@Viacheslav can you see what auth modes supported by keepalive
also I think we don't need to configure both
- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Feb 22 2023
Feb 22 2023
sarthurdev changed the status of T5023: PKI commit fails to update dependents from Open to In progress.
GitHub <noreply@github.com> committed rVYOSONEX8dc1eece6712: Merge pull request #1839 from sarthurdev/ipsec (authored by c-po).
Feb 21 2023
Feb 21 2023
sarthurdev changed the status of T5003: Upgrade base system to Debian 12 "Bookworm" from In progress to Needs testing.
Builds completing. ISO worker on Jenkins should be fixed and pushing new rolling images shortly.
Viacheslav closed T5020: Extend openvpn.py op-mode to get a list of configured clients, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, as Resolved.
GitHub <noreply@github.com> committed rVYOSONEX0a36a0306a45: Merge pull request #1835 from sever-sever/T5020 (authored by c-po).
Also bug with ifb interface
vyos@r14# set interfaces input ifb0 [edit] vyos@r14# set interfaces ethernet eth0 redirect 'ifb0'
Viacheslav changed the status of T5007: Interface multicast setting is invalid from Open to Needs testing.
GitHub <noreply@github.com> committed rVYOSONEX4c6860d259cf: Merge pull request #1834 from sever-sever/T5007 (authored by c-po).
marc_s added a comment to T4978: KeyError: 'memory' container_config['memory'] on upgrading to 1.4-rolling-202302041536.
Thanks @Viacheslav https://github.com/vyos/vyos-1x/pull/1838 fixed it for me.
Viacheslav added a comment to T4978: KeyError: 'memory' container_config['memory'] on upgrading to 1.4-rolling-202302041536.
Cherry-pick for 1.3.3 https://github.com/vyos/vyos-1x/pull/1838
GitHub <noreply@github.com> committed rVYOSONEXb16d8769e2cf: Merge pull request #1837 from sever-sever/T4978 (authored by c-po).
krox2 closed T5021: IPsec SA is closed before negotiating a new one or it is negotiated on every second if big life-time is set in swanctl.conf as Resolved.
it's fixed already in vyos/vyos-build#293 (although in a different way), just downloaded the newest image and tested it. I'm closing this ticket, apologies for the noise.
Viacheslav added a comment to T4978: KeyError: 'memory' container_config['memory'] on upgrading to 1.4-rolling-202302041536.
The thing is we have default values (for example memory) only for the first container:
##################################################
{'name': {'multitool': {'description': 'Network multitool container',
'image': 'wbitt/network-multitool:fedora',
'memory': '512',
'network': {'cntr-net': {}},
'port': {'http': {'destination': '80',
'protocol': 'tcp',
'source': '80'}},
'restart': 'on-failure',
'shared_memory': '64'},
'nrpe': {'allow_host_networks': {},
'image': 'incitem/almalinux9:nrpe',
'protocol': 'tcp'},
'radius': {'allow_host_networks': {},
'image': 'dchidell/radius-web',
'protocol': 'tcp',
'volume': {'clients': {'destination': '/etc/raddb/clients.conf',
'mode': 'rw',
'source': '/config/containers/radius/clients'},
'users': {'destination': '/etc/raddb/users',
'mode': 'rw',
'source': '/config/containers/radius/users'}}}},
'network': {'cntr-net': {'description': 'VyOS Container Network',
'prefix': ['172.253.253.0/24']}},
'registry': ['docker.io', 'quay.io']}
##################################################pratik.g added a comment to T4852: pppoe - static default route deleted automatically with default-route none option.
@Viacheslav Its working fine on latest vyos image. Thanks for support.
Feb 20 2023
Feb 20 2023
marc_s added a comment to T4978: KeyError: 'memory' container_config['memory'] on upgrading to 1.4-rolling-202302041536.
Same problem here, on 1.3:
Viacheslav renamed T5020: Extend openvpn.py op-mode to get a list of configured clients from Extend openvpn.py op-mode to get list of configured clients to Extend openvpn.py op-mode to get a list of configured clients.
Viacheslav changed Version from - to 1.4 on T5020: Extend openvpn.py op-mode to get a list of configured clients.
Viacheslav renamed T5020: Extend openvpn.py op-mode to get a list of configured clients from Extend openvpn.py op-mode to get number of configured clients to Extend openvpn.py op-mode to get list of configured clients.
a.apostoliuk changed the status of T5008: MACsec CKN of 32 chars is not allowed in CLI, but works fine from In progress to Needs testing.
Viacheslav changed the status of T5020: Extend openvpn.py op-mode to get a list of configured clients, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, from Open to In progress.
Viacheslav changed the status of T5020: Extend openvpn.py op-mode to get a list of configured clients from Open to In progress.
Viacheslav added a project to T5011: Some interface drivers don't support min_mtu and max_mtu and verify_mtu check should be skipped: VyOS 1.3 Equuleus (1.3.3).
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1833
Feb 19 2023
Feb 19 2023
@c-po confirmed fixed, thank you.
Feb 18 2023
Feb 18 2023
GitHub <noreply@github.com> committed rVYOSONEX75c741d5d4fc: Merge pull request #1831 from nicolas-fort/T4886-add-cero-matcher (authored by c-po).
c-po moved T5017: Bug with validator interface-name from Finished to In Progress on the VyOS 1.3 Equuleus (1.3.3) board.
c-po moved T5017: Bug with validator interface-name from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.3) board.
GitHub <noreply@github.com> committed rVYOSONEX1e0db9ac6e8b: Merge pull request #1830 from sever-sever/T5011 (authored by c-po).
A 2nd proposal could be:
n.fort changed Version from - to vyos-1.4-rolling-202302150317 on T5016: Policy Route - Add load balancer capabilities.
When internal hosts are behind NAT, this is working as expected, because of conntrack.
Viacheslav changed the status of T5015: Invalid format character error at hfsc class settings help text from Open to Needs testing.
Without a hash, it can be useless.
For example, the client initiates a TCP session:
- SYN is forwarded from the client to 10.0.0.7
- 10.0.0.7 responds with SYN/ACK to the client
- client sends ACK, which is forwarded to 10.0.0.2
Viacheslav updated the task description for T5013: Extend accelppp.py op-mode to get subnet start stop info from config.
Feb 17 2023
Feb 17 2023
GitHub <noreply@github.com> committed rVYOSONEXb4d25eafdba1: Merge pull request #1828 from rayzilt/fix-qos-classes-printf-help (authored by c-po).
rayzilt updated the task description for T5015: Invalid format character error at hfsc class settings help text.
n.fort renamed T4984: Firewall add mark for outgoing packets from Firewall add mark for ougoing packets to Firewall add mark for outgoing packets.
Viacheslav changed the status of T5005: Skip user authentication for PPPoE Server with noauth option from Open to Needs testing.
n.fort changed Version from - to vyos-1.4-rolling-202302150317 on T5014: Destination NAT - Add Load Balancing capabilities.
v.huti changed the status of T4180: Support for QoS Policy Propagation via BGP (QPPB) from Open to Needs testing.
I cannot attach the rest of the artifacts due to size limits.
Publishing them on git instead: https://github.com/volodymyrhuti/QPPB_docs
Intro
========================================================================================================= The QoS Policy Propagation via BGP feature allows you to classify packets by IP precedence based on the Border Gateway Protocol (BGP) community lists, BGP autonomous system paths, access lists, thus helping to classify based on the destination instead of source address.
GitHub <noreply@github.com> committed rVYOSONEX1079e10a7e1d: Merge pull request #1826 from aapostoliuk/T5008-sagitta (authored by c-po).
Viacheslav changed the status of T5013: Extend accelppp.py op-mode to get subnet start stop info from config, a subtask of T4564: Root task for rewriting [op-mode] to vyos.opmode format, from Open to In progress.
Viacheslav changed the status of T5013: Extend accelppp.py op-mode to get subnet start stop info from config from Open to In progress.
GitHub <noreply@github.com> committed rVYOSONEXd9bbea6c3641: Merge pull request #1827 from sever-sever/T5005 (authored by c-po).
PR https://github.com/vyos/vyos-1x/pull/1827
set service pppoe-server authentication mode 'noauth' set service pppoe-server client-ip-pool name foo gateway-address '192.0.2.1' set service pppoe-server client-ip-pool name foo subnet '192.0.2.0/24' set service pppoe-server interface eth1
Check
vyos@r14# cat /run/accel-pppd/pppoe.conf | grep "\[auth" -A 2 [auth] noauth=1
Thanks for clarification @b-
This isn’t specific to WANs at all, no! I am using it for a WAN, so some of my comments reflect that, but really this is just a generic hook for any DHCP interface.
@b- Im not sure 100% sure whats happening, as I am not a developer... I saw your code samples and PR in git...
Feb 16 2023
Feb 16 2023
Viacheslav updated the task description for T5011: Some interface drivers don't support min_mtu and max_mtu and verify_mtu check should be skipped.
zsdc changed the status of T5012: Control network configuration from Cloud-Init config from Open to In progress.
GitHub <noreply@github.com> committed rVYOSONEX1f7d9af565a8: Merge pull request #1824 from sever-sever/T4971-eq (authored by dmbaturin).