Best suggestion seems to be introducing a script to call podman stop -t N on shutdown/reboot to reduce the timeout before SIGKILL is sent.
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Oct 28 2022
Oct 28 2022
GitHub <noreply@github.com> committed rVYOSONEX5f26d80a262d: Merge pull request #1625 from dmbaturin/op-mode-normalize-nonstring-fields (authored by jestabro).
sarthurdev added a comment to T3903: Containers: after command "reboot" the host system will reboot after 1.5 minutes.
Viacheslav changed the status of T4771: Rewrite protocol BGP op-mode to vyos.opmode format, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, from Open to In progress.
Viacheslav changed the status of T4771: Rewrite protocol BGP op-mode to vyos.opmode format from Open to In progress.
c-po changed the status of T4177: Strip-private doesn't work for service monitoring from Resolved to Unknown Status.
zsdc added a comment to T1875: Add the ability to use network address as BGP neighbor (bgp listen range).
Backported in https://github.com/vyos/vyatta-cfg-quagga/pull/97
rherold added a comment to T1797: Implement DPDK Fast-Path using FRR's Alternate Forwarding Planes and VPP.
Is there some progress? VPP is available for AArch64 in meantime.
Here some news about VPP performance:
Oct 27 2022
Oct 27 2022
sarthurdev changed the status of T4774: Disallow duplicate pubkey on peers of a wireguard interface from Open to In progress.
GitHub <noreply@github.com> committed rVYOSONEXea8d4ae32505: Merge pull request #1620 from jestabro/ipsec_show_sa (authored by jestabro).
jestabro triaged T4778: Raise error UnconfiguredSubsystem if op-mode ipsec.py fails initialization as Normal priority.
Viacheslav closed T4762: Show nat rules with empty rules incorrect error, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, as Resolved.
Viacheslav closed T4763: Change XML for Show nat destination statistics, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, as Resolved.
GitHub <noreply@github.com> committed rVYOSONEXc65931f338f4: Merge pull request #1606 from sever-sever/T4762 (authored by dmbaturin).
zsdc changed the status of T4776: NVME storage is not detected properly during installation from Open to In progress.
Viacheslav changed the subtype of T4774: Disallow duplicate pubkey on peers of a wireguard interface from "Task" to "Bug".
Unknown Object (User) created T4775: A new command for Interfaces debugging.
Oct 26 2022
Oct 26 2022
GitHub <noreply@github.com> committed rVYOSONEXa61e1a78fe11: Merge pull request #1618 from sarthurdev/T4764 (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX2e3e25514004: Merge pull request #1617 from jestabro/camel_to_snake_case (authored by jestabro).
Oct 25 2022
Oct 25 2022
sarthurdev changed the status of T4764: NAT tables vyos_nat and vyos_static_nat not deleting after deleting nat from In progress to Needs testing.
GitHub <noreply@github.com> committed rVYOSONEX1265b15ffc8b: Merge pull request #1613 from jestabro/graphql-hybrid-auth (authored by jestabro).
Viacheslav closed T4720: Ability to configure SSH HostKeyAlgorithms, a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, as Resolved.
sarthurdev changed the status of T4764: NAT tables vyos_nat and vyos_static_nat not deleting after deleting nat from Open to In progress.
Oct 24 2022
Oct 24 2022
GitHub <noreply@github.com> committed rVYOSONEXec82d6082850: Merge pull request #1614 from jestabro/op-mode-route-output (authored by jestabro).
jestabro triaged T4772: Return list of dicts in 'raw' output of route.py instead of dict with redundant information as Normal priority.
A simple work around could be to trigger a podman start command when a restart container $CONTAINER_NAME is entered. If the pod isnt already running or in a stopped state, it will look at the config and start it up.
Oct 23 2022
Oct 23 2022
Viacheslav closed T3723: op-mode IPSec show vpn ipsec sa output with underscores, a subtask of T2816: Rewrite IPsec scripts with the new XML/Python approach, as Resolved.
Any update on this, since it's been more than 2 years since the initial request? This would indeed be very useful for hairpin NAT. It it complicated to implement?
I think this should be re-opened. The solution that is documented does not follow the spirit of hairpin NAT, which is that traffic on port N not actually destined to the inside target should not be redirected.
Oct 21 2022
Oct 21 2022
Unknown Object (User) added a comment to T4767: replace sh to Python (generate_ipsec_debug_archive.sh).
create with ansible <daniil@vyos.io> committed rVYOSONEXb6d2e0a4b08c: T4765: support list and primitives in op mode output normalization.
GitHub <noreply@github.com> committed rVYOSONEXf157aea8c7dd: Merge pull request #1611 from dmbaturin/field-normalization-2 (authored by jestabro).
GitHub <noreply@github.com> committed rVYOSONEXeeb7810f4240: Merge pull request #1610 from jestabro/migrate-graphql (authored by jestabro).
jestabro changed the status of T4768: Change name of api child node from 'gql' to 'graphql' from Open to In progress.
a.apostoliuk changed the status of T4496: ping vrf help does not list VRFs from Open to In progress.
Viacheslav changed the status of T4767: replace sh to Python (generate_ipsec_debug_archive.sh) from Open to In progress.
@Nova_Logic As a workaround can you try the following configuration, this should ensure the behaviour you're after:
policy {
local-route {
rule 1 {
fwmark 201
inbound-interface eth0
set {
table 201
}
}
rule 2 {
fwmark 202
inbound-interface eth0
set {
table 202
}
}
rule 3 {
fwmark 203
inbound-interface eth0
set {
table 203
}
}
}
}I had a closer look at this, the commits here and here should have brought this back from the dead but there is a small issue where the table "ip nat" is used when at the same time all of the nat related chains were refactored into the vyos_nat table. The normal functionality of WLB isn't affected because the mangle table isn't changed.
@thetooth but according to current docs that exactly what is documented in docs: https://docs.vyos.io/en/equuleus/configuration/loadbalancing/index.html
a.apostoliuk moved T4660: Reorganize route map set community CLI from Open to Finished on the VyOS 1.4 Sagitta board.
a.apostoliuk moved T4492: Incorrect list of neighbors in help for "show bgp vrf VRF neighbors" from Open to Finished on the VyOS 1.4 Sagitta board.
Unknown Object (User) assigned T4767: replace sh to Python (generate_ipsec_debug_archive.sh) to Viacheslav.
Unknown Object (User) created T4767: replace sh to Python (generate_ipsec_debug_archive.sh).
Oct 20 2022
Oct 20 2022
GitHub <noreply@github.com> committed rVYOSONEXc8dbd6ce6cd4: Merge pull request #1608 from jestabro/T4765 (authored by dmbaturin).
GitHub <noreply@github.com> committed rVYOSONEX66fb698a106e: Merge pull request #1607 from dmbaturin/op-mode-field-normalization (authored by jestabro).
Also, it can be wildcard-address
@Rain Could you create a PR?
Viacheslav changed the status of T4720: Ability to configure SSH HostKeyAlgorithms, a subtask of T4712: Collaborative Protection Profile cPP for Network Devices root task, from In progress to Needs testing.
Viacheslav changed the status of T4720: Ability to configure SSH HostKeyAlgorithms from In progress to Needs testing.