Just adding my +1 for this feature, would be very useful.
If I get time in the coming weeks/months I will try and pick up on the analysis where @njh left off.

@n.fort A quick test of this against latest rolling looks like it's working as expected for general firewall rules:

I agree that the Keepalivd SMTP implementation is lacking authentication.

@Viacheslav I may be on to something. It's related to the order of execution of the DHCP client exit hook scripts in /etc/dhcp/dhclient-exit-hooks.d.

PR for 1.4 https://github.com/vyos/vyos-1x/pull/1886

vyos@91800359325b# set interfaces ethernet eth0 address 192.0.2.5/24
[edit]
vyos@91800359325b# commit
[ interfaces ethernet eth0 ]
sudo: unable to resolve host 91800359325b: System error

Also see https://forum.vyos.io/t/1-4-rolling-route-table-for-wan-load-balancing-not-created/.

Actually only multihop BGP peers go down. Others are up, but the routes received from them does not go to kernel, so the connectivity drops.
Latest techsupport: https://oc.cpm.ru/index.php/s/Fg9FfoOatihBOrQ
The system was alive more than 12 hours, but crashed the same way as before.

I don't think this ever worked as intended: see T3275#103228, vyos-build PR 185, and T3821.

after an internal discussion we came to the conslusion that keepalived SMTP implementation is incomplete (e.g. it lacks authentication). In order to still support your request we think we should enable support of 3rd party configurations placed in e.g. /etc/keepalived/conf.d.

@sdev just for clarification do you mean "deleted" as in only existing entries but new ones will work or completely deleted?
Im asking because I do use keas global, subnet, pool and class option-data support extensively outside of vyos.
If this would stay/become a part of vyos that would be great!

PR https://github.com/vyos/vyos-1x/pull/1884

>>> range_to_regex(['10-20', '22-35', '50'])
'(1\\d|20|2[2-9]|3[0-5]|50)'
>>>

Will be fixed in the next rolling release

Wanted to have the ticketid to write the right commit message right away. Diff is here: https://github.com/vyos/vyos-1x/compare/current...ichdasich:vyos-1x:filtered_routes

If we add vlan to range we get error

set service ipoe-server authentication mode 'noauth'
set service ipoe-server client-ip-pool name POOL1 gateway-address '192.0.2.1'
set service ipoe-server client-ip-pool name POOL1 subnet '192.0.2.0/24'
set service ipoe-server interface eth1 vlan '2000-3000'
commit
set service ipoe-server interface eth1 vlan '50'
commit

The second commit:

PR https://github.com/vyos/vyos-1x/pull/1883

@n.fort @Viacheslav
Here is an example of what I am after for DNAT rule, specifically, using meta pkttype:

QoS Policy Limiter now works correctly.
But the shaper classes for tagged traffic don't work.

I was able to get it to work as expected by reducing the lease below 4294967295 and removing the /config/dhcpd.leases file. It should work per the instruction to make the lease effectively static. It had worked in the past so at some point the check that the resultant lease end day is numeric.

Example configuration:

PR: https://github.com/vyos/vyos-1x/pull/1881

My bad

Seems to be the same task -> https://vyos.dev/T5018

Just put this on a live system, and it behaves as intended (so far). Special meaning of _ would certainly have to be added to the check, i guess, but that needs further delving into bgp-regex syntax.

https://github.com/vyos/vyos-1x/pull/1880

@Jimz could you share an example of configuration?
I can't reproduce it with

set service dhcp-server shared-network-name Lan01 authoritative
set service dhcp-server shared-network-name Lan01 name-server '1.1.1.1'
set service dhcp-server shared-network-name Lan01 subnet 192.0.2.0/24 default-router '192.0.2.1'
set service dhcp-server shared-network-name Lan01 subnet 192.0.2.0/24 range R1 start '192.0.2.10'
set service dhcp-server shared-network-name Lan01 subnet 192.0.2.0/24 range R1 stop '192.0.2.254'
set service dhcp-server shared-network-name Lan01 subnet 192.0.2.0/24 static-mapping myhost ip-address '192.0.2.5'
set service dhcp-server shared-network-name Lan01 subnet 192.0.2.0/24 static-mapping myhost mac-address '02:a6:0c:88:3e:a2'

Let me give it another test-run in a bit and then i'll issue a PR.

Could you create a PR?

Discovered a couple of problems with chrony using the existing CLI.

PR https://github.com/vyos/vyos-1x/pull/1879

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1878

PR https://github.com/vyos/vyos-1x/pull/1877

@c-po Isnt this implementation wrong for "shaper" anyway?
The speed should only be taken from the interface as an last resort, if the default bandwidth is configured in a no percentage unit it should be used instead, no?

This was never reproduced; user will report if recurrence and we will reopen as needed.

Lower priority and will need testing when implemented.