- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Dec 22 2023
Also I found this log
It binds port 647
set interfaces dummy dum8765 address '192.0.2.1/24'
After update it cannot pass the smoketest
vyos@r4:~$ /usr/libexec/vyos/tests/smoke/cli/test_service_dhcp-server.py test_dhcp_exclude_in_range (__main__.TestServiceDHCPServer.test_dhcp_exclude_in_range) ... ok test_dhcp_exclude_not_in_range (__main__.TestServiceDHCPServer.test_dhcp_exclude_not_in_range) ... ok test_dhcp_failover (__main__.TestServiceDHCPServer.test_dhcp_failover) ... FAIL test_dhcp_multiple_pools (__main__.TestServiceDHCPServer.test_dhcp_multiple_pools) ... ok test_dhcp_relay_server (__main__.TestServiceDHCPServer.test_dhcp_relay_server) ... ok test_dhcp_single_pool_options (__main__.TestServiceDHCPServer.test_dhcp_single_pool_options) ... ok test_dhcp_single_pool_range (__main__.TestServiceDHCPServer.test_dhcp_single_pool_range) ... ok test_dhcp_single_pool_static_mapping (__main__.TestServiceDHCPServer.test_dhcp_single_pool_static_mapping) ... ok
Cannot pass smoketest
vyos@r4:~$ /usr/libexec/vyos/tests/smoke/cli/test_service_dhcp-server.py test_dhcp_exclude_in_range (__main__.TestServiceDHCPServer.test_dhcp_exclude_in_range) ... ok test_dhcp_exclude_not_in_range (__main__.TestServiceDHCPServer.test_dhcp_exclude_not_in_range) ... ok test_dhcp_failover (__main__.TestServiceDHCPServer.test_dhcp_failover) ... FAIL test_dhcp_multiple_pools (__main__.TestServiceDHCPServer.test_dhcp_multiple_pools) ... ok test_dhcp_relay_server (__main__.TestServiceDHCPServer.test_dhcp_relay_server) ... ok test_dhcp_single_pool_options (__main__.TestServiceDHCPServer.test_dhcp_single_pool_options) ... ok test_dhcp_single_pool_range (__main__.TestServiceDHCPServer.test_dhcp_single_pool_range) ... ok test_dhcp_single_pool_static_mapping (__main__.TestServiceDHCPServer.test_dhcp_single_pool_static_mapping) ... ok
if you are running the netfilter implementation, I think the iptables mangle is handled automatically.(I verified this by changing my Jool to netfilter and removed these lines below:
ip6tables -t mangle -A PREROUTING --destination 64:ff9b::/96 -j JOOL --instance default iptables -t mangle -A PREROUTING --destination 172.21.8.202 -p tcp --dport 1:65535 -j JOOL --instance default iptables -t mangle -A PREROUTING --destination 172.21.8.202 -p udp --dport 1:65535 -j JOOL --instance default iptables -t mangle -A PREROUTING --destination 172.21.8.202 -p icmp -j JOOL --instance default
I stil haven't tried nat64, but quick config example, for nat64 for single ipv6 address is not allowed by our cli:
Sure, I will do that and report here the outcome.
@danielpo marking IPv6 packet is possible
set policy route6 PBR6 interface 'eth1' set policy route6 PBR6 rule 100 set mark '4' set policy route6 PBR6 rule 100 source address '2001:db8::/64'
Confirmed working properly in 1.4.0-rc1
Some users have issues https://forum.vyos.io/t/grub-menu-fails-to-load-on-serial-only-devices-with-no-kvm/
@giuavo , can you please test in latest rolling release
Dec 21 2023
@Viacheslav
First of all, thanks for the failover feature!
If you have enough time, please take a look at this bugreport.
This would be a useful feature to have.
All good from my side! Just did quick test and it seems to work as expected. Thanks @n.fort
Is it possible to add support for policy routing?
Not reproduced in 1.3.5
vyos@r1# set service https vrf foo [edit] vyos@r1# commit [edit] vyos@r1# del service https vrf foo [edit] vyos@r1# commit [edit] vyos@r1# curl -k --location --request POST 'https://localhost/retrieve' --form data='{"op": "showConfig", "path": ["system", "ip"]}' --form key='foo' {"success": true, "data": {"arp": {"table-size": "32768"}}, "error": null}[edit] vyos@r1# [edit] vyos@r1# run show ver
@SrividyaA could you re-check and close it?
@zsdc Can we backport it?
It won't be implemented for 1.3.x due to old backend
Implemented in 1.4-1.5 T5248
Implemented
vyos@r1# set system option root-partition-auto-resize [edit] vyos@r1# run show ver
Configuration shared seems to work correctly on latest version:
You can use policy local-route to archive your goals
There is no way to use eth1v1 for the policy route (rewritten for 1.4/1.5)
Fixed
vyos@r1# set interfaces ethernet eth2 description foo [edit] vyos@r1# set interfaces ethernet eth2 mtu 1200 [edit] vyos@r1# commit [ interfaces ethernet eth2 ] link-local IPv6 address will be configured on interface "eth2", the required minimum MTU is 1280!
Close it, as it is not bug/feature
@zsdc Can we close it?
Fq_codel was added for 1.4/1.5 in T5489
Not planning to do it for 1.3 now
Not sure if Jool supports it.
As I understand, it is better to have a separate address for translations, otherwise, you should define ports for 64 translations. If you set 1-65535 for the "main" address, you will lose connections and can't use those ports for the system (they will be available only for translations)
Jool uses its own bib table instead of conntrack to manage nat mappings.
So you should add a separate pool only for translations.
Dec 20 2023
Is it possible to add a feature of setting the translation pool address to follow an interface IP address similar to nat44's source masquerade for those with dynamic public IPv4 addresses?
@w4 could you provide some links or retest? Which patches?
The bug is not clear.
Should be fixed in T5817
Could you re-check?
Done for 1.4/1.5 https://github.com/vyos/vyos-1x/tree/current/python/vyos/utils
It won't be implemented for 1.3 as we risk breaking something.
I finally got a chance to dive into this some more.
PR for 1.5: https://github.com/vyos/vyos-build/pull/476
Also while at it, the smoketests regarding UPnP should probably be updated by this task aswell since they claim everything is OK: