PR:
https://github.com/vyos/vyos-1x/pull/1997
This will remain in draft until corresponding PR fro vyos1x-config is merged.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
May 10 2023
Add kernel module https://github.com/vyos/vyos-build/pull/348
PR for L2TP https://github.com/vyos/vyos-1x/pull/1988
Not working. The same errors
May 9 2023
one issue.
the migration scripts don't take into account older load balancing configs.
Fixed with rewriting to systemd unit vyos-wan-load-balance.service
In T5213#148346, @joshua.hanley wrote:@Viacheslav Thanks for the prompt response. Not sure if the change will also cover L2TP as well. For example:
set vpn l2tp remote-access authentication radius accounting-interim-interval '60'
Sometimes it stuck for ~1.5 minutes after deleting.
vyos@r14# delete load-balancing [edit] vyos@r14# commit
@Viacheslav Thanks for the prompt response. Not sure if the change will also cover L2TP as well. For example:
PR https://github.com/vyos/vyos-1x/pull/1986
set service pppoe-server authentication mode 'radius' set service pppoe-server authentication radius accounting-interim-interval '60' set service pppoe-server authentication radius server 203.0.113.1 key '123' set service pppoe-server client-ip-pool name POOL-01 gateway-address '192.0.2.1' set service pppoe-server client-ip-pool name POOL-01 subnet '192.0.2.0/24' set service pppoe-server interface eth1
In T5186#148294, @rh7819 wrote:this is cause by
tcindex classifier is removed by upstream kernel, so
08:04:48 DEBUG - filter add dev eth1 parent 11: protocol ip prio 1 handle 128 tcindex classid 11:a
fails.
We use FRR as the backend and it uses logical AND for match entries
this is cause by
May 8 2023
PR https://github.com/vyos/vyos-1x/pull/1984
set high-availability disable set high-availability vrrp group GRP01 address 192.0.2.47/32 set high-availability vrrp group GRP01 interface 'eth1' set high-availability vrrp group GRP01 vrid '10'
It doesn't like protocol tcp
vyos@r14# sudo tc filter replace dev eth1 parent 1: protocol all u32 match ip protocol tcp 0xff action police rate 300000000 burst 15k flowid 1:a Illegal "match" [edit] vyos@r14#
But it works with protocol 6
vyos@r14# sudo tc filter replace dev eth1 parent 1: protocol all u32 match ip protocol 6 0xff action police rate 300000000 burst 15k flowid 1:a [edit] vyos@r14#
And next fail:
ardware UUID: 4d6f4d29-1ae8-446f-8d2b-3decd9da64c7
On 1.4-rolling-202305080742, speed limit and protocol detection still not worked out correctly too.
In T3655#143947, @fernando wrote:it doesn't seem the same problem as here, this logic that was applied over this version was vrf not on the table . Could you share full configuration ? there is some point over vrfs / vrf default /leaking that are not clear. So I can replicate the scenery and we see what is going on .
In T5116#147654, @Viacheslav wrote:I think the only solution is to use network namespaces
https://docs.strongswan.org/docs/5.9/howtos/nameSpaces.html