I would like to stage this in a VM if I do try the above as physical access to the router is tough. Does anyone know where I can find a ISO for 1.4-rolling-202212310809. It seems the old s3 endpoint doesn't resolve https://s3.vyos.io/rolling/current/vyos-1.4-rolling-202212310809-amd64.iso

PR 1.3.4 https://github.com/vyos/vyos-1x/pull/2200

Adding vyos-config-debug to the boot cmdline should allow you to log in and will provide some information in /tmp/boot-config-trace. Cf.:
https://docs.vyos.io/en/latest/contributing/debugging.html

I upgraded from 1.4-rolling-202307060317 to 1.4-rolling-202309040919 and the issue mention in this post was resolved. The configuration was migrated. However nothing worked in regards to the firewall, and I am not familiar enough with the new syntax so I cannot, nor do I have time to troubleshoot it right now.

@syncer At first glance, the generated config is correct for VyOS 1.3-stable-202308240442

set protocols igmp interface eth0 join 239.1.2.3 source '192.0.2.1'
set protocols igmp interface eth1 join 239.1.2.3
set protocols igmp interface eth2

Unless there is something wrong with the firewall ruleset in VyOS any malfunctions in the FTP helper itself will mainly be fixed upstream at the Linux kernel or in this particular case the netfilter team:

My config file is https://gist.github.com/anthr76/4b091d952bcd69b1ac8d4c7d08aaaac6

PR: https://github.com/vyos/vyos-1x/pull/2199

PR: https://github.com/vyos/vyos-1x/pull/2199

Disabling all validators for both vyatta-cfg and vyatta-op bring the boot time down to approx 73 seconds.

Modifying node.def (comment out "syntax:expression:") recursively in the paths of:

Moving along in the blamegame I will after a tip try to disable the various validators being runned.

Any updates to this?

That relates would seem reasonable. I'm seeing a similar explosion in commit lag but I have zero static routes. I did change to zone-based firewall and added about 6 vlans. Lines of my config went from ~500 to ~3000. Commit times increased almost linearly.

Can be related: https://vyos.dev/T2431

Continued debugging by also modifying /usr/libexec/vyos/services/vyos-configd by adding:

Attempted some debugging on this issue.

According to https://man7.org/linux/man-pages/man7/capabilities.7.html this capability can load, unload AND delete kernel modules.

https://github.com/vyos/vyos-1x/pull/2197

@Viacheslav, can you backport this to 1.3

PR https://github.com/vyos/vyos-1x/pull/2196

Still occurs for:

PR created: https://github.com/vyos/vyos-build/pull/392

Verified working with VyOS 1.4-rolling-202309030023.

Was missing quotes around the variable within lb_config_tmpl like so:

Some further testing:

Reference to https://jonathancarter.org/2015/04/06/squashfs-performance-testing/ using 1M blocksize will give approx the same readspeed as with default 128k blocksize but result in an even smaller file.

Regarding filesystem.squashfs the changes through changed mksquashfs syntax are:

Was missing quotes around the variable within lb_config_tmpl like so:

The firewall refactoring released 4th aug 2023 only (so far) took care about the documentation in the configuration section:

PR created: https://github.com/vyos/vyos-build/pull/391

PR created: https://github.com/vyos/vyos-build/pull/390

PR389 build failed:

PR created: https://github.com/vyos/vyos-build/pull/389

There was a similar case where it turned out that INPUT/OUTPUT chains for the firewall must be updated to include the stuff VRRP is doing.

Reported in: https://forum.vyos.io/t/error-show-dhcp-lease/12030

See this task instead: https://vyos.dev/T5536

PR https://github.com/vyos/vyos-1x/pull/2193