As it seems according to https://manpages.debian.org/bookworm/chrony/chrony.conf.5.en.html both bindaddress and binddevice can only be specified once.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Oct 28 2023
Oct 28 2023
Ahh yes, I think there is another task in here regarding adding firewall rules by default to the firewall to avoid situations like this :-)
I added the above modifications to /usr/share/vyos/templates/chrony/chrony.conf.j2 and rebooted VyOS 1.5-rolling-202310240118.
I found the issue. I was missing a firewall input rule to allow anything from lo.
With my config chronyd still listens locally on 323:
udp 0 0 192.168.2.253:123 0.0.0.0:* 20420/chronyd udp 0 0 127.0.0.1:323 0.0.0.0:* 20420/chronyd udp6 0 0 ::1:323 :::* 20420/chronyd
I havent been using ninja2 scripting previously but Im guessing something like this would be needed:
Here is the output of sudo ls -la /run/chrony (just booted up so drift will probably missing for some time):
Any docs or example on how bfd interacts with pim?
Oct 27 2023
Oct 27 2023
@Viacheslav yes, I already did last month, but there were lots of errors when veryfing the fix.
I figured it came due to the changes performed by task https://vyos.dev/T5048.
It is not, but I do not want to make my NTP internet-facing anyways.
Is your WAN interface also in net 192.168.0.0/16?
Can you show the output of sudo ls -la /run/chrony?
My VyOS NTP config:
set allow-client address '192.168.0.0/16' set listen-address '192.168.2.253' set server time.aws.com pool set server time.google.com pool
zsdc moved T5652: Config migrate to image upgrade does not properly generate home directory from Open to Finished on the VyOS 1.4 Sagitta board.
zsdc closed T5652: Config migrate to image upgrade does not properly generate home directory, a subtask of T5663: pmacct package contains unwanted data, as Resolved.
zsdc closed T5652: Config migrate to image upgrade does not properly generate home directory as Resolved.
Apachez added a comment to T5690: Change to definition of environment variable 'vyos_rootfs_dir' is incorrect.
PR created: https://github.com/vyos/vyatta-op/pull/79
Apachez added a comment to T5693: Adding variable vyos_persistence_dir (and improve variable vyos_rootfs_dir).
PR created: https://github.com/vyos/vyatta-op/pull/79
How is your current ntp configuration (as outputed by show config commands)?
Apachez added a comment to T5686: Loss of connectivity on dhcp enabled ethernet interfaces after abrupt link restarts.
I would still recommend you to try to test to put a L2-switch between your 5G-router and the VyOS box and see if that resolves the situation.
Apachez added a comment to T5690: Change to definition of environment variable 'vyos_rootfs_dir' is incorrect.
One way however to make the variable more robust in case there are for whatever reason more than one squashfs mounted object available is to select the one who is "loop0".
Apachez added a comment to T5690: Change to definition of environment variable 'vyos_rootfs_dir' is incorrect.
Looking through https://vyos.dev/T5457 I now get what you meant by "re-broke it".
jestabro added a comment to T5690: Change to definition of environment variable 'vyos_rootfs_dir' is incorrect.
Nope, it works fine, now; your revision to the change re-broke it.
https://github.com/vyos/vyos-build/pull/441 PR has been created
ishan added a comment to T5686: Loss of connectivity on dhcp enabled ethernet interfaces after abrupt link restarts.
Does your 5G-modem do any NAT on its own or does it just forward the DHCP to the ISP?
Apachez added a comment to T5690: Change to definition of environment variable 'vyos_rootfs_dir' is incorrect.
So in short https://vyos.dev/T5440 will be broken again?
a.apostoliuk added a comment to T5402: VRRP router with rfc3768-compatibility sends multiple ARP replies .
It was fixed in a keepalived project.
https://github.com/acassen/keepalived/commit/9ca8688c7fe591e1face259f19ee6169e20a3438
Viacheslav changed the status of T4057: Commit time for deleting sflow configuration ~1.5 min from Open to Needs testing.
Viacheslav moved T3774: atop logs are not limited in size from Open to Finished on the VyOS 1.4 Sagitta board.
Should be fixed in https://vyos.dev/T5232
needs to re-check
Apachez added a comment to T5686: Loss of connectivity on dhcp enabled ethernet interfaces after abrupt link restarts.
Does your 5G-modem do any NAT on its own or does it just forward the DHCP to the ISP?
Oct 26 2023
Oct 26 2023
ishan added a comment to T5686: Loss of connectivity on dhcp enabled ethernet interfaces after abrupt link restarts.
Could also be if legacy spanning-tree is being used that it will take approx 25 seconds before packets are being forwarded after a linkdown - workaround here is to enable "spanning-tree portfast" or disable spanning-tree.
jestabro changed Difficulty level from unknown to easy on T5690: Change to definition of environment variable 'vyos_rootfs_dir' is incorrect.
jestabro changed the status of T5690: Change to definition of environment variable 'vyos_rootfs_dir' is incorrect from Open to In progress.
jestabro triaged T5690: Change to definition of environment variable 'vyos_rootfs_dir' is incorrect as Normal priority.
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX0eaf3be4f1a9: op-mode: T5653: command to display SSH server public key fingerprints (authored by JeffWDH).
For the record.
GitHub <[email protected]> committed rVYOSONEX0e129df010f5: Merge pull request #2369 from JeffWDH/current (authored by dmbaturin).
erkin closed T5650: Progressbars suffer from staircasing effect, a subtask of T3356: Script for remote file transfers, as Resolved.
erkin reopened T4091: Progress bar support for HTTP uploads, a subtask of T3356: Script for remote file transfers, as Open.
Oops, wrong task.
erkin closed T4091: Progress bar support for HTTP uploads, a subtask of T3356: Script for remote file transfers, as Resolved.
I would just expose these 3 options as-is.
Yes, it does. thank you
tfiebig triaged T5689: FRR 9.0.1 in VyOS current segfaults on show rpki prefix $prefix as High priority.
@SrividyaA Can you confirm this is working as you expect?
sarthurdev moved T4903: Support IPv6 addresses in "set system conntrack ignore" from Finished to Backlog on the VyOS 1.4 Sagitta board.
sarthurdev moved T4903: Support IPv6 addresses in "set system conntrack ignore" from Open to Finished on the VyOS 1.5 Circinus board.
sarthurdev added a project to T4903: Support IPv6 addresses in "set system conntrack ignore": VyOS 1.5 Circinus.
@a.apostoliuk Can you confirm this is working as expected?
n.fort changed the status of T5681: Interface match - Simplified and unified cli from In progress to Needs testing.
n.fort changed the status of T5643: NAT - Allow interface groups on nat rules from In progress to Needs testing.
This error was already fixed in https://github.com/vyos/vyos-1x/pull/2406
fernando added a comment to T5357: Policy: BGP communities fail to apply when loaded from config file.
@jvoss thanks to confirm !
PR for op-mode command that fits new cli: https://github.com/vyos/vyos-1x/pull/2408
a.apostoliuk changed the status of T5688: Create the same view of pool configuration for all accel-ppp services, a subtask of T4085: Rewrite L2TP/PPTP/SSTP/PPPoE services to get_config_dict, from Open to In progress.
a.apostoliuk changed the status of T5688: Create the same view of pool configuration for all accel-ppp services from Open to In progress.
Viacheslav moved T5683: reverse-proxy pki filenames mismatch from Open to Finished on the VyOS 1.4 Sagitta board.
Viacheslav changed the status of T5684: services using VRF generates the error "Failed to load BPF prog: 'Operation not permitted'" when the system boots. from In progress to Needs testing.
Do you have any idea for CLI?
GitHub <[email protected]> committed rVYOSONEX6c514d793b73: Merge pull request #2407 from vyos/mergify/bp/sagitta/pr-2405 (authored by Viacheslav).