@Viacheslav, Thank you for the hint. After further analysis, these are the findings from the tests done in the lab running 1.4.0 version on both sides with server/client setup.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Jul 12 2024
Jul 12 2024
@fernando Any idea for CLI?
vyosbot placed T200: Automated config deployment from a removable drive at installation time up for grabs.
vyosbot placed T3973: Feature Request: Multicast ping. Change TTL in Echo-reply from VyOS up for grabs.
Jul 11 2024
Jul 11 2024
jestabro added a comment to T6559: vyos-configd should return commit error on config dependency error.
The solution sketched above will be handled in subtask T6569; in this task we will revert to using only the local redundancy removal in order to provide per-script error reporting.
zsdc added a comment to T6568: SSH keys with the same name replace each other during system initialization by Cloud-init.
PR for current: https://github.com/vyos/vyos-cloud-init/pull/78
zsdc changed the status of T6568: SSH keys with the same name replace each other during system initialization by Cloud-init from Open to In progress.
PR for 1.4: https://github.com/vyos/vyos-1x/pull/3806
In T6545#194997, @SrividyaA wrote:@Viacheslav, For site-to-site or server/client mode, when used cipher option as none then also issue is noticed. When you commit, it gives this warning:
vyos@vyos# set int openvpn vtun1 encryption cipher none [edit] vyos@vyos# commit Warning: "encryption none" was specified! No encryption will be performed and data is transmitted in plain text over the network!Logs:
Jul 10 14:51:39 openvpn-vtun1[12357]: Cipher NONE not supported
Jul 10 2024
Jul 10 2024
c-po changed the status of T6566: op-mode: "monitor bandwidth" add support for listing all interfaces concurrently from Open to In progress.
@Viacheslav, For site-to-site or server/client mode, when used cipher option as none then also issue is noticed. When you commit, it gives this warning:
In T6563#194972, @Viacheslav wrote:Any idea for CLI?
Jul 9 2024
Jul 9 2024
Vijayakumar changed the status of T6565: Use bullfrog action to get the outbound info audit - vyos-1x current from Open to In progress.
Vijayakumar changed the status of T6565: Use bullfrog action to get the outbound info audit - vyos-1x current, a subtask of T6309: Check code quality with CodeQL, from Open to In progress.
Any idea for CLI?
Jul 8 2024
Jul 8 2024
Vijayakumar renamed T6564: workflow trigger restrictions as per change type, vyos-1x sagitta, circinus, equuleus from workflow trigger restrictions as per change type, vyos-1x sagitta to workflow trigger restrictions as per change type, vyos-1x sagitta, circinus, equuleus.
dmbaturin removed a project from T1467: Loopback interface naming and dummy devices: VyOS 1.5 Circinus.
Since loopback and dummy are fundamentally different in Linux, trying to pretend they are not would be misleading rather than helpful. Unless anything changes in the kernel, we should keep things as is.
Viacheslav changed the subtype of T6562: config-sync is not vrf aware from "Task" to "Feature Request".
jestabro added a comment to T6559: vyos-configd should return commit error on config dependency error.
Recovering gracefully and logging an error is a simple fix, and will be committed in the interim while the larger issue is addressed: namely, when running under vyos-configd, a ConfigError in a called dependency script should elicit a commit error in the originating config session. Here, however, we confront again the constraints of operating under the legacy commit algorithm. To address the matter, we will implement a partial solution to T5731 so as to catch verification errors in the (first instance of) sequential processing of the priority queue and cache the data for final processing of the activation stages (generate/apply); errors in the latter stages, as less common, will be logged. The sketch provided summarizes a design that balances the needs of early and correct (verify stage) error reporting with removing redundancy overhead when running under configd.
Jul 7 2024
Jul 7 2024
Vijayakumar closed T6560: workflow trigger restrictions as per change type, vyos-1x current, a subtask of T6309: Check code quality with CodeQL, as Resolved.
Vijayakumar closed T6560: workflow trigger restrictions as per change type, vyos-1x current as Resolved.
Vijayakumar renamed T6560: workflow trigger restrictions as per change type, vyos-1x current from skip workflows as per change type to workflow trigger restrictions as per change type, vyos-1x current.
Vijayakumar closed T6556: wokrflow trigger branches cleanup, a subtask of T6309: Check code quality with CodeQL, as Resolved.
Vijayakumar closed T6546: add permissions for unused import workflow callers, a subtask of T6309: Check code quality with CodeQL, as Resolved.
Vijayakumar closed T6540: add reusable workflows for vyatta-bash, a subtask of T6309: Check code quality with CodeQL, as Resolved.
Vijayakumar closed T6509: Add PR comment in case of unused import check fails, a subtask of T6309: Check code quality with CodeQL, as Resolved.
There are two possible places where encrypted DNS support might be desired in a standard setup where VyOS is hosting a local resolver/recursor:
Jul 6 2024
Jul 6 2024
After spending more time handling VRFs within VyOS the answer from @Viacheslav is best
Jul 5 2024
Jul 5 2024
In T6211#194799, @stephenmcmahon wrote:In T6211#189615, @Viacheslav wrote:Probably the best way will be moving the config to the vrf section (not implemented)
For example:set vrf name foo service dhcp-server shared-network-name eth1 option default-router '192.168.1.1' set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 lease '300' set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 range default start '192.168.1.10' set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 range default stop '192.168.1.100' set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 subnet-id '1'
In T6211#189615, @Viacheslav wrote:Probably the best way will be moving the config to the vrf section (not implemented)
For example:set vrf name foo service dhcp-server shared-network-name eth1 option default-router '192.168.1.1' set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 lease '300' set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 range default start '192.168.1.10' set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 range default stop '192.168.1.100' set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 subnet-id '1'And start several instances, each with its configuration.
c-po moved T6496: Add support for WPA-Enterprise client-mode from Need Triage to Finished on the VyOS 1.5 Circinus board.
c-po changed the status of T6539: Add logging options to load-balancer reverse-proxy from In progress to Needs testing.
c-po moved T6539: Add logging options to load-balancer reverse-proxy from Need Triage to Finished on the VyOS 1.5 Circinus board.
c-po moved T6290: SNMPD show logs systemstats_linux: unexpected header length from In Progress to Finished on the VyOS 1.4 Sagitta (1.4.1) board.
c-po moved T4287: wireless: cannot set regulatory domain from In Progress to Finished on the VyOS 1.5 Circinus board.
c-po moved T4287: wireless: cannot set regulatory domain from In Progress to Finished on the VyOS 1.4 Sagitta (1.4.1) board.
Viacheslav added a comment to T4600: Closing IPV6CP by client closes PPPoE link completely, even if IPv6 is optional.
Add PR on accell-ppp repo or patch in the vyos-build via PR https://github.com/vyos/vyos-build/tree/current/packages/linux-kernel/patches/accel-ppp
There are no other options for review.
miguemely updated the task description for T6557: Cloudflare is restricting sagitta-packages.vyos.net.