Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

May 30 2024

Vijayakumar added a comment to T6416: Run smoke tests before merging .

Hope we need to run this for smoke test
https://github.com/vyos/vyos-1x?tab=readme-ov-file#tests

May 30 2024, 4:19 AM · Restricted Project, GitHub Infrastructure

May 29 2024

Viacheslav added a comment to T6417: Common storage location for accounts for different VPNs.

It is not clear why it should be ignored? If they should be ignored they must not be in the CLI at all.
Why not use RADIUS authentication for it?

May 29 2024, 11:30 PM · VyOS 1.5 Circinus
c-po updated the task description for T6419: reverse-proxy: full CA chain is not build when verifying backend server.
May 29 2024, 9:37 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po moved T6419: reverse-proxy: full CA chain is not build when verifying backend server from Need Triage to Finished on the VyOS 1.5 Circinus board.
May 29 2024, 9:31 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po moved T6419: reverse-proxy: full CA chain is not build when verifying backend server from Need Triage to In Progress on the VyOS 1.4 Sagitta (1.4.0-GA) board.
May 29 2024, 9:30 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po edited projects for T6419: reverse-proxy: full CA chain is not build when verifying backend server, added: VyOS 1.4 Sagitta (1.4.0-GA); removed VyOS 1.4 Sagitta.
May 29 2024, 9:30 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po added a comment to T6419: reverse-proxy: full CA chain is not build when verifying backend server.

https://github.com/vyos/vyos-1x/pull/3546

May 29 2024, 9:30 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
Embezzle closed T6402: Invalid variables referenced in reverse proxy validation as Resolved.

Tested as working in: VyOS 1.5-rolling-202405280020

May 29 2024, 9:10 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po changed the status of T6419: reverse-proxy: full CA chain is not build when verifying backend server from Open to In progress.
May 29 2024, 8:32 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po created T6419: reverse-proxy: full CA chain is not build when verifying backend server.
May 29 2024, 8:32 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
c-po assigned T6418: reverse-proxy: backend http-check CLI option not honored to Viacheslav.
May 29 2024, 8:16 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po created T6418: reverse-proxy: backend http-check CLI option not honored.
May 29 2024, 8:16 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Vijayakumar added a comment to T6416: Run smoke tests before merging .

For this, need to get details on our existing smoke tests.

May 29 2024, 6:51 PM · Restricted Project, GitHub Infrastructure
Vijayakumar closed T6397: Triger action on merge, a subtask of T6309: Check code quality with CodeQL, as Resolved.
May 29 2024, 6:49 PM · GitHub Infrastructure
Vijayakumar closed T6397: Triger action on merge as Resolved.
May 29 2024, 6:49 PM · GitHub Infrastructure
fernando closed T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr as Resolved.
May 29 2024, 5:57 PM · VyOS 1.4 Sagitta (1.4.1)
fernando added a comment to T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.

@mersl thanks for confirm.

May 29 2024, 5:57 PM · VyOS 1.4 Sagitta (1.4.1)
pavel-altair added a comment to T6417: Common storage location for accounts for different VPNs.
In T6417#190277, @Viacheslav wrote:

It probably cannot be a universal solution due to specific per-user options.
For example, for opencoonect, you can add otp if you want on a per-user basis and not do it for other users.

vyos@r4# set vpn openconnect authentication local-users username foo 
Possible completions:
   disable              Disable instance
 > otp                  2FA OTP authentication parameters
   password             Password used for authentication

Another case specific client IP address or rate limit

vyos@r4# set vpn sstp authentication local-users username foo 
Possible completions:
   disable              Disable instance
   password             Password for authentication
 > rate-limit           Upload/Download speed limits
   static-ip            Static client IP address (default: *)

Though it could be only for accel-ppp based configuration sstp/l2tp/pptp

specific per-user options can ignored if the protocol does not support them

May 29 2024, 5:43 PM · VyOS 1.5 Circinus
Restricted Repository Identity closed T6415: Repo sync, a subtask of T6309: Check code quality with CodeQL, as Resolved.
May 29 2024, 5:14 PM · GitHub Infrastructure
Restricted Repository Identity closed T6415: Repo sync as Resolved by committing Restricted Diffusion Commit.
May 29 2024, 5:14 PM · GitHub Infrastructure
mersl added a comment to T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.

just some show commands with test results on my lab

May 29 2024, 5:04 PM · VyOS 1.4 Sagitta (1.4.1)
mersl added a comment to T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.

very cool! I just rebuild a 1.5-rolling and upgraded my lab router and voila - works as expected ;-)

May 29 2024, 4:41 PM · VyOS 1.4 Sagitta (1.4.1)
Viacheslav triaged T6417: Common storage location for accounts for different VPNs as Wishlist priority.

It probably cannot be a universal solution due to specific per-user options.
For example, for opencoonect, you can add otp if you want on a per-user basis and not do it for other users.

vyos@r4# set vpn openconnect authentication local-users username foo 
Possible completions:
   disable              Disable instance
 > otp                  2FA OTP authentication parameters
   password             Password used for authentication
May 29 2024, 4:19 PM · VyOS 1.5 Circinus
pavel-altair created T6417: Common storage location for accounts for different VPNs.
May 29 2024, 2:57 PM · VyOS 1.5 Circinus
syncer triaged T6416: Run smoke tests before merging as Low priority.
May 29 2024, 2:52 PM · Restricted Project, GitHub Infrastructure
Viacheslav renamed T6416: Run smoke tests before merging from Run smole tests before merging to Run smoke tests before merging .
May 29 2024, 1:53 PM · Restricted Project, GitHub Infrastructure
syncer created T6416: Run smoke tests before merging .
May 29 2024, 12:17 PM · Restricted Project, GitHub Infrastructure
fernando added a comment to T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.

we've added this ability to configure the topology on isis :

May 29 2024, 11:16 AM · VyOS 1.4 Sagitta (1.4.1)
fernando changed the subtype of T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr from "Bug" to "Feature Request".
May 29 2024, 11:14 AM · VyOS 1.4 Sagitta (1.4.1)
fernando changed the status of T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr from Open to Needs testing.
May 29 2024, 11:14 AM · VyOS 1.4 Sagitta (1.4.1)
fernando added a comment to T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.

agree ,it's more a feature than a bug : PR https://github.com/vyos/vyos-1x/pull/3537

May 29 2024, 11:11 AM · VyOS 1.4 Sagitta (1.4.1)
Viacheslav claimed T6415: Repo sync.
May 29 2024, 10:29 AM · GitHub Infrastructure
Viacheslav created T6415: Repo sync.
May 29 2024, 10:29 AM · GitHub Infrastructure
HollyGurza claimed T5735: Add CLI and configuration scripts for stunnel.
May 29 2024, 8:33 AM · Restricted Project, VyOS 1.5 Circinus
giuavo added a comment to T6253: no-default-route not being honoured.

Are you sure your DHCP server honors the no-default-route option?
I may be wrong, but I think the no-default-route just sets an option in the DHCP request, asking the DHCP server to not send back the default route.
I have the same issue with my ISP, and they told me they will always send a default route via DHCP.
I have solved the issue using DHCP hooks.

May 29 2024, 8:24 AM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
Viacheslav closed T6411: CGNAT does not rely on seq number, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, as Resolved.
May 29 2024, 8:23 AM · Restricted Project, VyOS 1.5 Circinus
Viacheslav closed T6411: CGNAT does not rely on seq number as Resolved.
May 29 2024, 8:23 AM · VyOS 1.5 Circinus
Viacheslav added a comment to T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.

More a feature request than a bug

May 29 2024, 8:14 AM · VyOS 1.4 Sagitta (1.4.1)
Unknown Object (User) added a comment to T6181: A feature for checking popular ports..

We will bind the code to a new command in operating mode (for example show ports). This will allow you to use the nmap command from operating mode. Just a convenient feature.

May 29 2024, 5:43 AM · Restricted Project, VyOS 1.5 Circinus, VyOS 1.3 Equuleus (1.3.8), VyOS 1.4 Sagitta (1.4.0-GA)
fernando added a comment to T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.

the problem here is that MT options is enable by default when the RIB has ipv4, if not not-MT is enable by default on IPv4 .So, you need to add additional topologies (ipv6-unicast , ipv6-multicast,etc)

May 29 2024, 12:56 AM · VyOS 1.4 Sagitta (1.4.1)

May 28 2024

Vijayakumar closed T6410: separate subset of workflows for documentation, a subtask of T6309: Check code quality with CodeQL, as Resolved.
May 28 2024, 7:14 PM · GitHub Infrastructure
Vijayakumar closed T6410: separate subset of workflows for documentation as Resolved.
May 28 2024, 7:14 PM · GitHub Infrastructure
dmbaturin created T6414: Rename the "iso" flavor to "generic".
May 28 2024, 4:43 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
fernando claimed T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.
May 28 2024, 3:55 PM · VyOS 1.4 Sagitta (1.4.1)
jestabro added a comment to T5786: Add set/show system image to /image endpoint.

Fix link:
https://github.com/vyos/vyos-1x/pull/3529

May 28 2024, 3:03 PM · VyOS 1.5 Circinus
Viacheslav changed the status of T6411: CGNAT does not rely on seq number, a subtask of T5169: Add CGNAT Carrier-Grade NAT based on nftables, from Open to In progress.
May 28 2024, 1:15 PM · Restricted Project, VyOS 1.5 Circinus
Viacheslav changed the status of T6411: CGNAT does not rely on seq number from Open to In progress.

PR https://github.com/vyos/vyos-1x/pull/3534

May 28 2024, 1:15 PM · VyOS 1.5 Circinus
jestabro closed T6404: Include constraintGroup element in reference tree as Resolved.
May 28 2024, 12:39 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
jestabro moved T6404: Include constraintGroup element in reference tree from Need Triage to Finished on the VyOS 1.5 Circinus board.
May 28 2024, 12:38 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
SrividyaA claimed T6379: "generate openvpn" uses "comp-lzo no", which leads to problems on Android-Clients.
May 28 2024, 11:27 AM · VyOS 1.4 Sagitta (1.4.1)
a.hajiyev created T6413: BGP conditional route advertisement does not work as expected.
May 28 2024, 10:49 AM · Restricted Project, VyOS 1.4 Sagitta (1.4.0)
ssasso added a comment to T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.

@Viacheslav here you go:

May 28 2024, 10:49 AM · VyOS 1.4 Sagitta (1.4.1)
Viacheslav added a comment to T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.

Can you provide set of commands instead? Bug-report-guidelines

May 28 2024, 10:42 AM · VyOS 1.4 Sagitta (1.4.1)
Viacheslav added a subtask for T5169: Add CGNAT Carrier-Grade NAT based on nftables: T6412: CGNAT allocation calculation may sometimes be incorrect.
May 28 2024, 10:40 AM · Restricted Project, VyOS 1.5 Circinus
Viacheslav added a parent task for T6412: CGNAT allocation calculation may sometimes be incorrect: T5169: Add CGNAT Carrier-Grade NAT based on nftables.
May 28 2024, 10:40 AM · VyOS 1.5 Circinus
Viacheslav triaged T6412: CGNAT allocation calculation may sometimes be incorrect as Normal priority.
May 28 2024, 10:39 AM · VyOS 1.5 Circinus
Viacheslav created T6412: CGNAT allocation calculation may sometimes be incorrect.
May 28 2024, 10:39 AM · VyOS 1.5 Circinus
mersl added a comment to T6332: IPv6-only ISIS (or, in general, dual topology) is not working with other devices running frr.

@ssasso - thanks for this good catch! Coming from a Junos world, I was a bit surprised at the first place when I enabled ISIS and found no ipv6 isis routes and no multi-topology config option (and yes - we have multi-topology in place)

May 28 2024, 10:09 AM · VyOS 1.4 Sagitta (1.4.1)
Viacheslav renamed T6411: CGNAT does not rely on seq number from CGNAt does not rely on seq number to CGNAT does not rely on seq number.
May 28 2024, 9:32 AM · VyOS 1.5 Circinus
Viacheslav added a subtask for T5169: Add CGNAT Carrier-Grade NAT based on nftables: T6411: CGNAT does not rely on seq number.
May 28 2024, 9:32 AM · Restricted Project, VyOS 1.5 Circinus
Viacheslav added a parent task for T6411: CGNAT does not rely on seq number: T5169: Add CGNAT Carrier-Grade NAT based on nftables.
May 28 2024, 9:32 AM · VyOS 1.5 Circinus
Viacheslav triaged T6411: CGNAT does not rely on seq number as Low priority.
May 28 2024, 9:30 AM · VyOS 1.5 Circinus
Viacheslav created T6411: CGNAT does not rely on seq number.
May 28 2024, 9:30 AM · VyOS 1.5 Circinus
Viacheslav added a comment to T6408: Duplicate lines on 'show log vpn'.

The charon identifier also shows IKE name of the SA; this way, we can identify peers in the logs https://github.com/vyos/vyos-build/blob/b809886538eaad66b8756be8f5e758584f88e6a6/data/live-build-config/hooks/live/30-strongswan-configs.chroot#L41-L54
The current show log vpn does https://github.com/vyos/vyos-1x/blob/48e5266e2bca8d1d7a2ee4bacbe0e6628de3fa66/op-mode-definitions/show-log.xml.in#L710

May 28 2024, 8:56 AM · VyOS 1.5 Circinus
alainlamar updated the task description for T6320: WiFi: Enable support for 6GHz AccesPoints.
May 28 2024, 8:25 AM · Restricted Project, VyOS 1.4 Sagitta (1.4.1), VyOS 1.5 Circinus
Vijayakumar added a comment to T6410: separate subset of workflows for documentation.

@rob Thanks for the confirmation.
I will keep submodules.yml , update-translations.yml as is in vyos-documentation

May 28 2024, 8:24 AM · GitHub Infrastructure
Vijayakumar added a comment to T6410: separate subset of workflows for documentation.

Raised PR for first 3 workflows
https://github.com/vyos/vyos-documentation/pull/1464

May 28 2024, 8:16 AM · GitHub Infrastructure
rob added a comment to T6410: separate subset of workflows for documentation.

submodules.yml ===> do we need to move?
update-translations.yml ==> as you said, we dont need to move

May 28 2024, 8:16 AM · GitHub Infrastructure
Vijayakumar added a comment to T6410: separate subset of workflows for documentation.

@syncer pl let me know in this,
update-translations.yml - will keep it local to repo.
And other workflows, can I move to global?
https://github.com/vyos/vyos-documentation/tree/current/.github/workflows

May 28 2024, 8:00 AM · GitHub Infrastructure
Vijayakumar added a comment to T6410: separate subset of workflows for documentation.

Ok, Thanks @syncer and @rob.

May 28 2024, 7:44 AM · GitHub Infrastructure
rob added a comment to T6410: separate subset of workflows for documentation.
In T6410#190062, @Vijayakumar wrote:

Thanks.

And i am moving this workflow "update-translations.yml" to global ,github
But couldn't find below make target code.
https://github.com/vyos/vyos-documentation/blob/current/.github/workflows/update-translations.yml#L33
Could you pls guide me?

May 28 2024, 7:39 AM · GitHub Infrastructure
Apachez added a comment to T6181: A feature for checking popular ports..

Just dont, please see my comment fro april 2024.

May 28 2024, 7:34 AM · Restricted Project, VyOS 1.5 Circinus, VyOS 1.3 Equuleus (1.3.8), VyOS 1.4 Sagitta (1.4.0-GA)
syncer updated subscribers of T6410: separate subset of workflows for documentation.
In T6410#190062, @Vijayakumar wrote:

Thanks.

And i am moving this workflow "update-translations.yml" to global ,github
But couldn't find below make target code.
https://github.com/vyos/vyos-documentation/blob/current/.github/workflows/update-translations.yml#L33
Could you pls guide me?

May 28 2024, 7:33 AM · GitHub Infrastructure
Vijayakumar added a comment to T6410: separate subset of workflows for documentation.

And i am moving this workflow "update-translations.yml" to global ,github
But couldn't find below make target code.
https://github.com/vyos/vyos-documentation/blob/current/.github/workflows/update-translations.yml#L33
Could you pls guide me?

May 28 2024, 7:31 AM · GitHub Infrastructure
Unknown Object (User) added a comment to T6181: A feature for checking popular ports..

@sever what about it?

May 28 2024, 6:47 AM · Restricted Project, VyOS 1.5 Circinus, VyOS 1.3 Equuleus (1.3.8), VyOS 1.4 Sagitta (1.4.0-GA)
syncer triaged T6410: separate subset of workflows for documentation as Normal priority.
May 28 2024, 5:53 AM · GitHub Infrastructure
syncer added a comment to T6410: separate subset of workflows for documentation.

this repo will have own codeowners file, reviewers team is only for code repos

May 28 2024, 5:52 AM · GitHub Infrastructure
syncer added a comment to T6410: separate subset of workflows for documentation.

@Vijayakumar added

May 28 2024, 5:51 AM · GitHub Infrastructure
Vijayakumar added a comment to T6410: separate subset of workflows for documentation.

Please provide me write access to https://github.com/vyos/vyos-documentation.
Also please provide vyos/reviewers team write access for this repo (required as codeowners)

May 28 2024, 5:36 AM · GitHub Infrastructure

May 27 2024

fernando added a comment to T5307: QoS - traffic-class-map services .

tested new cli structure, it combine the new mach-group and old syntax :

May 27 2024, 8:44 PM · VyOS 1.5 Circinus
Giggum added a comment to T6371: Show nat source rules shows unexpected dictionary.

PR opened: https://github.com/vyos/vyos-1x/pull/3532

May 27 2024, 8:37 PM · Restricted Project, VyOS 1.5 Circinus
syncer assigned T6410: separate subset of workflows for documentation to Vijayakumar.
May 27 2024, 8:03 PM · GitHub Infrastructure
syncer created T6410: separate subset of workflows for documentation.
May 27 2024, 8:03 PM · GitHub Infrastructure
zsdc moved T6395: Enable VFIO No-IOMMU support in kernel config from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0) board.
May 27 2024, 7:50 PM · VyOS 1.4 Sagitta (1.4.0), VyOS 1.5 Circinus
zsdc added a project to T6395: Enable VFIO No-IOMMU support in kernel config: VyOS 1.4 Sagitta (1.4.0).
May 27 2024, 7:50 PM · VyOS 1.4 Sagitta (1.4.0), VyOS 1.5 Circinus
zsdc closed T6395: Enable VFIO No-IOMMU support in kernel config as Resolved.
May 27 2024, 7:49 PM · VyOS 1.4 Sagitta (1.4.0), VyOS 1.5 Circinus
Viacheslav added a comment to T6398: Missing the package kpartx for the container vyos-build:current-arm64.

The dependency allowed for 386/amd64 only https://github.com/vyos/vyos-build/blob/b809886538eaad66b8756be8f5e758584f88e6a6/docker/Dockerfile#L281
Though the package is available for ARM

May 27 2024, 7:08 PM · Restricted Project, VyOS 1.5 Circinus
Embezzle added a comment to T6409: Remove unused parameter node from reverse-proxy backend.

PR: https://github.com/vyos/vyos-1x/pull/3531

May 27 2024, 6:45 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
syncer triaged T6409: Remove unused parameter node from reverse-proxy backend as Normal priority.
May 27 2024, 6:43 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
Embezzle changed the status of T6409: Remove unused parameter node from reverse-proxy backend from Open to In progress.
May 27 2024, 4:53 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
Embezzle created T6409: Remove unused parameter node from reverse-proxy backend.
May 27 2024, 4:52 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
Viacheslav triaged T6408: Duplicate lines on 'show log vpn' as Normal priority.
May 27 2024, 4:00 PM · VyOS 1.5 Circinus
Viacheslav added a comment to T6407: Generate ipsec profile error.

As several CA were allowed some time ago it is a bug with op-mode generator.
There is a list of CA's https://github.com/vyos/vyos-1x/blob/48e5266e2bca8d1d7a2ee4bacbe0e6628de3fa66/src/op_mode/ikev2_profile_generator.py#L147
The template https://github.com/vyos/vyos-1x/blob/current/data/templates/ipsec/windows_profile.j2

May 27 2024, 3:58 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
pavel-altair created T6408: Duplicate lines on 'show log vpn'.
May 27 2024, 3:57 PM · VyOS 1.5 Circinus
syncer assigned T6407: Generate ipsec profile error to c-po.
May 27 2024, 2:53 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
HollyGurza added a comment to T5786: Add set/show system image to /image endpoint.
May 27 2024, 2:40 PM · VyOS 1.5 Circinus
dmbaturin added a comment to T6383: Incorrect completion for rollback-soft.

I made a PR that uses an implementation with a separate function: https://github.com/vyos/vyatta-cfg/pull/79

May 27 2024, 1:51 PM · VyOS 1.4 Sagitta (1.4.0-GA)
dmbaturin edited projects for T6402: Invalid variables referenced in reverse proxy validation, added: VyOS 1.4 Sagitta (1.4.0-GA); removed VyOS 1.4 Sagitta (1.4.0).
May 27 2024, 1:34 PM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
pavel-altair created T6407: Generate ipsec profile error.
May 27 2024, 10:51 AM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
nvollmar updated the task description for T6406: Add config option for container cpu limit.
May 27 2024, 8:54 AM · VyOS 1.5 Circinus
First
Prev
Next