Page MenuHomeVyOS Platform
Feed All Stories

Jan 8 2024

c-po closed T5904: op-mode: add "show ipv6 route vrf <name> <prefix>" command as Resolved.
Jan 8 2024, 8:44 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
c-po added a comment to T5766: http: rewrite conf-mode script to get_config_dict() .

https://github.com/vyos/vyos-1x/pull/2773

Jan 8 2024, 8:17 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po added a comment to T5902: http: remove virtual-host configuration in webserver.

Well, the webserver is for an API - if you wan't to server files you can either use the default document root, or spawn a container. We should focus on packet pushing and administration.

Jan 8 2024, 8:17 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po committed rVYOSONEX692d700f903c: smoketest: T5905: always delete pki in ipsec test startup.
Jan 8 2024, 8:13 PM
c-po committed rVYOSONEX404a2e92d027: ipsec: T5905: use interface_exists() wrapper over raw calls to os.path.exists().
Jan 8 2024, 8:13 PM
c-po committed rVYOSONEX4dfb14d509b9: pki: T5905: do not use expand_nodes=Diff.ADD|Diff.DELETE) in node_changed().
Jan 8 2024, 8:13 PM
c-po committed rVYOSONEX69b8c448c7c8: pki: T5886: add op-mode commands for log and renewal.
Jan 8 2024, 8:11 PM
c-po committed rVYOSONEX1b85e7a9442a: https: T5886: migrate https certbot to new "pki certificate" CLI tree.
Jan 8 2024, 8:11 PM
c-po committed rVYOSONEXf8f51939ae5a: pki: T5886: add support for ACME protocol (LetsEncrypt).
Jan 8 2024, 8:11 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXb93786b8c855: https: T5886: migrate https certbot to new "pki certificate" CLI tree (authored by c-po).
Jan 8 2024, 8:06 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXfa61e4076a47: pki: T5886: add op-mode commands for log and renewal (authored by c-po).
Jan 8 2024, 8:06 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX8edc78dcbc01: pki: T5886: add support for ACME protocol (LetsEncrypt) (authored by c-po).
Jan 8 2024, 8:06 PM
c-po added a subtask for T3642: PKI configuration: T5911: pki: service update ignored if certificate name contains a hyphen (-).
Jan 8 2024, 8:05 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
c-po added a parent task for T5911: pki: service update ignored if certificate name contains a hyphen (-): T3642: PKI configuration.
Jan 8 2024, 8:05 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
c-po added a comment to T5911: pki: service update ignored if certificate name contains a hyphen (-).

https://github.com/vyos/vyos-1x/pull/2773

Jan 8 2024, 8:04 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
jestabro closed T3980: vrrp transition-script validator makes warning fatal and also causes a python NameError exception as Resolved.

The errors here were fixed in:
https://vyos.dev/T4052
https://vyos.dev/T4053
in equuleus and subsequent.

Jan 8 2024, 7:59 PM · VyOS 1.3 Equuleus (1.3.6)
dmbaturin closed T3480: Does not possible to change console baud-rate as Resolved.
Jan 8 2024, 7:45 PM · VyOS 1.4 Sagitta
dmbaturin triaged T5526: Clarify the error message when trying to set an interface as a BGP peer group using the wrong syntax as Low priority.
Jan 8 2024, 7:45 PM · Restricted Project, VyOS 1.3 Equuleus (1.3.8)
dmbaturin triaged T3450: Make libvyosconfig avoid quoting values that don't need quoting as Low priority.
Jan 8 2024, 7:29 PM · Restricted Project, VyOS Rolling, Restricted Project
dmbaturin closed T4822: vyatta-cfg-system: install correct version of GRUB for architecture (arm64) as Resolved.
Jan 8 2024, 7:28 PM
dmbaturin edited projects for T4193: Add support for transparent firewall, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.6).
Jan 8 2024, 7:28 PM · VyOS 1.4 Sagitta
dmbaturin closed T4193: Add support for transparent firewall as Resolved.

The new firewall implementation by Nicholas et al. supports bridge firewalls.

Jan 8 2024, 7:27 PM · VyOS 1.4 Sagitta
dmbaturin closed T4078: A hybrid of "network-group" and "address-group". as Not Applicable.

I suppose with the new firewall implementation, this is no longer relevant.

Jan 8 2024, 7:27 PM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta
dmbaturin closed T3784: can't build iso with custom built iptables as Not Applicable.

With the migration to nftables, I suppose this is not relevant anymore.

Jan 8 2024, 7:25 PM · VyOS 1.4 Sagitta
dmbaturin closed T3754: Make config scripts more testable as Resolved.

With the current smoke test infrastructure, I'm inclined to call the original task resolved.

Jan 8 2024, 7:25 PM · VyOS 1.4 Sagitta
dmbaturin closed T3663: Use inotify file watching where applicable as Resolved.
Jan 8 2024, 7:24 PM · VyOS 1.4 Sagitta
dmbaturin closed T3545: Does not possible to update VyOS from 1.1.8 as Wontfix.

Neither 1.1.8 nor Crux are supported anymore.

Jan 8 2024, 7:24 PM · VyOS 1.2 Crux
dmbaturin closed T3484: Kernel panic when QAT uses, a subtask of T3587: Intel QAT support is broken on VyOS 1.4 due to a Kernel Crash, as Not Applicable.
Jan 8 2024, 7:22 PM · VyOS 1.4 Sagitta
dmbaturin closed T3484: Kernel panic when QAT uses as Not Applicable.

I presume the issue is no longer relevant since people do successfully use QAT now, but feel free to reopen if anything.

Jan 8 2024, 7:22 PM · VyOS 1.4 Sagitta
dmbaturin closed T3013: dhcpv6 client abnormal behavior vyos 1.2 vs 1.3 as Not Applicable.

If the issue is still relevant, feel free to reopen.

Jan 8 2024, 7:21 PM · Restricted Project
dmbaturin closed T2897: Remove cluster command as Resolved.
Jan 8 2024, 7:20 PM · VyOS 1.4 Sagitta
dmbaturin renamed T985: New cluster implementation with corosync+pacemaker from Migrated clustering from heartbeat to corosync+pacemaker to New cluster implementation with corosync+pacemaker.
Jan 8 2024, 7:20 PM · VyOS 1.5 Circinus
dmbaturin triaged T2820: BGP crash in if_destroy_via_zapi as Normal priority.
Jan 8 2024, 7:18 PM · VyOS 1.2 Crux
dmbaturin closed T2799: VyOS Certificates Manager, a subtask of T2192: Create common crypto library for creation/verification/management of RSA/EC/SSH keys, certificates, requests, etc., as Resolved.
Jan 8 2024, 7:17 PM
dmbaturin closed T2799: VyOS Certificates Manager as Resolved.

I suppose the current PKI CLI does fulfill the requirements of this task.

Jan 8 2024, 7:17 PM · VyOS 1.3 Equuleus (1.3.6)
dmbaturin triaged T2556: "show interfaces vrrp" does not return any interface as Low priority.
Jan 8 2024, 7:16 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
jestabro added a comment to T5910: Grub problem(?) Serial Console no longer working.

Just to clarify the issue: note that one can specify the choice of serial console during the 'install image' process; are you not seeing the boot messages with this setting ? or are you unable to set it during installation ? Thanks.

Jan 8 2024, 7:15 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
dmbaturin closed T2533: FRR 7.3.1-0 stale connected route as Not Applicable.

I don't think anyone saw this issue lately, but if it resurfaces, feel free to reopen the task.

Jan 8 2024, 7:15 PM · vyos-frr
dmbaturin triaged T2503: IPv6 Firewall configuration error: Cannot delete rule set "GUEST-WAN-6" (still in use) as Low priority.
Jan 8 2024, 7:11 PM · VyOS 1.4 Sagitta (1.4.0-GA)
dmbaturin added a comment to T2288: Include iprange package in Vyos.

Now that 1.4 is about to be released and 1.3 going into maintenance mode, we definitely will not include it in 1.3.6.

Jan 8 2024, 7:07 PM · Restricted Project, VyOS 1.5 Circinus
dmbaturin triaged T2288: Include iprange package in Vyos as Wishlist priority.
Jan 8 2024, 7:07 PM · Restricted Project, VyOS 1.5 Circinus
dmbaturin triaged T5910: Grub problem(?) Serial Console no longer working as High priority.
Jan 8 2024, 7:06 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
c-po claimed T5911: pki: service update ignored if certificate name contains a hyphen (-).
Jan 8 2024, 6:58 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
c-po created T5911: pki: service update ignored if certificate name contains a hyphen (-).
Jan 8 2024, 6:58 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
n.fort closed T5888: Firewall upgrade fails because of icmpv6 as Resolved.
Jan 8 2024, 6:42 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
n.fort changed the status of T5896: Config Error on Boot with Podman and Firewall from In progress to Needs testing.
Jan 8 2024, 6:41 PM · VyOS 1.4 Sagitta
dmbaturin closed T5844: HTTPS API doesn't start without configured keys even when GraphQL authentication type is set to token as Resolved.
Jan 8 2024, 6:37 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus
dmbaturin closed T5664: 1.4 user has no permissions? as Resolved.

User creation works fine now.

Jan 8 2024, 6:37 PM · VyOS 1.4 Sagitta
dmbaturin closed T5318: Security Vulnerabilities for VyOS 1.3.3 as Resolved.
Jan 8 2024, 6:35 PM · VyOS 1.3 Equuleus (1.3.6)
dmbaturin closed T5215: Add a built-in ICMP health check for VRRP groups as Resolved.

Yes.

Jan 8 2024, 6:35 PM · VyOS 1.4 Sagitta
dmbaturin closed T5045: BFD is not starting after upgrade to 1.4-rolling-202302150317 as Resolved.
Jan 8 2024, 6:34 PM · VyOS 1.4 Sagitta
himurae added a comment to T5876: Dhcp bug in latest 1.5 rolling releases.

Yes I tested again upgrading with today's latest rolling release no ip address is served to clients so issue persists no changes

Jan 8 2024, 6:07 PM · VyOS 1.5 Circinus
jestabro claimed T5910: Grub problem(?) Serial Console no longer working.
Jan 8 2024, 6:07 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
dmbaturin closed T2371: custom dyndns configuration lost after upgrade from 1.2.4-epa1 to 1.2.5 as Not Applicable.

The dynamic DNS system has been revamped since then, so I assume this is no longer an issue, but feel free to reopen if it manifests again.

Jan 8 2024, 6:06 PM · VyOS 1.2 Crux
dmbaturin closed T3348: dhcpd: Can't create new lease file: Permission denied as Not Applicable.

I'm closing this since no new details surfaced. If it's still relevant, feel free to reopen.

Jan 8 2024, 6:03 PM · VyOS 1.3 Equuleus (1.3.6)
GitHub <[email protected]> committed rVYOSONEX3f64c00c892b: Merge pull request #2772 from vyos/mergify/bp/sagitta/pr-2760 (authored by c-po).
Jan 8 2024, 6:03 PM
dmbaturin closed T3394: Error on removing dhcpv6 address from interface as Resolved.
Jan 8 2024, 6:01 PM · VyOS 1.2 Crux (VyOS 1.2.9)
dmbaturin closed T3469: Upgrading from 1.2.6-S1 to 1.2.7 changes order of NICs on second reboot, a subtask of T2838: Ethernet device names changing, multiple hw-id being added, as Wontfix.
Jan 8 2024, 6:00 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
dmbaturin closed T3469: Upgrading from 1.2.6-S1 to 1.2.7 changes order of NICs on second reboot as Wontfix.

1.2 is now EOL, so no new changes will be made there.

Jan 8 2024, 5:59 PM · VyOS 1.2 Crux (VyOS 1.2.9)
dmbaturin removed a project from T2419: Cannot change udp-fragmentation-offload: VyOS 1.3 Equuleus (1.3.6).
Jan 8 2024, 5:58 PM
dmbaturin closed T2419: Cannot change udp-fragmentation-offload as Not Applicable.

Multiple people report both working UDP offload and firewall configurations, so I presume this issue is no longer relevant. Feel free to reopen if new details surface.

Jan 8 2024, 5:57 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXaa5c0e666851: image: T5898: fix kernel-level partition rescan (authored by mec).
Jan 8 2024, 5:51 PM
n.fort committed rVYOSONEX02db800b3aaa: T5896: firewall: backport interface validator for firewall rules..
Jan 8 2024, 5:50 PM
GitHub <[email protected]> committed rVYOSONEX54c7a301b9da: Merge pull request #2771 from nicolas-fort/T5896 (authored by c-po).
Jan 8 2024, 5:50 PM
fghorow updated the task description for T5910: Grub problem(?) Serial Console no longer working.
Jan 8 2024, 5:00 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
fghorow created T5910: Grub problem(?) Serial Console no longer working.
Jan 8 2024, 4:53 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
adestis added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.

The same problem (container config does not get loaded) occurs, when DNS is not available for whatever reason.
This must not prevent the current container settings to be online.

Jan 8 2024, 4:48 PM · VyOS 1.4 Sagitta (1.4.0-epa2), VyOS 1.5 Circinus
adestis added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.

I think I found the problem.

Jan 8 2024, 4:30 PM · VyOS 1.4 Sagitta (1.4.0-epa2), VyOS 1.5 Circinus
Viacheslav added a comment to T5909: Container registry with authentication prevents config load (section container) after reboot.

The first thing could be that the container cannot connect to the registry as it happens before static routing (not sure).

vyos@r4# /opt/vyatta/sbin/priority.pl | match "container|static"
450 container
480 protocols/static
481 vrf/name/node.tag/protocols/static
[edit]
vyos@r4#
Jan 8 2024, 4:14 PM · VyOS 1.4 Sagitta (1.4.0-epa2), VyOS 1.5 Circinus
adestis created T5909: Container registry with authentication prevents config load (section container) after reboot.
Jan 8 2024, 4:07 PM · VyOS 1.4 Sagitta (1.4.0-epa2), VyOS 1.5 Circinus
dniasoff added a comment to T5889: Migration NAT 5-to-6 bug.

Thanks Viacheslav

Jan 8 2024, 11:42 AM · VyOS 1.4 Sagitta
n.fort added a comment to T5896: Config Error on Boot with Podman and Firewall.

PR: https://github.com/vyos/vyos-1x/pull/2771

Jan 8 2024, 11:11 AM · VyOS 1.4 Sagitta
Waester updated the task description for T5908: Unable to reach WAN-IP from LAN with dhcp-interface.
Jan 8 2024, 11:04 AM · Restricted Project, VyOS 1.3 Equuleus (1.3.9)
Waester updated the task description for T5908: Unable to reach WAN-IP from LAN with dhcp-interface.
Jan 8 2024, 10:53 AM · Restricted Project, VyOS 1.3 Equuleus (1.3.9)
Waester created T5908: Unable to reach WAN-IP from LAN with dhcp-interface.
Jan 8 2024, 10:42 AM · Restricted Project, VyOS 1.3 Equuleus (1.3.9)
n.fort changed the status of T5896: Config Error on Boot with Podman and Firewall from Confirmed to In progress.
Jan 8 2024, 10:14 AM · VyOS 1.4 Sagitta
yun added a project to T3681: The VMware Tools resume script did not run successfully in this virtual machine.: VyOS 1.4 Sagitta.
Jan 8 2024, 9:17 AM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
Viacheslav added a parent task for T5351: VyOS deployed with cloud-init improperly saves config.boot: T5907: cloud-init root task for 1.5 and 1.4 .
Jan 8 2024, 9:13 AM · VyOS 1.4 Sagitta (1.4.0-GA)
Viacheslav added a parent task for T4781: cloud-init fails to handle "::" as a netmask for routes: T5907: cloud-init root task for 1.5 and 1.4 .
Jan 8 2024, 9:13 AM · VyOS Rolling, Restricted Project
Viacheslav added a parent task for T5901: Cloud-init and DHCP exit hook errors: T5907: cloud-init root task for 1.5 and 1.4 .
Jan 8 2024, 9:13 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav added a parent task for T5889: Migration NAT 5-to-6 bug: T5907: cloud-init root task for 1.5 and 1.4 .
Jan 8 2024, 9:13 AM · VyOS 1.4 Sagitta
Viacheslav added a parent task for T5906: Some cloud-init options may be stale or broken.: T5907: cloud-init root task for 1.5 and 1.4 .
Jan 8 2024, 9:13 AM · Restricted Project, VyOS Rolling
Viacheslav added subtasks for T5907: cloud-init root task for 1.5 and 1.4 : T5889: Migration NAT 5-to-6 bug, T5906: Some cloud-init options may be stale or broken., T5901: Cloud-init and DHCP exit hook errors, T5351: VyOS deployed with cloud-init improperly saves config.boot, T4781: cloud-init fails to handle "::" as a netmask for routes.
Jan 8 2024, 9:13 AM · VyOS Rolling
Viacheslav created T5907: cloud-init root task for 1.5 and 1.4 .
Jan 8 2024, 9:12 AM · VyOS Rolling
yun reopened T3681: The VMware Tools resume script did not run successfully in this virtual machine. as "Open".

Hi, this bug is introduced again in VyOS 1.4 (tested VyOS-1.4.0-rc1). Due to the following commit: https://github.com/vyos/vyos-1x/commit/64c9fdef02323309e97b2bb682604ada52d651e8

Jan 8 2024, 9:10 AM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
Viacheslav added a comment to T5889: Migration NAT 5-to-6 bug.

Ok the file does not have the Release version in config and migration do anyway
https://github.com/vyos/vyos-vm-images/blob/current/roles/install-config/templates/config.boot.j2

vyos@ci-router1# cat /config/config.boot.2024-01-08-083418.pre-migration 
nat {
    source {
        rule 100 {
            translation {
                address "masquerade"
            }
            outbound-interface {
                name "eth0"
            }
        }
    }
}
interfaces {
    ethernet eth0 {
        address "dhcp"
        hw-id "52:54:00:ff:97:48"
        mtu "1500"
    }
    loopback lo {
    }
}
service {
    ssh {
        client-keepalive-interval "180"
        port "22"
    }
}
system {
    config-management {
        commit-revisions "100"
    }
    host-name "ci-router1"
    login {
        user vyos {
            authentication {
                encrypted-password "*"
                plaintext-password "vyos"
            }
        }
    }
    ntp {
        server "time1.vyos.net"
        server "time2.vyos.net"
        server "time3.vyos.net"
    }
    syslog {
        global {
            facility all {
                level "notice"
            }
            facility protocols {
                level "debug"
            }
        }
    }
}
Jan 8 2024, 9:00 AM · VyOS 1.4 Sagitta
Viacheslav created T5906: Some cloud-init options may be stale or broken..
Jan 8 2024, 7:39 AM · Restricted Project, VyOS Rolling
chenxiaolong added a comment to T3316: Use Kea DHCP(v6) instead of ISC DHCP(v6).

The issue with the missing domain name in /etc/hosts with hostfile-update, as mentioned above, seems to trigger another problem. The hostname requested by the client seems to be added to /etc/hosts verbatim and some clients (eg. some Windows machines and printers) request a fully qualified name with a trailing dot. Since pdns-recursor unconditionally appends a dot, there are now two trailing dots, causing pdns-recursor to crash if it restarts.

Jan 8 2024, 12:38 AM · VyOS 1.5 Circinus
mec added a comment to T5898: Replace partprobe with partx due to unable to install VyOS.

I said it in the PR, but I'll say it here too -- I really don't have an idea, nor do I have enough knowledge of the codebase to get debugging data. I suspect that partprobe is either getting an error back from the kernel or is throwing its own error, and partx isn't. if I could step through the process and look at a couple things (like, is some partition actually mounted when partprobe runs, which could trigger this?) I would, assuming I've got the spare cycles. I don't at the immediate moment, and especially not to run through the code to try and figure out debugging on my own. Even being told "set debug here, here, and here, then retry the install" would help.

Jan 8 2024, 12:13 AM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus

Jan 7 2024

c-po committed rVYOSONEX2095eb75a232: smoketest: T5905: always delete pki in ipsec test startup.
Jan 7 2024, 9:38 PM
c-po committed rVYOSONEX410458c00e62: ipsec: T5905: use interface_exists() wrapper over raw calls to os.path.exists().
Jan 7 2024, 9:38 PM
c-po committed rVYOSONEX9162631f12ad: pki: T5905: do not use expand_nodes=Diff.ADD|Diff.DELETE) in node_changed().
Jan 7 2024, 9:38 PM
GitHub <[email protected]> committed rVYOSONEX864524ba86b0: Merge pull request #2768 from c-po/pki-ipsec-T5905 (authored by c-po).
Jan 7 2024, 9:38 PM
Viacheslav closed T5899: VyOS vm images use bookworm repo as Resolved.
Jan 7 2024, 9:33 PM · VyOS 1.5 Circinus
GitHub <[email protected]> committed rVYOSONEX48c09cb91079: Merge pull request #2770 from vyos/mergify/bp/sagitta/pr-2769 (authored by Viacheslav).
Jan 7 2024, 9:07 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX8d16ec73841a: smoketest: T5195: fix BasicInterfaceTest tearDown() timeout penalty (authored by c-po).
Jan 7 2024, 9:00 PM
c-po committed rVYOSONEX041db49533d5: smoketest: T5195: fix BasicInterfaceTest tearDown() timeout penalty.
Jan 7 2024, 8:59 PM
GitHub <[email protected]> committed rVYOSONEX44c190dd44f8: Merge pull request #2769 from c-po/T5195-penalty (authored by c-po).
Jan 7 2024, 8:59 PM
sarthurdev added a comment to T5876: Dhcp bug in latest 1.5 rolling releases.

Is this still an issue on newer rolling images? This PR addresses ownership issues in /config on system update: https://github.com/vyos/vyos-1x/pull/2731

Jan 7 2024, 7:21 PM · VyOS 1.5 Circinus
Apachez added a comment to T5898: Replace partprobe with partx due to unable to install VyOS.

How come partprobe fails but not partx?

Jan 7 2024, 5:42 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus