@ammmze That PR is merged, so will be in the next rolling. Kindly let me know of any remaining or other issues you see. I'll add autocannon to my common tests; thanks again for that tip.
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Feb 15 2023
Feb 15 2023
GitHub <noreply@github.com> committed rVYOSONEXc8a6b4cf2efe: Merge pull request #1817 from sarthurdev/bookworm (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEXa48940a943d2: Merge pull request #1811 from jestabro/udiff (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX63dfe01db5fb: Merge pull request #1821 from sarthurdev/ipsec (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEXc4d26a3aaca6: Merge pull request #1822 from sever-sever/T4971 (authored by c-po).
jestabro changed the status of T5006: Http api segfault with concurrent requests from In progress to Needs testing.
GitHub <noreply@github.com> committed rVYOSONEXd530c0363df1: Merge pull request #1823 from jestabro/api-async (authored by Viacheslav).
In T4971#142523, @fernandolcx wrote:service { + pppoe-server { + authentication { + mode radius + radius { + server 172.31.255.2 { + key 123456 + } + } + } + interface eth1 { + } + } }when I commit, throws me:
Traceback (most recent call last): File "/usr/libexec/vyos/conf_mode/service_pppoe-server.py", line 114, in <module> verify(c) File "/usr/libexec/vyos/conf_mode/service_pppoe-server.py", line 60, in verify verify_accel_ppp_base_service(pppoe) File "/usr/lib/python3/dist-packages/vyos/configverify.py", line 424, in verify_accel_ppp_base_service for _, v in config['client_ip_pool']['name'].items(): KeyError: 'client_ip_pool'
a.apostoliuk changed the status of T5008: MACsec CKN of 32 chars is not allowed in CLI, but works fine from Open to In progress.
n.fort changed the status of T5009: op-mode command: restart dhcp relay-agent not working from In progress to Needs testing.
Viacheslav added a comment to T4943: Radius SSH login displays "permission denied" on 1.4 rolling release.
Some debugging, the authentication with user vyosunpriv
set protocols bgp address-family l2vpn-evpn vni 100070 route-target both 70:100070
Should return an error, as this is not implemented.
I was wrong. NOT 6 CHILSD_SAs on one tunnel.
6 IKE SAs on one configured tunnel.
I met 2 issues after the last commit.
My config:
a.apostoliuk moved T4993: Can't delete conntrack ignore rule from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.3) board.
a.apostoliuk moved T4993: Can't delete conntrack ignore rule from Finished to 1.3.3 on the VyOS 1.3 Equuleus board.
a.apostoliuk moved T4993: Can't delete conntrack ignore rule from 1.3.3 to Finished on the VyOS 1.3 Equuleus board.
Viacheslav edited projects for T5009: op-mode command: restart dhcp relay-agent not working, added: VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus.
a.apostoliuk changed the status of T4985: reset vpn ipsec-peer command with peer name does not work from In progress to Needs testing.
Viacheslav triaged T4992: Incorrect check is_local_address for bgp neighbor with option ip_nonlocal_bind set as High priority.
Awesome, I am glad to hear the provided info was helpful! Thank you for the quick investigation and explanation.
Feb 14 2023
Feb 14 2023
GitHub <noreply@github.com> committed rVYOSONEXbf99fd112254: Merge pull request #1818 from c-po/equuleus (authored by dmbaturin).
GitHub <noreply@github.com> committed rVYOSONEX9538a74382ff: Merge pull request #1820 from nicolas-fort/T5009-restart-relay (authored by dmbaturin).
jestabro changed the status of T5006: Http api segfault with concurrent requests from Open to In progress.
Again, thanks for the detailed reproducer; that made investigation straightforward. This appears to be simply an 'async' issue for FastAPI, the underlying web framework for vyos-http-api. FastAPI is very good at managing red/blue issues automatically, but in this case we need to explicitly annotate the endpoint method with async: an explicit lock does not appear necessary, though I will need to confirm. I'll provide a PR shortly. Thanks again !
n.fort changed the status of T5009: op-mode command: restart dhcp relay-agent not working from Confirmed to In progress.
n.fort added a comment to T5004: DHCP-Relay potential bug. Static configurations of DHCP-Relay Interfaces.
Thanks Keving: https://vyos.dev/T5009
n.fort changed the status of T5009: op-mode command: restart dhcp relay-agent not working from Open to Confirmed.
Error still present in 1.4: https://vyos.dev/T5004
kevin.roberts.sealingtech added a comment to T5004: DHCP-Relay potential bug. Static configurations of DHCP-Relay Interfaces.
FYI When I was troubleshooting I used:
n.fort added a comment to T5004: DHCP-Relay potential bug. Static configurations of DHCP-Relay Interfaces.
In Both version, restarting relay service solved the issue:
GitHub <noreply@github.com> committed rVYOSONEXbfbc88defa84: Merge pull request #1819 from aapostoliuk/T4985-sagitta (authored by c-po).
zsdc changed the status of T4992: Incorrect check is_local_address for bgp neighbor with option ip_nonlocal_bind set from Confirmed to In progress.
PR with a fix: https://github.com/vyos/vyatta-cfg/pull/61
n.fort changed Version from VyOS LTS 1.3.2 to VyOS LTS 1.3.2 - vyos-1.4-rolling-202302140317 on T5004: DHCP-Relay potential bug. Static configurations of DHCP-Relay Interfaces.
n.fort changed the status of T5004: DHCP-Relay potential bug. Static configurations of DHCP-Relay Interfaces from Open to Confirmed.
n.fort added a comment to T5004: DHCP-Relay potential bug. Static configurations of DHCP-Relay Interfaces.
I can confirm this behavior, which occurs when changing IP address on listening interface (where dhcp-discover is captured).
Issue present in 1.3.2 .
It's also present in latest vyos-1.4-rolling-202302140317, regardless if old interface syntax is used, or if new upstream-interfces plus listen-interface commands are used.
@ammmze Thanks for the detailed report; allow me to investigate.
anon3fe35 added a comment to T4978: KeyError: 'memory' container_config['memory'] on upgrading to 1.4-rolling-202302041536.
Here's the commands I ran for node-exporter:
https://github.com/FRRouting/frr/pull/12364
riw777 merged commit 91b6db4 into FRRouting:master Feb 14, 2023
a.apostoliuk moved T4968: VPN IPsec check dpd and close action for empty values from Open to Finished on the VyOS 1.4 Sagitta board.
a.apostoliuk changed the status of T4968: VPN IPsec check dpd and close action for empty values from Open to Needs testing.
a.apostoliuk changed the status of T4985: reset vpn ipsec-peer command with peer name does not work from Open to In progress.
You can either run both address-families through one tunnel
Is there any kind of ETA on this? It hasn't moved in a few months, and it is preventing me from being able to upgrade. I understand this probably isn't a huge priority, but an ETA would be nice.
Feb 13 2023
Feb 13 2023
kevin.roberts.sealingtech added a comment to T5004: DHCP-Relay potential bug. Static configurations of DHCP-Relay Interfaces.
In T5004#142577, @n.fort wrote:Can you provide this configuration on both setups:
show config comm | grep relay # And route to relay server show ip route <relay_server>
n.fort added a comment to T5004: DHCP-Relay potential bug. Static configurations of DHCP-Relay Interfaces.
Can you provide this configuration on both setups:
GitHub <noreply@github.com> committed rVYOSONEX3d12327f39b9: Merge pull request #1816 from aapostoliuk/T4968-sagitta (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX5e56daaff4ec: Merge pull request #1813 from sever-sever/T4971-eq (authored by c-po).
n.fort changed the status of T4153: Monitor bandwidth-test initiate not working from Unknown Status to Resolved.
Then lets close it
n.fort added a comment to T4376: DNAT with multiwan and policy routing, incoming connections only work on primary interface.
I have prepared a configuration example using one of the latest 1.4 images, where more features were introduced.
Scenario and requirements:
- One vyos router
- 3 Uplinks to internet (eth0, eth1 and eth2). Static IP used on three links
- 2 VLANs
- vif 2: + New Connections from vif-2 routed through WAN-2 + Server on vif 2 should accept ssh connections from internet, through dnat on 3 WAN interfaces (outside port 122)
- vif 4: + NewConnections from vif-24routed through WAN-2 + Server on vif 4 should accept ssh connections from internet, through dnat on 3 WAN interfaces (outside port 222)
GitHub <noreply@github.com> committed rVYOSONEX9c481b00cae8: Merge pull request #1812 from sever-sever/T1993-eq (authored by dmbaturin).
GitHub <noreply@github.com> committed rVYOSONEXe7d80294ca5a: Merge pull request #1815 from c-po/equuleus (authored by dmbaturin).
Don't see any issue with 1.3
vyos@r1:~$ monitor bandwidth-test initiate 192.168.122.14 ------------------------------------------------------------ Client connecting to 192.168.122.14, TCP port 5001 TCP window size: 85.0 KByte (default) ------------------------------------------------------------ [ 3] local 192.168.122.11 port 58042 connected with 192.168.122.14 port 5001 [ ID] Interval Transfer Bandwidth [ 3] 0.0-10.0 sec 6.37 GBytes 5.47 Gbits/sec vyos@r1:~$ vyos@r1:~$ show version
a.apostoliuk changed the status of T4993: Can't delete conntrack ignore rule from In progress to Needs testing.
Everything works on version 1.4
a.apostoliuk closed T4905: Convert show nhrp tunnel to tabulate format, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, as Resolved.
a.apostoliuk moved T4905: Convert show nhrp tunnel to tabulate format from Open to Finished on the VyOS 1.4 Sagitta board.
a.apostoliuk changed the status of T4905: Convert show nhrp tunnel to tabulate format, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, from In progress to Needs testing.
a.apostoliuk changed the status of T4905: Convert show nhrp tunnel to tabulate format from In progress to Needs testing.