Being able to quickly see reservations in an operational mode command would be convenient, avoiding the need to pull up the config.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Feb 20 2022
Feb 19 2022
It is used in keepalived Template
Feb 18 2022
@kirvio Could you check it on 1.3/1.4?
PR for documentation: https://github.com/vyos/vyos-documentation/pull/719
I've submitted a PR here: https://github.com/vyos/vyos-1x/pull/1227
Feb 17 2022
It's not a bug, to automatically add the routes when the link is disconnected, set the connect-on-demand parameter.
@dutty Thanks for confirming.
I just built ISO from the 1.3 branch and tried (1.3-rolling-202202171824). ocserv works normal. The issue is probably resolved.
Thank you.
CI job for re-build pkg ocserv should fix this issue.
After further testing, it looks like it's not necessary to have <iface>_ca.pem contain both the server and client chains of trust.
I started working on implementing my "alternative" idea. It's a little bit more complicated than I first thought because we have to consider both the server and client chain of trust.
@c-po Thank you for the work on this.
Feb 16 2022
Install official pkg solve the issue
wget http://ftp.de.debian.org/debian/pool/main/o/ocserv/ocserv_0.12.2-3_amd64.deb dpkg -i *.deb `
Can be related
Found out some strange things, client address was banned:
ocserv[2072]: main: added 1 points (total 1) for IP '192.168.122.1' to ban list
I don't see any issues with LTS 1.3.0
Thanks
Is it required point of binding in a container?
For example:
podman run --rm -it --device=/dev/vdb:/dev/xvdc:rwm --net host ubuntu bash
In T4249#118633, @Viacheslav wrote:You can get access to host netwoks with set container name foo allow-host-networks
You can get access to host netwoks with set container name foo allow-host-networks
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1224
@anthr76 we have ready telegraf exporter, maybe it will work for you?
https://docs.vyos.io/en/latest/configuration/service/monitoring.html
Does anyone at least have an example of how to use the snmp exporter? For example a snmp.yml or generate one with the given mibs?
Tested on 1.4-rolling-202202150317 and 1.3.0, all works
Feb 15 2022
this is very similar to https://phabricator.vyos.net/T3657 , so it seems that this is going to be fixed in 1.4 ( proof https://forum.vyos.io/t/bgp-peering-with-ipv6-link-local-addresses/7309/14 ). Is this going to be backported to 1.3 ? Anyone is able to find the commit that introduced the feature on 1.4? Maybe it is something easy to patch
Comman "show conntrack ..." not available any more in latest?
Duplicate T1292 was assigned to 1.4 version, and I close it because it was solved.
This bug remains open for 1.3 Equuleus
Tested on VyOS 1.4-rolling-202202150317 and working as expected.
vyos@vyos# run show config comm | grep fire set firewall name FOO rule 10 action 'accept' set firewall name FOO rule 10 protocol 'tcp' set firewall name FOO rule 10 tcp flags not ack set firewall name FOO rule 10 tcp flags syn set firewall name FOO rule 40 action 'accept' set firewall name FOO rule 40 protocol '!gre' [edit] vyos@vyos# sudo nft list chain ip filter NAME_FOO table ip filter { chain NAME_FOO { tcp flags & (syn | ack) == syn counter packets 0 bytes 0 return comment "FOO-10" meta l4proto != gre counter packets 0 bytes 0 return comment "FOO-40" counter packets 0 bytes 0 return comment "FOO default-action accept" } }
Solved. New commands:
PR for current https://github.com/vyos/vyos-1x/pull/1223
PR for equuleus https://github.com/vyos/vyos-1x/pull/1222
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1221