In T6136#180149, @n.fort wrote:And a simple note for your usage @wenzk
Change
set firewall ipv4 name WAN_IN rule 30 icmp
to this:
set firewall ipv4 name WAN_IN rule 30 protocol icmp
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Mar 19 2024
Mar 19 2024
dongjunbo triaged T6140: After running a while the default routing failed on vyos 1.4 epa1&epa2 with pppoe0 enabled as High priority.
n.fort changed the status of T6136: Configuring a dynamic address group, config script did not check whether the group was created from In progress to Needs testing.
wenzk added a comment to T6136: Configuring a dynamic address group, config script did not check whether the group was created.
Mar 18 2024
Mar 18 2024
It looks like the local broken build.
At least it is not reproducible.
You can try to set it on some test VM to be sure if is it an issue with the node or the image itself.
In T6126#180142, @Viacheslav wrote:Can you try the same link as in my example and provide the full output?
n.fort changed the status of T6136: Configuring a dynamic address group, config script did not check whether the group was created from Confirmed to In progress.
n.fort added a comment to T6136: Configuring a dynamic address group, config script did not check whether the group was created.
And a simple note for your usage @wenzk
Change
set firewall ipv4 name WAN_IN rule 30 icmp
to this:
set firewall ipv4 name WAN_IN rule 30 protocol icmp
Can you try the same link as in my example and provide the full output?
In T6126#180130, @Viacheslav wrote:Could you show show version?
a.apostoliuk changed the status of T6130: [1.3.6->1.4.0-epa2 Migration] BGP "set community" missing, a subtask of T5938: Migration fail root task for 1.4-rc, from Open to In progress.
a.apostoliuk changed the status of T6130: [1.3.6->1.4.0-epa2 Migration] BGP "set community" missing from Open to In progress.
Could you show show version?
Never had this bug with 1.4.0-epa.
vyos@r1-right:~$ show ver Version: VyOS 1.4.0-epa1 Release train: sagitta
Viacheslav triaged T6130: [1.3.6->1.4.0-epa2 Migration] BGP "set community" missing as High priority.
Viacheslav closed T3522: policy based routing not working, a subtask of T3505: Commits do not respect changes in FRR that are not stored in a config, as Not Applicable.
Viacheslav triaged T6131: Disabling openvpn interface(s) causes OSPF to fail to load on reboot as High priority.
Viacheslav changed the status of T6136: Configuring a dynamic address group, config script did not check whether the group was created from Open to Confirmed.
Mar 17 2024
Mar 17 2024
c-po changed the status of T6133: Add domain-name to commit-archive, a subtask of T4942: Rewrite vyatta-config-mgmt to Python/XML, from Open to In progress.
See T6131 for a report of the VTUN/OSPF issue with a simple lab config, which occurs separately from a migration.
c-po changed the status of T6129: bgp: add route-map option "as-path exclude all" from Open to In progress.
c-po changed the status of T6129: bgp: add route-map option "as-path exclude all", a subtask of T5788: frr: update to 9.1 release, from Open to In progress.
Mar 15 2024
Mar 15 2024
n.fort added a comment to T6090: Migration of "policy route" configs fails due to TCP flag case sensitivity.
PR for 1.5: https://github.com/vyos/vyos-1x/pull/3137
I can download the image and add it from path just fine, e.g this works fine:
Apachez added a comment to T6091: [1.3.3->1.4.0-epa1 Migration] NTP "listen-address" config removed.
Proper would be to throw out chrony and use ntpsec instead which supports proper filtering.
matthewr added a comment to T6091: [1.3.3->1.4.0-epa1 Migration] NTP "listen-address" config removed.
Given that Chrony only allows one bind address, versus ntpd which allows multiple, a "wontfix" sounds like the correct answer! :-)
n.fort changed the status of T6090: Migration of "policy route" configs fails due to TCP flag case sensitivity, a subtask of T5938: Migration fail root task for 1.4-rc, from Open to Confirmed.
n.fort changed the status of T6090: Migration of "policy route" configs fails due to TCP flag case sensitivity from Open to Confirmed.
The issue is which to choose if there are multiple, thus removing all, chrony will listen on all interfaces.
Viacheslav triaged T6091: [1.3.3->1.4.0-epa1 Migration] NTP "listen-address" config removed as Normal priority.
Most likely won't fix
https://chrony-project.org/doc/3.4/chrony.conf.html
Viacheslav triaged T6090: Migration of "policy route" configs fails due to TCP flag case sensitivity as High priority.
There do already exists tasks regarding commit and boot times such as: https://vyos.dev/T5388
@Apachez the original issue was related nft
If use nftables natively as:
Giggum changed Version from - to VyOS 1.4.0-epa1 on T6123: Limit NTP allow-client config to internal addresses by default.
Mar 14 2024
Mar 14 2024
I wouldnt call 1m37s of commit time for a single line of configchange as "resolved"...
Apachez added a comment to T5388: Something is fishy with commit and boot times when more than a few hundred static routes are being used.
Also probably related: https://forum.vyos.io/t/long-commit-time-for-multiple-vrfs/14053
Mar 13 2024
Mar 13 2024
natali-rs1985 changed Issue type from unspecified to feature on T1244: Add support for StartupResync in conntrack-sync.
HollyGurza changed the status of T1871: Add MTU option to "traffic-policy limiter" from Open to In progress.
Mar 12 2024
Mar 12 2024
PR for 1.4 https://github.com/vyos/vyos-build/pull/528
Did this test again, and I got the same result.
Close the task due to the reporter not responding.
Reopen if you still have this bug.
The similar task T5956
dmbaturin renamed T3202: Enable wireguard debug messages by default from enable wireguard debug messages per default to Enable wireguard debug messages by default.
The most frequently-used validators are already in OCaml now, for the rest we'll need to create separate tasks.
Mar 11 2024
Mar 11 2024
jestabro moved T6098: Description doesnt seem to allow for non international characters from Open to Finished on the VyOS 1.5 Circinus board.
jestabro closed T6098: Description doesnt seem to allow for non international characters as Resolved.
Viacheslav triaged T6113: [email protected] cannot stop gracefully when VyOS shutdowns as Normal priority.
Mar 10 2024
Mar 10 2024
c-po moved T6071: firewall: CLI description limit of 256 characters cause config upgrade issues from Open to Finished on the VyOS 1.5 Circinus board.
Mar 9 2024
Mar 9 2024
Testing further today, I have managed to get two close configs: one migrates and the other does not.
Viacheslav moved T6086: NAT does not work with network-groups from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved T6086: NAT does not work with network-groups from Open to Finished on the VyOS 1.5 Circinus board.
Mar 8 2024
Mar 8 2024
Mar 7 2024
Mar 7 2024
Since it has been implemented, can also global options be implemented?
sarthurdev moved T6073: Conntrack/NAT not being disabled when VRFs are defined from In Progress to Finished on the VyOS 1.5 Circinus board.
@penetal please confirm that this is resolved.
jestabro changed the status of T6069: HTTP API segfault during concurrent configuration requests from Open to Needs reporter action.
Resolved in my tests using above reproducer; waiting for confirmation from submitter.
jestabro closed T5348: Service config-sync can freeze the secondary router if it has commit-archive location, a subtask of T775: Config Sync between two VyOS routers, as Resolved.
jestabro moved T6104: Regression in commit-archive for non-interactive configuration from Open to Finished on the VyOS 1.4 Sagitta board.