- Feed Queries
- All Stories
- Search
- Feed Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Dec 22 2023
Dec 22 2023
Viacheslav added a comment to T5850: Wireguard Peer should allow endpoint to be specified by hostname.
Has the interface index changed?
cleopold73 changed Version from - to -1.5-rolling-202312130023 on T5850: Wireguard Peer should allow endpoint to be specified by hostname.
GitHub <noreply@github.com> committed rVYOSONEX4393a2fb0565: Merge pull request #2676 from sever-sever/T5840 (authored by c-po).
Also I found this log
It binds port 647
set interfaces dummy dum8765 address '192.0.2.1/24'
After update it cannot pass the smoketest
vyos@r4:~$ /usr/libexec/vyos/tests/smoke/cli/test_service_dhcp-server.py test_dhcp_exclude_in_range (__main__.TestServiceDHCPServer.test_dhcp_exclude_in_range) ... ok test_dhcp_exclude_not_in_range (__main__.TestServiceDHCPServer.test_dhcp_exclude_not_in_range) ... ok test_dhcp_failover (__main__.TestServiceDHCPServer.test_dhcp_failover) ... FAIL test_dhcp_multiple_pools (__main__.TestServiceDHCPServer.test_dhcp_multiple_pools) ... ok test_dhcp_relay_server (__main__.TestServiceDHCPServer.test_dhcp_relay_server) ... ok test_dhcp_single_pool_options (__main__.TestServiceDHCPServer.test_dhcp_single_pool_options) ... ok test_dhcp_single_pool_range (__main__.TestServiceDHCPServer.test_dhcp_single_pool_range) ... ok test_dhcp_single_pool_static_mapping (__main__.TestServiceDHCPServer.test_dhcp_single_pool_static_mapping) ... ok
Cannot pass smoketest
vyos@r4:~$ /usr/libexec/vyos/tests/smoke/cli/test_service_dhcp-server.py test_dhcp_exclude_in_range (__main__.TestServiceDHCPServer.test_dhcp_exclude_in_range) ... ok test_dhcp_exclude_not_in_range (__main__.TestServiceDHCPServer.test_dhcp_exclude_not_in_range) ... ok test_dhcp_failover (__main__.TestServiceDHCPServer.test_dhcp_failover) ... FAIL test_dhcp_multiple_pools (__main__.TestServiceDHCPServer.test_dhcp_multiple_pools) ... ok test_dhcp_relay_server (__main__.TestServiceDHCPServer.test_dhcp_relay_server) ... ok test_dhcp_single_pool_options (__main__.TestServiceDHCPServer.test_dhcp_single_pool_options) ... ok test_dhcp_single_pool_range (__main__.TestServiceDHCPServer.test_dhcp_single_pool_range) ... ok test_dhcp_single_pool_static_mapping (__main__.TestServiceDHCPServer.test_dhcp_single_pool_static_mapping) ... ok
if you are running the netfilter implementation, I think the iptables mangle is handled automatically.(I verified this by changing my Jool to netfilter and removed these lines below:
ip6tables -t mangle -A PREROUTING --destination 64:ff9b::/96 -j JOOL --instance default iptables -t mangle -A PREROUTING --destination 172.21.8.202 -p tcp --dport 1:65535 -j JOOL --instance default iptables -t mangle -A PREROUTING --destination 172.21.8.202 -p udp --dport 1:65535 -j JOOL --instance default iptables -t mangle -A PREROUTING --destination 172.21.8.202 -p icmp -j JOOL --instance default
I stil haven't tried nat64, but quick config example, for nat64 for single ipv6 address is not allowed by our cli:
Sure, I will do that and report here the outcome.
@danielpo marking IPv6 packet is possible
set policy route6 PBR6 interface 'eth1' set policy route6 PBR6 rule 100 set mark '4' set policy route6 PBR6 rule 100 source address '2001:db8::/64'
Confirmed working properly in 1.4.0-rc1
Some users have issues https://forum.vyos.io/t/grub-menu-fails-to-load-on-serial-only-devices-with-no-kvm/
c-po changed the status of T5849: Add SRv6 route commands, a subtask of T5788: frr: update to 9.1 release, from Open to On hold.
@giuavo , can you please test in latest rolling release
initramfs closed T4760: VyOS does not support running multiple instances of DHCPv6 clients as Resolved.
Dec 21 2023
Dec 21 2023
c-po closed T2898: Support NDP proxy, a subtask of T2518: Add support for IPv6 NAT (NPTv6), as Resolved.
c-po closed T2898: Support NDP proxy, a subtask of T3089: Migrate port mirroring to vyos-1x and support two-way traffic mirroring, as Resolved.
c-po changed the status of T5311: Connection issues packet loss, network down with Intel I225-V and I226 from Open to In progress.
@Viacheslav
First of all, thanks for the failover feature!
If you have enough time, please take a look at this bugreport.
This would be a useful feature to have.
yzguy added a comment to T5676: NAT66 source rule with negation source/destination prefix causes TypeError.
All good from my side! Just did quick test and it seems to work as expected. Thanks @n.fort
GitHub <noreply@github.com> committed rVYOSONEXda86681d04fd: Merge pull request #2675 from c-po/nat66-fix-sagitta (authored by dmbaturin).
Is it possible to add support for policy routing?
GitHub <noreply@github.com> committed rVYOSONEXdfbc854157fa: T5781: use dynamic minisign key list (authored by kylem).
GitHub <noreply@github.com> committed rVYOSONEX04f745123a71: Merge pull request #2673 from vyos/mergify/bp/sagitta/pr-2665 (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEXc9b71b066992: Merge pull request #2674 from vyos/mergify/bp/sagitta/pr-2663 (authored by dmbaturin).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX0ee2f8285c81: srv6: T591: enable SR enabled packet processing on defined interfaces (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX9219b5e2e0f2: vrf: T591: define sysctl setting for net.vrf.strict_mode (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX2df14d0a2b07: Merge pull request #2663 from c-po/srv6-part2 (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXd519c598ee0c: T2898: add ndp-proxy service (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX11b3750c4a01: Merge pull request #2665 from c-po/ndp-proxy (authored by c-po).
Not reproduced in 1.3.5
vyos@r1# set service https vrf foo
[edit]
vyos@r1# commit
[edit]
vyos@r1# del service https vrf foo
[edit]
vyos@r1# commit
[edit]
vyos@r1# curl -k --location --request POST 'https://localhost/retrieve' --form data='{"op": "showConfig", "path": ["system", "ip"]}' --form key='foo'
{"success": true, "data": {"arp": {"table-size": "32768"}}, "error": null}[edit]
vyos@r1#
[edit]
vyos@r1# run show ver@SrividyaA could you re-check and close it?
@zsdc Can we backport it?
Viacheslav edited projects for T4022: Add package nat-rtsp-dkms, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.6).
Viacheslav closed T3580: Refactoring firewall ipv6 rule icmpv6, a subtask of T2199: Rewrite firewall in new XML/Python style, as Resolved.
It won't be implemented for 1.3.x due to old backend
Implemented in 1.4-1.5 T5248
Viacheslav edited projects for T3106: 802.11ax support, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.6).
Viacheslav edited projects for T3040: NHRP IPv6 Support, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.6).
Viacheslav closed T3039: Resize a root partition and filesystem automatically during deployment in virtual environments as Resolved.
Implemented
vyos@r1# set system option root-partition-auto-resize [edit] vyos@r1# run show ver
Harliff updated the task description for T5847: Protocol failover stopped working after suspend + resume.
GitHub <noreply@github.com> committed rVYOSONEX5c91424daafb: Merge pull request #2672 from vyos/mergify/bp/sagitta/pr-2611 (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEX61ebb10f7010: Merge pull request #2671 from vyos/mergify/bp/sagitta/pr-2670 (authored by c-po).
n.fort added a comment to T5676: NAT66 source rule with negation source/destination prefix causes TypeError.
Configuration shared seems to work correctly on latest version:
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX41fdbae4e5bb: T5804: nat: remove inbound|outbound interface from old configuration when it… (authored by n.fort).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX4a890dba1c4b: dhcp: T5846: Ensure DUID regex range is bound (authored by indrajitr).
GitHub <noreply@github.com> committed rVYOSONEX273c65311e70: Merge pull request #2670 from indrajitr/duid-refactor-T5846-3 (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEXa5a5658acde0: Merge pull request #2669 from vyos/mergify/bp/sagitta/pr-2668 (authored by Viacheslav).
You can use policy local-route to archive your goals
There is no way to use eth1v1 for the policy route (rewritten for 1.4/1.5)
Viacheslav closed T2720: Rework vyos.template Python module to make future extension easier as Not Applicable.
Viacheslav edited projects for T2688: add xml definition to router, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.6).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXe846785b1a5f: frr: T4020: re-enable watchfrr in config as it is always running (authored by c-po).
GitHub <noreply@github.com> committed rVYOSONEXd6b94822a7cb: Merge pull request #2668 from c-po/current (authored by c-po).
Fixed
vyos@r1# set interfaces ethernet eth2 description foo [edit] vyos@r1# set interfaces ethernet eth2 mtu 1200 [edit] vyos@r1# commit [ interfaces ethernet eth2 ] link-local IPv6 address will be configured on interface "eth2", the required minimum MTU is 1280!
Viacheslav edited projects for T2366: change the default for Interface creation to False, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta.
Close it, as it is not bug/feature
@zsdc Can we close it?
Viacheslav removed a project from T2281: DHCP and Static IPs on Same Interface: VyOS 1.3 Equuleus (1.3.6).
Fq_codel was added for 1.4/1.5 in T5489
Not planning to do it for 1.3 now
Viacheslav edited projects for T2171: Unify creation and manipulation of interfaces, added: VyOS 1.5 Circinus; removed VyOS 1.3 Equuleus (1.3.6).
GitHub <noreply@github.com> committed rVYOSONEXc85c3a786e05: Merge pull request #2666 from vyos/mergify/bp/sagitta/pr-2664 (authored by c-po).