking digital signature failed on downgrade from rolling to stable. as High priority.
Aug 28 2021, 7:20 AM · VyOS 1.3 Equuleus (1.3.5)

Aug 27 2021

c-po moved T3318: Update Linux Kernel to v5.4.208 / 5.10.142 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Aug 27 2021, 8:30 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
c-po added a project to T3318: Update Linux Kernel to v5.4.208 / 5.10.142: test.
Aug 27 2021, 8:30 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

Aug 26 2021

c-po closed T3781: Revert the NAT implementation in 1.3 back to iptables, a subtask of T2947: Nat translation many-many with prefix does not map 1-1., as Resolved.
Aug 26 2021, 6:19 PM · VyOS 1.4 Sagitta
c-po closed T3781: Revert the NAT implementation in 1.3 back to iptables as Resolved.
Aug 26 2021, 6:18 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
c-po claimed T3781: Revert the NAT implementation in 1.3 back to iptables.
Aug 26 2021, 4:31 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
c-po closed T3776: Rename FRR daemon restart op-mode commands as Resolved.
Aug 26 2021, 4:29 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
dmbaturin renamed T3781: Revert the NAT implementation in 1.3 back to iptables from Revert the NAT implementation in 1.3 back iptables-based to Revert the NAT implementation in 1.3 back to iptables.
Aug 26 2021, 2:35 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
dmbaturin created T3781: Revert the NAT implementation in 1.3 back to iptables.
Aug 26 2021, 2:33 PM · VyOS 1.3 Equuleus (1.3.0-epa1)

Aug 25 2021

c-po closed T3773: Delete the "show system integrity" command (to prepare for a re-implementation) as Resolved.
Aug 25 2021, 1:04 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po added a comment to T3776: Rename FRR daemon restart op-mode commands.

Pending PR https://github.com/vyos/vyos-1x/pull/978

Aug 25 2021, 1:03 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po updated the task description for T3776: Rename FRR daemon restart op-mode commands.
Aug 25 2021, 12:48 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po updated the task description for T3776: Rename FRR daemon restart op-mode commands.
Aug 25 2021, 12:48 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po claimed T3776: Rename FRR daemon restart op-mode commands.
Aug 25 2021, 12:36 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po updated the task description for T3776: Rename FRR daemon restart op-mode commands.
Aug 25 2021, 12:36 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po changed the status of T3776: Rename FRR daemon restart op-mode commands from Open to In progress.
Aug 25 2021, 12:35 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po moved T3773: Delete the "show system integrity" command (to prepare for a re-implementation) from Open to Backlog on the VyOS 1.4 Sagitta board.
Aug 25 2021, 8:11 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Aug 24 2021

c-po merged T3360: Op command 'show interfaces' does not display VRRP VIP into T3772: VRRP virtual interfaces are not shown in show interfaces.
Aug 24 2021, 8:21 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3772: VRRP virtual interfaces are not shown in show interfaces.

Similar task T3360

Aug 24 2021, 5:40 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po closed T3772: VRRP virtual interfaces are not shown in show interfaces as Resolved.
Aug 24 2021, 2:55 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po claimed T3772: VRRP virtual interfaces are not shown in show interfaces.
Aug 24 2021, 2:50 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po changed the status of T3772: VRRP virtual interfaces are not shown in show interfaces from Open to Confirmed.
Aug 24 2021, 2:29 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po added a comment to T3772: VRRP virtual interfaces are not shown in show interfaces.
cpo@LR1.wue3:~$ show interfaces vrrp
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth1v10          10.1.1.1/24                       u/u
Aug 24 2021, 2:29 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
dmbaturin created T3773: Delete the "show system integrity" command (to prepare for a re-implementation).
Aug 24 2021, 2:23 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
dmbaturin created T3772: VRRP virtual interfaces are not shown in show interfaces.
Aug 24 2021, 1:36 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Aug 20 2021

jestabro added a project to T1950: Store VyOS configuration syntax version data in JSON file: test.
Aug 20 2021, 8:03 PM · VyOS 1.3 Equuleus (1.3.0), test, VyOS 1.4 Sagitta
jestabro closed T1950: Store VyOS configuration syntax version data in JSON file, a subtask of T688: Move component versions used for config migration purposes into vyos-1x, as Resolved.
Aug 20 2021, 8:02 PM · VyOS 1.3 Equuleus (1.3.0), test
jestabro added a subtask for T688: Move component versions used for config migration purposes into vyos-1x: T1950: Store VyOS configuration syntax version data in JSON file.
Aug 20 2021, 6:43 PM · VyOS 1.3 Equuleus (1.3.0), test

Aug 19 2021

jestabro renamed T3768: Remove early syntaxVersion implementation from Remove early syntaxVersion implementation from 1.3 to Remove early syntaxVersion implementation.
Aug 19 2021, 4:15 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
jestabro closed T3732: override-default helper should support adding defaultValues to default less nodes as Resolved.
Aug 19 2021, 3:40 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
jestabro added a parent task for T3768: Remove early syntaxVersion implementation: T3474: Revisit storing syntax version of interface definitions in XML file.
Aug 19 2021, 3:36 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
jestabro created T3768: Remove early syntaxVersion implementation.
Aug 19 2021, 3:35 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
jestabro closed T2759: validate-value prints error messages from validators that fail even if overall validation succeeds as Resolved.
Aug 19 2021, 3:29 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
jestabro closed T3574: Add constraintGroup for combining validators with logical AND as Resolved.
Aug 19 2021, 3:29 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
jestabro changed the status of T3234: multi_to_list fails in certain cases, with root cause an element redundancy in XML interface-definitions from Unknown Status to Resolved.
Aug 19 2021, 3:27 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po moved T3763: wireguard checks if port already binding from Need Triage to Backlog on the VyOS 1.3 Equuleus board.
Aug 19 2021, 10:42 AM · VyOS 1.4 Sagitta
c-po moved T690: Allow OpenVPN servers to push routes with custom metric values from Open to In Progress on the VyOS 1.4 Sagitta board.
Aug 19 2021, 8:53 AM · VyOS 1.3 Equuleus (1.3.0-epa1)

Aug 18 2021

c-po added a comment to T3708: isisd and gre-bridge commit error.

HI @Viacheslav, this works even in 1.3, your problem is that you need to merge it with isis['FOO'] and not isis.

Aug 18 2021, 6:19 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po added a comment to T3763: wireguard checks if port already binding.

+1

Aug 18 2021, 3:03 PM · VyOS 1.4 Sagitta
dtoux added a comment to T3537: Unable to override the default OSPFv3 link cost for wireguard interface.

Sounds good to me.

Aug 18 2021, 1:13 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav updated the task description for T3763: wireguard checks if port already binding.
Aug 18 2021, 10:26 AM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T3763: wireguard checks if port already binding.
Aug 18 2021, 10:15 AM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T3763: wireguard checks if port already binding.
Aug 18 2021, 10:15 AM · VyOS 1.4 Sagitta
Viacheslav created T3763: wireguard checks if port already binding.
Aug 18 2021, 10:10 AM · VyOS 1.4 Sagitta
Viacheslav closed T3537: Unable to override the default OSPFv3 link cost for wireguard interface as Resolved.

I close the task, because it can't be reproducible in 1.3.0-rc5
Re-open it, if necessary with described step by step how to reproduce it.
Or open a new one.

Aug 18 2021, 9:47 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav added a comment to T3708: isisd and gre-bridge commit error.

from vyos.xml import defaults doesn't work for 1.3 correctly, for some reason it gets 2 isis process with same name "FOO"
https://github.com/sever-sever/vyos-1x/commit/7b0a33618bfa1d1ef99b9744ed1ded49a2c832af

vyos@r4-1.3# compare 
[edit protocols]
+isis FOO {
+    interface tun0 {
+    }
+    net 49.0001.0000.0011.0001.00
+}
[edit]
vyos@r4-1.3# commit
[ protocols isis FOO ]
{'FOO': {'interface': {'tun0': {}}, 'net': '49.0001.0000.0011.0001.00'},
 'lsp_mtu': '1497'}
Only one isis process can be defined
Aug 18 2021, 9:33 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav placed T3708: isisd and gre-bridge commit error up for grabs.
Aug 18 2021, 9:27 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Aug 17 2021

dtoux added a comment to T3537: Unable to override the default OSPFv3 link cost for wireguard interface.

I haven't tested it directly but I haven't experienced this problem while working on the configuration changes. I don't have much time right now, so I can't test the exact scenario.

Aug 17 2021, 4:01 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav closed T1643: Deleting all firewall zones failed and locked out box as Resolved.

Not reproducible, tested on "1.3-beta-202108151336"

Aug 17 2021, 4:00 PM · VyOS 1.3 Equuleus (1.3.0), test
ciprian.craciun added a comment to T1753: Configuring `ip source-validation loose` doesn't properly configure `sysctl`.

@Viacheslav Sorry for the long delay in replying.

Aug 17 2021, 2:56 PM · Bugs, VyOS 1.5 Circinus
Viacheslav added a comment to T1753: Configuring `ip source-validation loose` doesn't properly configure `sysctl`.
  1. Bug, values on interfaces are overwritten after firewall global parameters.

By default:

vyos@r4-1.3# sudo sysctl -a | grep "\.rp_filter"
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth1.rp_filter = 0
net.ipv4.conf.eth2.rp_filter = 0
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.vtun10.rp_filter = 0

Set value for the interface eth2 value "loose"

vyos@r4-1.3# set interfaces ethernet eth2 ip source-validation 'loose'
[edit]
vyos@r4-1.3# commit
vyos@r4-1.3# sudo sysctl -a | grep "\.rp_filter"
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth1.rp_filter = 0
net.ipv4.conf.eth2.rp_filter = 2
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.vtun10.rp_filter = 0
Aug 17 2021, 1:37 PM · Bugs, VyOS 1.5 Circinus
Viacheslav added a comment to T1349: L2TP remote-access vpn terminated and not showing as connected.

@Merijn Any updates?

Aug 17 2021, 12:53 PM · VyOS 1.3 Equuleus (1.3.0), test
Viacheslav added a comment to T1487: DNS (pdns_recursor) stats logs not saved to disk.

@c-po Can we close it?

Aug 17 2021, 12:47 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
Viacheslav closed T508: ISC DHCP incorrect UDP checksum generation as Resolved.

Not more actual for 1.3, as it used isc-dhcp-client/isc-dhcp-relay/isc-dhcp-server 4.4.1-2
I can't find in logs something like bad udp checksums

Aug 17 2021, 12:46 PM · VyOS 1.3 Equuleus (1.3.0-epa1), vyatta-dhcp3
c-po added a comment to T1487: DNS (pdns_recursor) stats logs not saved to disk.

From the manual:

Aug 17 2021, 12:06 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
c-po added a comment to T1550: Add support for Large BGP Community show commands.

VyOS 1.3.0-rc6 (upcoming) and 1.4 have the following commands available:

Aug 17 2021, 11:51 AM · VyOS 1.3 Equuleus (1.3.0), test
Viacheslav added a comment to T1487: DNS (pdns_recursor) stats logs not saved to disk.

Do we need to set this option configurable?
We have an option --disable-syslog so for enable logging it should be --enable-syslog

Aug 17 2021, 11:06 AM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
Viacheslav added a comment to T1925: DMVPN is always listed as down in "show vpn ipsec sa".

SA only with hub, output correct

vyos@spoke1:~$ show vpn ipsec sa
Connection    State    Uptime    Bytes In/Out    Packets In/Out    Remote address    Remote ID    Proposal
------------  -------  --------  --------------  ----------------  ----------------  -----------  ----------------------------------
dmvpn         up       16m24s    2K/2K           24/23             192.0.2.1         N/A          AES_CBC_256/HMAC_SHA1_96/MODP_1024
vyos@spoke1:~$ 
vyos@spoke1:~$ 
vyos@spoke1:~$ sudo swanctl -l
dmvpn-NHRPVPN-tun100: #1, ESTABLISHED, IKEv1, 2bc867b1ca327379_i* c85b15462b657b03_r
  local  '100.64.1.11' @ 100.64.1.11[500]
  remote '192.0.2.1' @ 192.0.2.1[500]
  AES_CBC-256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
  established 1001s ago, rekeying in 2400s
  dmvpn: #1, reqid 1, INSTALLED, TRANSPORT, ESP:AES_CBC-256/HMAC_SHA1_96/MODP_1024
    installed 1001s ago, rekeying in 505s, expires in 979s
    in  cb2b55ee,   3044 bytes,    24 packets,    91s ago
    out cb3647d6,   2474 bytes,    23 packets,    91s ago
    local  100.64.1.11/32[gre]
    remote 192.0.2.1/32[gre]
vyos@spoke1:~$
Aug 17 2021, 9:46 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav added a comment to T1925: DMVPN is always listed as down in "show vpn ipsec sa".

Tested on VyOS 1.3.0-rc5

Aug 17 2021, 9:40 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav closed T2525: OSPFv3 missing route map, not establishing as Resolved.

Not reproducible update from 1.2.4 to 1.3-rc5
1.2.4 config

set interfaces ethernet eth1 bond-group bond0
set interfaces ethernet eth1 bond-group bond0
set interfaces bonding bond0 vif 29 address '192.168.159.167/31'
set interfaces bonding bond0 vif 29 address 'fd12:45:fff:29::2/126'
set interfaces bonding bond0 vif 29 description 'Point to Point - DMZ'
set interfaces bonding bond0 vif 29 ip ospf dead-interval '20'
set interfaces bonding bond0 vif 29 ip ospf hello-interval '10'
set interfaces bonding bond0 vif 29 ip ospf priority '220'
set interfaces bonding bond0 vif 29 ip ospf retransmit-interval '5'
set interfaces bonding bond0 vif 29 ip ospf transmit-delay '1'
set interfaces bonding bond0 vif 29 ipv6 dup-addr-detect-transmits '1'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 cost '1'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 dead-interval '20'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 hello-interval '10'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 instance-id '0'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 priority '220'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 retransmit-interval '5'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 transmit-delay '1'
set interfaces bonding bond0 vif 29 mtu '1500'
set interfaces loopback lo address 'fd12:45::14/128'
set policy route-map OSPF-Filter description 'This route map will apply to outgoing routes sent via OSPF'
set policy route-map OSPF-Filter rule 10 action 'permit'
set policy route-map OSPF-Filter rule 10 description 'Only permit loopback interface'
set policy route-map OSPF-Filter rule 10 match interface 'lo'
set policy route-map OSPF-Filter rule 100 action 'deny'
set policy route-map OSPF-Filter rule 100 description 'Default deny'
set protocols ospfv3 area 0.0.0.0 interface 'lo'
set protocols ospfv3 area 0.0.0.0 interface 'bond0.29'
set protocols ospfv3 area 0.0.0.0 range fd12:45:fff:29::/126
set protocols ospfv3 parameters router-id '192.168.159.241'
set protocols ospfv3 redistribute connected route-map 'OSPF-Filter'
Aug 17 2021, 8:08 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
First
Prev
Next