- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed Search
Jul 12 2022
Jul 12 2022
Viacheslav changed the status of T4527: Prevent to create VRF name default from Open to In progress.
Jul 11 2022
Jul 11 2022
Viacheslav added a comment to T1311: WAN load-balancing can't flush connections when conntrack-sync is enabled.
Jul 11 2022, 3:11 PM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
Viacheslav added a project to T1311: WAN load-balancing can't flush connections when conntrack-sync is enabled: VyOS 1.4 Sagitta.
Jul 11 2022, 2:58 PM · VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
Viacheslav changed Version from VyOS 1.4-rolling-202207111030 to VyOS 1.4-rolling-202207111030, VyOS 1.3-stable-202207110427 on T4525: Delete interface from VRF and add it to bonding error.
Similar task T3810 points 5, 8
Viacheslav added a comment to T4523: OP-mode Extend conntrack output to get marks, zones and directions.
PR https://github.com/vyos/vyos-1x/pull/1407
vyos@r14# run show conntrack table ipv4 Id Original src Original dst Reply src Reply dst Protocol State Timeout Mark Zone ---------- ------------------- ----------------- ----------------- ------------------- ---------- ----------- --------- ------ ------ 3529842617 192.168.122.1:53508 192.168.122.14:22 192.168.122.14:22 192.168.122.1:53508 tcp ESTABLISHED 431999 0 4102830655 192.0.2.10 1.0.0.1 1.0.0.1 192.168.122.14 icmp 18 0 59651 179791316 192.0.2.10 1.1.1.1 1.1.1.1 192.168.122.14 icmp 12 0 59651 [edit] vyos@r14#
Viacheslav renamed T4523: OP-mode Extend conntrack output to get marks, zones and directions from OP-mode Extend conntrack output to get marks and zones to OP-mode Extend conntrack output to get marks, zones and directions.
Viacheslav removed a project from T3655: NAT doesn't work correctly with VRF: VyOS 1.3 Equuleus (1.3.0).
Jul 10 2022
Jul 10 2022
The same task T4511
Viacheslav changed the status of T3409: Add back TCP-MSS Clamp to PMTU from Confirmed to Needs testing.
@raphielscape Could you re-test it?
vyos@r14# set interfaces ethernet eth0 ip adjust-mss Possible completions: clamp-mss-to-pmtu Automatically sets the MSS to the proper value <500-65535> TCP Maximum segment size in bytes
Viacheslav closed T3836: Setting a default IPv6 route while getting IPv4 gateway via DHCP removes the IPv4 gateway as Resolved.
Fixed
S>* 0.0.0.0/0 [210/0] via 192.0.2.1, eth1, weight 1, 00:02:31 C>* 192.0.2.0/24 is directly connected, eth1, 00:02:31 C>* 192.168.122.0/24 is directly connected, eth0, 00:04:09
Jul 9 2022
Jul 9 2022
Viacheslav removed a project from T4499: NAT source translation not showing a single output: VyOS 1.3 Equuleus (1.3.2).
Viacheslav moved T4499: NAT source translation not showing a single output from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a project to T4499: NAT source translation not showing a single output: VyOS 1.3 Equuleus (1.3.2).
Viacheslav changed the status of T4508: Problem with values of the same environment in different event handlers from In progress to Needs testing.
Viacheslav changed the status of T4499: NAT source translation not showing a single output from Open to In progress.
Jul 8 2022
Jul 8 2022
Viacheslav added a comment to T4519: DHCPv6: "set show dhcpv6 server leases" should show DUID instead of IAID_DUID.
You can get duid data from python
https://github.com/vyos/vyos-1x/blob/44b1bdd3273dce4e74a5474c401ac7107950635b/src/op_mode/show_dhcpv6.py#L95-L97
Replace format_hex_string(lease.host_identifier_string) to `lease.duid
and lease_display_fields['iaid_duid'] = 'IAID_DUID'
https://github.com/vyos/vyos-1x/blob/44b1bdd3273dce4e74a5474c401ac7107950635b/src/op_mode/show_dhcpv6.py#L44
As we have the 1.3 LTS release (where it is fixed) I propose to close it.
It is a big change for 1.2 that we should avoid.
Viacheslav changed the status of T4518: Add XML for CLI conf mode load-balancing wan , a subtask of T4470: Rewrite load-balancing wan to XML/Python, from Open to In progress.
Viacheslav changed the status of T4518: Add XML for CLI conf mode load-balancing wan from Open to In progress.
Jul 7 2022
Jul 7 2022
Viacheslav changed the status of T4503: Prevent op mode scripts from restarting services if there's a commit in progress from Open to Needs testing.
Output plugins that we use in 1.4
"github.com/influxdata/telegraf/plugins/outputs/azure_data_explorer" "github.com/influxdata/telegraf/plugins/outputs/influxdb_v2" "github.com/influxdata/telegraf/plugins/outputs/prometheus_client" "github.com/influxdata/telegraf/plugins/outputs/http"
Viacheslav updated the task description for T4411: Add migration for service monitoring telegraf influxdb.
Jul 6 2022
Jul 6 2022
Viacheslav changed the status of T4381: OpenVPN: Add "Tunnel IP" column in "show openvpn server" operational command from In progress to Needs testing.
I re-created a new VM and it is Not reproducing
I closed it
Interface virtio
vyos@r1# run show interfaces ethernet eth1 physical
Settings for eth1:
Supported ports: [ ]
Supported link modes: Not reported
Supported pause frame use: No
Supports auto-negotiation: No
Supported FEC modes: Not reported
Advertised link modes: Not reported
Advertised pause frame use: No
Advertised auto-negotiation: No
Advertised FEC modes: Not reported
Speed: Unknown!
Duplex: Unknown! (255)
Port: Other
PHYAD: 0
Transceiver: internal
Auto-negotiation: off
Link detected: yes
Ring parameters for eth1:
Pre-set maximums:
RX: 256
RX Mini: 0
RX Jumbo: 0
TX: 256
Current hardware settings:
RX: 256
RX Mini: 0
RX Jumbo: 0
TX: 256Viacheslav updated subscribers of T3933: The firewall does not filter incoming traffic on the interface with vrf..
In T3933#124952, @sandwichdoge wrote:@Viacheslav I tested your fix in my environment. The inbound filtering worked as expected after the fix. However it did not work correctly for the case we where we want both inbound and outbound firewalls on a single vrf member interface (or any case that has more than 2 directions on the same interface).
table ip filter { chain VYOS_FW_LOCAL { type filter hook input priority filter; policy accept; oifname "ONE" counter packets 63 bytes 6024 jump NAME_FOO # <<< Problem here, oifname should be eth0, not vrf name iifname "ONE" counter packets 63 bytes 6024 jump NAME_FOO jump VYOS_POST_FW } ... chain NAME_FOO { ip saddr 8.8.8.8 counter packets 79 bytes 6636 drop comment "FOO-10" counter packets 3 bytes 984 return comment "FOO default-action accept" } }
Jul 6 2022, 12:47 PM · Bugs, VyOS 1.3 Equuleus (1.3.9), VyOS 1.4 Sagitta (1.4.0-GA), Restricted Project
Viacheslav moved T4513: Webproxy monitor commands do not work from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.2) board.
Viacheslav moved T4513: Webproxy monitor commands do not work from Open to Finished on the VyOS 1.4 Sagitta board.
@a.apostoliuk Could you create PR for 1.3?
Viacheslav edited projects for T4513: Webproxy monitor commands do not work, added: VyOS 1.3 Equuleus (1.3.2); removed VyOS 1.3 Equuleus.
Jul 5 2022
Jul 5 2022
Viacheslav moved T4507: IPoE-server add multiplier option for shaper from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a project to T4507: IPoE-server add multiplier option for shaper: VyOS 1.3 Equuleus (1.3.2).
Viacheslav moved T4373: PPPoE-server add multiplier option for shaper from Open to Finished on the VyOS 1.4 Sagitta board.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1392
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1392
Viacheslav added a project to T4373: PPPoE-server add multiplier option for shaper: VyOS 1.3 Equuleus (1.3.2).
Jul 4 2022
Jul 4 2022
PR https://github.com/vyos/vyos-1x/pull/1389
set service dns forwarding dns64-prefix 2001:db8:aabc::/96
@dsummers Could you provide an example of VyOS configuration and an example of what you add?
Viacheslav changed the status of T4378: Unable to submit wildcard ("*.example.com") A or AAAA records in dns forwarder from Open to Needs testing.
Bug of testing
I tested commit_in_progress instead of commit_in_progress()
Viacheslav closed T3600: DHCP Interface static route breaks PBR, a subtask of T3505: Commits do not respect changes in FRR that are not stored in a config, as Resolved.
Viacheslav moved T4501: Syslog-identifier does not work in event handler from Open to Finished on the VyOS 1.4 Sagitta board.
Jul 3 2022
Jul 3 2022
Viacheslav changed the status of T4507: IPoE-server add multiplier option for shaper from Open to Needs testing.
Jul 2 2022
Jul 2 2022
Viacheslav renamed T4502: Consider implementing (NAT/other) flow table offload from Consider implementing NAT flow table offload to Consider implementing (NAT/other) flow table offload.
Viacheslav updated the task description for T2189: Adding a large port-range will take ~ 20 minutes to commit.
Viacheslav added a project to T4505: Function commit_in_progress works incorrect: VyOS 1.3 Equuleus (1.3.2).
Potentially slow validators:
src/validators/interface-address:ipaddrcheck --is-ipv4-host $1 || ipaddrcheck --is-ipv6-host $1
src/validators/ip-address:ipaddrcheck --is-any-single $1
src/validators/ip-cidr:ipaddrcheck --is-any-cidr $1
src/validators/ip-host:ipaddrcheck --is-any-host $1
src/validators/ip-prefix:ipaddrcheck --is-any-net $1
src/validators/ipv4:ipaddrcheck --is-ipv4 $1
src/validators/ipv4-address:ipaddrcheck --is-ipv4-single $1
src/validators/ipv4-host:ipaddrcheck --is-ipv4-host $1
src/validators/ipv4-multicast:ipaddrcheck --is-ipv4-multicast $1 && ipaddrcheck --is-ipv4-single $1
src/validators/ipv4-prefix:ipaddrcheck --is-ipv4-net $1
src/validators/ipv4-range: ipaddrcheck --is-ipv4-single ${strarr[0]}
src/validators/ipv4-range: ipaddrcheck --is-ipv4-single ${strarr[1]}
src/validators/ipv6:ipaddrcheck --is-ipv6 $1
src/validators/ipv6-address:ipaddrcheck --is-ipv6-single $1
src/validators/ipv6-host:ipaddrcheck --is-ipv6-host $1
src/validators/ipv6-multicast:ipaddrcheck --is-ipv6-multicast $1 && ipaddrcheck --is-ipv6-single $1
src/validators/ipv6-prefix:ipaddrcheck --is-ipv6-net $1