Feed All Stories

All Stories
Use Results
Edit Query
Hide Query

	Include stories about projects I am a member of.

Nov 3 2021

erkin changed the status of T3950: CLI backtrace on update if DNS not defined from Open to In progress.

Nov 3 2021, 6:42 PM · VyOS 1.4 Sagitta

Viacheslav committed rVYOSONEXdd036c62d137: sstp: T2566: Fix to allow IPv6 only pools.

Nov 3 2021, 6:30 PM

GitHub <noreply@github.com> committed rVYOSONEX7a7233a52895: Merge pull request #1060 from sever-sever/T2566 (authored by c-po).

Nov 3 2021, 6:30 PM

c-po added a comment to T3936: [Feature] - DHCP Option 82 Support.

Any idea how you would like the CLI to look like for option 82 support?

Nov 3 2021, 6:27 PM · VyOS Rolling

c-po assigned T3950: CLI backtrace on update if DNS not defined to erkin.

Nov 3 2021, 6:14 PM · VyOS 1.4 Sagitta

c-po changed the status of T3510: RADIUS usersname is not shown on CLI from Open to Needs testing.

Nov 3 2021, 6:14 PM · VyOS 1.4 Sagitta

c-po added a comment to T3510: RADIUS usersname is not shown on CLI.

I use Microsoft NPS and it feels correct for me:

Nov 3 2021, 6:13 PM · VyOS 1.4 Sagitta

Viacheslav changed the status of T2281: DHCP and Static IPs on Same Interface from In progress to Needs testing.

Nov 3 2021, 5:58 PM · VyOS 1.4 Sagitta

c-po added a comment to T2869: Intel ethernet driver defaults sub-optimal.

I also have some of those APU4 devices and they work actually pretty good. The reasons for those "low" defaults are actually not from VyOS but from the Linux Kernel itself.

Nov 3 2021, 5:46 PM

c-po closed T3952: Add sh bgp ipv4/ipv6 vpn command as Resolved.

Nov 3 2021, 5:40 PM · VyOS 1.4 Sagitta

c-po moved T3960: FRR Misconfig when using multiple VRF VNI from Open to Backlog on the VyOS 1.4 Sagitta board.

Nov 3 2021, 5:40 PM · VyOS 1.4 Sagitta

Viacheslav committed rVYOSONEX05fccc464d71: interfaces: T2281: Ability to set static and DHCP addr on same interface.

Nov 3 2021, 5:38 PM

GitHub <noreply@github.com> committed rVYOSONEXc605e211584b: Merge pull request #1058 from sever-sever/T2281 (authored by c-po).

Nov 3 2021, 5:38 PM

sarthurdev committed rVYOSONEXa63aa6129324: sstp: T3931: Fixes PKI integration with SSTP.

Nov 3 2021, 5:32 PM

GitHub <noreply@github.com> committed rVYOSONEXc59e558f1ebc: Merge pull request #1062 from sarthurdev/T3931 (authored by c-po).

Nov 3 2021, 5:32 PM

jb.vedel added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

Same issue for me, i use the last RC 1.3 release (manualy builded yesterday).
Will you correct this bug until the LTS release ?

Nov 3 2021, 1:32 PM

sarthurdev added a comment to T3931: SSTP doesn't work after rewriting to PKI.

PR: https://github.com/vyos/vyos-1x/pull/1062

Nov 3 2021, 1:31 PM · VyOS 1.4 Sagitta

haakon.nore awarded T3294: Images for Dell VEP platform use no default baud rate for this platform a Like token.

Nov 3 2021, 1:12 PM · VyOS 1.2 Crux (VyOS 1.2.9)

Unknown Object (User) edited projects for T3294: Images for Dell VEP platform use no default baud rate for this platform, added: VyOS 1.2 Crux (VyOS 1.2.9); removed VyOS 1.2 Crux.

Nov 3 2021, 1:03 PM · VyOS 1.2 Crux (VyOS 1.2.9)

dmbaturin closed T3610: DHCP-Server creation for not primary IP address fails as Resolved.

Nov 3 2021, 12:35 PM · VyOS 1.3 Equuleus (1.3.0-epa3), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta

zsdc assigned T3913: VRF traffic fails after upgrade from 1.3.0-RC6 to 1.3.0-EPA1/2 to Unknown Object (User).

Nov 3 2021, 11:15 AM · VyOS 1.3 Equuleus (1.3.0)

zsdc assigned T3902: Firewall does not load on boot, address-group not found, even though it exists to Unknown Object (User).

Nov 3 2021, 11:14 AM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project

zsdc assigned T3960: FRR Misconfig when using multiple VRF VNI to Unknown Object (User).

Nov 3 2021, 11:13 AM · VyOS 1.4 Sagitta

zsdc edited a custom field on T3844: dmvpn doesn't work together with l2tp.

Nov 3 2021, 11:12 AM · VyOS 1.2 Crux (VyOS 1.2.9)

zsdc changed the status of T3844: dmvpn doesn't work together with l2tp from Open to On hold.

The problem exists because of the IKEv1 limitation - peer ID is unknown at the authentication stage. Since, both DMVPN and L2TP are configured for any remote peer address, one of them intercepts customers of the other one during authentication because it is not possible to find out which service will be connected after Phase 1.

Nov 3 2021, 11:11 AM · VyOS 1.2 Crux (VyOS 1.2.9)

zsdc added a comment to T3919: Openconnect VPN broken on 1.3-epa2.

Technically, the other one is a duplicate, but there are more details already.

Nov 3 2021, 11:02 AM

zsdc merged T3919: Openconnect VPN broken on 1.3-epa2 into T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect.

Nov 3 2021, 11:00 AM · VyOS 1.3 Equuleus (1.3.0)

zsdc merged task T3919: Openconnect VPN broken on 1.3-epa2 into T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect.

Nov 3 2021, 11:00 AM

zsdc reopened T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect as "Confirmed".

Nov 3 2021, 11:00 AM · VyOS 1.3 Equuleus (1.3.0)

zsdc merged task T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect into T3919: Openconnect VPN broken on 1.3-epa2.

Nov 3 2021, 10:59 AM · VyOS 1.3 Equuleus (1.3.0)

zsdc merged T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect into T3919: Openconnect VPN broken on 1.3-epa2.

Nov 3 2021, 10:59 AM

olofl added a comment to T3963: Deleting "le 64" from prefix-list6 does render any change.

Im not sure its possible to delete the "le" part from vtysh cli? I tried running no ipv6 prefix-list PUBLIC-IPV6 seq 10 permit 2001:db8::/32 le 64 from vtysh, but it never removed le part.

Nov 3 2021, 9:16 AM · VyOS 1.3 Equuleus (1.3.6)

olofl created T3963: Deleting "le 64" from prefix-list6 does render any change.

Nov 3 2021, 9:03 AM · VyOS 1.3 Equuleus (1.3.6)

Viacheslav closed T3932: L2TP Configuration with WAN interface DHCP assigned IP address as Invalid.

Nov 3 2021, 8:27 AM · VyOS 1.3 Equuleus (1.3.0)

Viacheslav added a comment to T3932: L2TP Configuration with WAN interface DHCP assigned IP address.

@sajiby3k you can use 0.0.0.0

set vpn l2tp remote-access outside-address '0.0.0.0'

Nov 3 2021, 8:27 AM · VyOS 1.3 Equuleus (1.3.0)

dmbaturin edited a custom field on T3962: Image cannot be built without open-vm-tools.

Nov 3 2021, 6:35 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

dmbaturin claimed T3962: Image cannot be built without open-vm-tools.

Nov 3 2021, 6:35 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

dmbaturin created T3962: Image cannot be built without open-vm-tools.

Nov 3 2021, 6:34 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Nov 2 2021

zsdc added a comment to T3771: DHCPv6 server prefix delegation - dynamically add route to delegated prefix via requesting router.

After the investigation, we figured out that it is possible to get the prefix and link-local address during the DHCP commit procedure.
The statement

log(info, binary-to-ascii(16, 8, ":", substring(option dhcp6.ia-pd, 24, 17)));

will give us the next info:

dhcpd[1568]: 40:20:1:ca:fe:11:11:ff:ff:0:0:0:0:0:0:0:0

So, a prefix can be extracted. Also, a link-local address may be generated from the MAC address extracted from the DHCP packet structure.

Nov 2 2021, 6:12 PM · VyOS 1.5 Circinus

Viacheslav added a subtask for T3642: PKI configuration: T3931: SSTP doesn't work after rewriting to PKI.

Nov 2 2021, 5:25 PM · VyOS 1.4 Sagitta (1.4.0-epa1)

Viacheslav added a parent task for T3931: SSTP doesn't work after rewriting to PKI: T3642: PKI configuration.

Nov 2 2021, 5:25 PM · VyOS 1.4 Sagitta

SrividyaA added a comment to T3796: Wireguard interfaces are not shown in op-mode.

Submitted this PR https://github.com/vyos/vyos-1x/pull/1061 to fix the op command.

Nov 2 2021, 5:23 PM · VyOS 1.2 Crux (VyOS 1.2.9)

Viacheslav created T3961: Generate PKI expect 2 character country code.

Nov 2 2021, 5:17 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta (1.4.0-GA)

Viacheslav added a comment to T3960: FRR Misconfig when using multiple VRF VNI.

Possibly unrelated, but I'll leave it here

frr-reload output:   0 /usr/lib/frr/frr-reload.py:851: SyntaxWarning: "is not" with a literal. Did you mean "!="?
frr-reload output:   1   if line is not "exit-vrf":
frr-reload output:   2 2021-11-02 18:33:34,225  INF

Nov 2 2021, 5:10 PM · VyOS 1.4 Sagitta

Fieldwork updated Fieldwork.

Nov 2 2021, 4:20 PM

Viacheslav added a comment to T2566: sstp not able to run tunnels ipv6 only.

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1060

set vpn sstp authentication local-users username foo password 'bar'
set vpn sstp authentication local-users username foo2 password 'bar2'
set vpn sstp authentication mode 'local'
set vpn sstp client-ipv6-pool prefix 2001:db8::/48
set vpn sstp gateway-address '192.168.122.14'
set vpn sstp ppp-options ipv4 'deny'
set vpn sstp ppp-options ipv6 'allow'
set vpn sstp ssl ca-cert-file '/config/user-data/sstp/ca.crt'
set vpn sstp ssl cert-file '/config/user-data/sstp/server.crt'
set vpn sstp ssl key-file '/config/user-data/sstp/server.key'

Check sessions:

vyos@r4-epa2:~$ show sstp-server s
sessions    statistics  
vyos@r4-epa2:~$ show sstp-server sessions 
ifname | username |          ip           |          ip6          | ip6-dp |   calling-sid   | rate-limit | state  |  uptime  | rx-bytes | tx-bytes 
--------+----------+-----------------------+-----------------------+--------+-----------------+------------+--------+----------+----------+----------
 sstp0  | foo2     | 2001:db8:0:0:200::/64 | 2001:db8:0:0:200::/64 |        | 192.168.122.222 |            | active | 00:00:09 | 735 B    | 506 B
vyos@r4-epa2:~$

Nov 2 2021, 3:19 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

ssasso added a comment to T3960: FRR Misconfig when using multiple VRF VNI.

Additional note: this, of course, breaks the 'red' vrf connectivity.
If I manually add, using vtysh, the

vrf red
 vni 3000

everything on the 'red' vrf works fine.

Nov 2 2021, 2:31 PM · VyOS 1.4 Sagitta

ssasso created T3960: FRR Misconfig when using multiple VRF VNI.

Nov 2 2021, 2:14 PM · VyOS 1.4 Sagitta

fernando added a comment to T3959: MPLS L3VPN IPv6 address-family over IPv4 MPLS backbone.

Yes, It seems that rfc doesn't work , also I found this issues :
https://github.com/FRRouting/frr/issues/5824

Nov 2 2021, 1:37 PM · VyOS Rolling

dmbaturin added a comment to T3835: vyos router 1.2.7 snmp Dos bug.

@zoenan7 Sorry for the late reply! Yes, I got your email and could reproduce the crash using your PoC.

Nov 2 2021, 11:26 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Viacheslav added a comment to T3822: OpenVPN processes do not have permission to read key files generated with `run generate openvpn key`.

Still not fixed VyOS 1.3-beta-202110300342:

vyos@r4-epa2:~$ generate openvpn key foo
Generating OpenVPN key to /config/auth/foo
Your new local OpenVPN key has been generated
vyos@r4-epa2:~$ 
vyos@r4-epa2:~$ ls -la /config/auth/
total 12
drwxrwsr-x 2 root vyattacfg 4096 Nov  2 09:00 .
drwxrwxr-x 7 root vyattacfg 4096 Nov  2 08:54 ..
-rw------- 1 root vyattacfg  636 Nov  2 09:00 foo
vyos@r4-epa2:~$

Nov 2 2021, 9:03 AM · VyOS 1.3 Equuleus (1.3.0)

syncer lowered the priority of T3864: Add Edgecore build to VyOS 1.3 Equuleus from High to Normal.

Nov 2 2021, 8:51 AM · VyOS 1.3 Equuleus (1.3.0)

syncer changed the subtype of T3864: Add Edgecore build to VyOS 1.3 Equuleus from "Task" to "Enhancement".

Nov 2 2021, 8:51 AM · VyOS 1.3 Equuleus (1.3.0)

syncer updated the image for VyOS 1.3 Equuleus (1.3.0-epa3) from F1983296: profile to F2021087: profile.

Nov 2 2021, 8:40 AM

syncer updated the image for VyOS 1.3 Equuleus (1.3.0-epa2) from F1983298: profile to F2021085: profile.

Nov 2 2021, 8:40 AM

syncer archived VyOS 1.3 Equuleus (1.3.0-epa1).

Nov 2 2021, 8:39 AM

syncer updated the image for VyOS 1.3 Equuleus (1.3.0-epa1) from F1983325: profile to F2021082: profile.