Backported to equuleus branch of vyos1x-config:
https://github.com/vyos/vyos1x-config/commit/8ad21f6c7e6f37edeca137b2a7dc7c3f7ffc6a20
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Apr 21 2022
Apr 21 2022
Unknown Object (User) added a comment to T4380: Feature Request: ocserv: 2FA OTP key generator in VyOS CLI.
ajgnet updated the task description for T4383: Flow Accounting returns permission error and fails to start.
Apr 20 2022
Apr 20 2022
jestabro updated the task description for T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors.
jestabro updated the task description for T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors.
jestabro changed the status of T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors from Open to Confirmed.
SrividyaA changed the status of T4381: OpenVPN: Add "Tunnel IP" column in "show openvpn server" operational command from Open to In progress.
Confirming the same.
v.huti added a comment to T4028: FRR 8.1 routes not being applied to routing table after reboot if an interface has 2 ip addresses.
Pull https://github.com/FRRouting/frr/pull/11004 was merged. This needs retesting on the latest FRR
Not a super expert in ISC DHCPd but it feels like the vendor specific options are hardcoded
Unknown Object (User) created T4380: Feature Request: ocserv: 2FA OTP key generator in VyOS CLI.
Unknown Object (User) closed T4231: Feature Request: ocserv: 2FA (password+OTP) support in Openconnect as Resolved.
Tested in VyOS 1.4-rolling-202204130521
Works
Apr 19 2022
Apr 19 2022
Script for testing which fix some bugs with DMVPN
opennhrp-script-fix.py2 KBDownload
Viacheslav moved T4268: Elevated LA while using VyOS monitoring feature from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po renamed T4379: PPPoE: default-route lost after applying additional static routes from PPPoE: default-route lost after applying additional startic routes to PPPoE: default-route lost after applying additional static routes.
ajgnet updated the task description for T4378: Unable to submit wildcard ("*.example.com") A or AAAA records in dns forwarder.
Proposed CLI:
set service dhcpv6-server global-parameters cisco-voip width 2 set service dhcpv6-server global-parameters cisco-voip length-width 2 set service dhcpv6-server global-parameters cisco-voip tftp-servers set service dhcpv6-server shared-network-name Lan-v6-02 subnet 2001:db8:23::/64 cisco-voip tftp-server xx:xx:xx
Viacheslav added a comment to T4375: hairpin nat (nat reflector) "hijacks" all outgoing traffic on specified port to any destination.
Related to task T2196
Also there can be an issue if you get by DHCP non external addresses which behind nat.
So you need some external scripts which will give you your external address, like
curl ifconfig.me
unity changed the status of T4268: Elevated LA while using VyOS monitoring feature from Open to In progress.
ajgnet added a comment to T4376: DNAT with multiwan and policy routing, incoming connections only work on primary interface.
Tested, does not work. Even with all firewall rules removed.
ajgnet added a comment to T4375: hairpin nat (nat reflector) "hijacks" all outgoing traffic on specified port to any destination.
Is there a way to get this to work with a dhcp assigned WAN address?
The answer was found https://github.com/influxdata/telegraf/issues/3465
Thanks @jestabro
Viacheslav added a comment to T4375: hairpin nat (nat reflector) "hijacks" all outgoing traffic on specified port to any destination.
Set destination external address, it is required. In other case you set all traffic to local server.
Viacheslav added a comment to T4376: DNAT with multiwan and policy routing, incoming connections only work on primary interface.
I didn't test it, but you need something like this or combinations..
set policy route MARK-80-eth0 rule 10 destination port '80' set policy route MARK-80-eth0 rule 10 protocol 'tcp' set policy route MARK-80-eth0 rule 10 set mark '100' set policy route MARK-80-eth0 rule 10 set table '100'
Unknown Object (User) created T4377: generate tech-support archive includes previous archives.
Viacheslav closed T4344: DHCP statistics not matching, conf-mode generates incorrect pool name with dash as Resolved.
Fixed
vyos@vyos:~$ show conf com | match dhcp set service dhcp-server shared-network-name NET_01 authoritative set service dhcp-server shared-network-name NET_01 name-server '1.1.1.1' set service dhcp-server shared-network-name NET_01 subnet 192.0.2.0/24 range R1 start '192.0.2.21' set service dhcp-server shared-network-name NET_01 subnet 192.0.2.0/24 range R1 stop '192.0.2.254' vyos@vyos:~$ vyos@vyos:~$ show dhcp server leases IP address Hardware address State Lease start Lease expiration Remaining Pool Hostname ------------ ------------------ ------- ------------------- ------------------- ----------- ------ ---------- 192.0.2.27 50:08:00:06:00:02 active 2022/04/19 12:04:19 2022/04/20 12:04:19 23:59:27 NET_01 vyos vyos@vyos:~$ vyos@vyos:~$ show dhcp server statistics Pool Size Leases Available Usage ------ ------ -------- ----------- ------- NET_01 234 1 233 0% vyos@vyos:~$
ajgnet updated the task description for T4374: ipv6 address drops from interface, but network still active.
Viacheslav changed the status of T4373: PPPoE-server add multiplier option for shaper from Open to In progress.
Apr 18 2022
Apr 18 2022
higebu moved T4371: Copy contribution guideline from vyos-1x from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Apr 18 2022, 11:50 PM · Restricted Project
Apr 18 2022, 11:49 PM · Restricted Project
Apr 18 2022, 11:42 PM · Restricted Project
svd135 added a comment to T4327: Ethernet interface configuration fails on Hyper-V due to speed/duplex/autoneg ethtool command error.
1.4-rolling-20220418
Issue is still not fixed
c-po changed the status of T4370: vxlan: geneve: support configuration of df bit option from Open to In progress.
Adding logs. dhcpv6 configured for interfaces eth0 and eth3. Depending which starts first, the other one fails and gives "unexpected interface":
At least dhcpv6 address assign correctly, VyOS 1.4-rolling-202204162001
set interfaces ethernet eth2 address 'dhcp' set interfaces ethernet eth2 address 'dhcpv6' set interfaces ethernet eth3 address 'dhcp' set interfaces ethernet eth3 address 'dhcpv6'
Show interfaces:
vyos@vyos:~$ show int
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address S/L Description
--------- ---------- --- -----------
eth0 - u/u
eth1 - u/u
eth2 100.64.20.21/24 u/u WAN01
2001:db8:23::934f/128
eth3 100.64.30.21/24 u/u WAN02
2001:db8::934f/128In dhcpdv6.conf I have added the following to support Cisco VoIP phone provisioning over IPv6:
It was a lot of issues with it in openvpn.
So we decide to avoid to use raw options
Let us know which options do you need?
Viacheslav added a comment to T4344: DHCP statistics not matching, conf-mode generates incorrect pool name with dash.
udpate PR for 1.3 https://github.com/vyos/vyos-1x/pull/1288
c-po added a comment to T4369: OpenVPN: daemon not restarted on changes to "openvpn-option" CLI node.
PR for 1.3: https://github.com/vyos/vyos-1x/pull/1308
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1286
c-po moved T4366: geneve: interface is removed on changes to e.g. description from Need Triage to In Progress on the VyOS 1.3 Equuleus (1.3.2) board.
c-po changed Is it a breaking change? from compatible to syntax on T4257: Discussion on changing BGP autonomous system number syntax.
I would like to call it system-as(n)
c-po changed the status of T4368: bgp: AS specified for local as is the same as the remote as and this is not allowed. from Open to In progress.
Apr 17 2022
Apr 17 2022
Unknown Object (User) added a comment to T4348: Site access denied.
Of course. This restriction comes from the communication providers. Through (VPN) - everything works well.
Apr 16 2022
Apr 16 2022
c-po moved T4366: geneve: interface is removed on changes to e.g. description from Need Triage to Finished on the VyOS 1.4 Sagitta board.
c-po edited projects for T4366: geneve: interface is removed on changes to e.g. description, added: VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.
Apr 15 2022
Apr 15 2022
c-po renamed T4364: salt-minion: Upgrade to 3004 and migrate to get_config_dict() from salt-minion: migrate to get_config_dict() to salt-minion: Upgrade to 3004 and migrate to get_config_dict().
c-po updated the task description for T4364: salt-minion: Upgrade to 3004 and migrate to get_config_dict().
c-po moved T4363: salt-minion: default mine_interval option is not set from Need Triage to In Progress on the VyOS 1.3 Equuleus (1.3.2) board.
c-po moved T4363: salt-minion: default mine_interval option is not set from Need Triage to Finished on the VyOS 1.4 Sagitta board.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1284
c-po lowered the priority of T4363: salt-minion: default mine_interval option is not set from Normal to Low.
c-po renamed T4363: salt-minion: default mine_interval option is not set from salt-minion: mine_interval option is not set to salt-minion: default mine_interval option is not set.
c-po changed the status of T4363: salt-minion: default mine_interval option is not set from Open to In progress.
jestabro changed the status of T4361: `vyos.config.exists()` does not work for nodes with multiple values from Open to Backport candidate.