I would like to contribute with a PR about this. At the same, time I would need some guidance on identifying the conditions requiring the onlink option to be added.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Nov 16 2023
Nov 16 2023
GitHub <[email protected]> committed rVYOSONEXcab0d62af86c: Merge pull request #2496 from vyos/mergify/bp/sagitta/pr-2481 (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXe0efc61a6ffc: smoketest: Extend HTTP-API tests (authored by Viacheslav).
GitHub <[email protected]> committed rVYOSONEX4131b6cb6b63: Merge pull request #2481 from sever-sever/smoketest-api (authored by c-po).
GitHub <[email protected]> committed rVYOSONEXccf8a0a0466c: Merge pull request #2494 from vyos/mergify/bp/sagitta/pr-2491 (authored by c-po).
giuavo added a comment to T5722: Commit failure when trying to add a route in failover if the gateway is not in the same interface network.
c-po committed rVYOSONEXbd873274d462: T5747: op-mode add MAC and MTU for show interfaces summary (authored by Viacheslav).
a.hajiyev changed the status of T2816: Rewrite IPsec scripts with the new XML/Python approach from Needs testing to In progress.
n.fort changed the status of T4072: Feature Request: Firewall on bridge interfaces from Needs testing to In progress.
As I undestand it is possible now to create multiple auth ID's
vyos@r4# set vpn ipsec authentication psk FOO id Possible completions: <text> ID used for authentication
Not sure about other options.
Viacheslav added a project to T5747: op-mode add MAC VRF and MTU for show interfaces summary: VyOS 1.4 Sagitta.
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX59b57b97f80f: T5747: op-mode add MAC and MTU for show interfaces summary (authored by Viacheslav).
GitHub <[email protected]> committed rVYOSONEX181c8d5c5715: Merge pull request #2491 from sever-sever/T5747 (authored by c-po).
Viacheslav renamed T5747: op-mode add MAC VRF and MTU for show interfaces summary from op-mode add MAC and MTU for show interfaces to op-mode add MAC VRF and MTU for show interfaces summary.
Tested in VyOS 1.4-rolling-202311100309 (AES)
GitHub <[email protected]> committed rVYOSONEXc1754c4c0610: Merge pull request #2493 from vyos/mergify/bp/sagitta/pr-2490 (authored by c-po).
Tested in VyOS 1.4-rolling-202311100309 (3DES)
Viacheslav closed T5689: FRR 9.0.1 in VyOS current segfaults on show rpki prefix $prefix as Resolved.
Viacheslav changed the status of T5689: FRR 9.0.1 in VyOS current segfaults on show rpki prefix $prefix from Open to Needs testing.
In VyOS 1.3.4
Configs:
I have a similar setup where I have two VyOS VMs used as VPN routers with some firewalling enabled. Since I use OSPF for dynamic routing I am not able to synchronize the sessions between both routers so in case one VPN router fails the other one can't take over flawlessly. Having conntrack-sync configuration separated from VRRP would be a great benefit.
I tested in VyOS 1.4-rolling-202311100309
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXdc80f64212a7: op-mode: vrf: T5150: add "show vrf vni" and "show vrf <name> vni" commands (authored by c-po).
GitHub <[email protected]> committed rVYOSONEXc3d96163b3e6: Merge pull request #2490 from c-po/op-mode-vni-t5150 (authored by c-po).
Unknown Object (User) added a comment to T4940: Interface debugging.
https://github.com/vyos/vyos-1x/pull/2492
for equuleus
Tested in VyOS 1.4-rolling-202311100309
Tried with single quotes: ''
This can be done in other areas such as firewall rules already:
Nov 15 2023
Nov 15 2023
PR https://github.com/vyos/vyos-1x/pull/2491
vyos@r4# run show interfaces summary
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface IP Address MAC VRF MTU S/L Description
----------- ----------------- ----------------- ------- ----- ----- -------------
dum0 203.0.113.1/32 96:44:ad:c5:a1:a5 default 1500 u/u
eth0 192.168.122.14/24 52:54:00:f1:fd:77 default 1500 u/u WAN
eth1 192.0.2.1/24 52:54:00:04:33:2b foo 1500 u/u LAN-eth1
eth1v10v4 10.10.10.10/24 00:00:5e:00:01:0a foo 1500 u/u
eth2 - 52:54:00:40:2e:af default 1504 u/u LAN-eth2
eth3 - 52:54:00:09:a4:b4 default 1500 A/D
eth4 - 52:54:00:2c:51:09 default 1500 A/D
eth5 - 52:54:00:f3:1d:e8 default 1500 A/D
lo 127.0.0.1/8 00:00:00:00:00:00 default 65536 u/u
::1/128watson.ash added a comment to T5728: Improve compatibility between OpenVPN on VyOS 1.5 and OpenVPN Connect Client.
looks great from my perspective (I've just updated our nodes. Tested on Community Edition client on windows and Connect V3 client on windows and Tunnelblick on Mac all working as expected. (I tested with; 1.5-rolling-202311150738).
nice work!
Viacheslav added a project to T5745: conntrack-sync: Multiprimary setups for HA/VRRP: VyOS 1.5 Circinus.
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX00d0984cea30: pim6: T5733: add missing FRR PIM6 related features (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXb2d446963680: pim: T5733: incorporate feedback from peer review (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXc1279a0faf64: pim: T5733: fix CLI level of global PIM commands (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXdb08071f28d0: igmp: T5736: support per interface "disable" CLI node (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX234e643d3cd4: igmp: T5736: migrate "protocols igmp" to "protocols pim" (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXf42ae2c900a3: pim: T5733: rename watermark-warn -> watermark-warning (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXe68d8d7b69d5: pim: T5733: split out XML definitions to be re-used by pim6 (authored by c-po).
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXa78037d0c3eb: pim: T5733: add missing FRR PIM related features (authored by c-po).
Created a related feature request but for VRRP here
https://vyos.dev/T5745
Viacheslav moved T5732: generate firewall rule-resequence drops geoip country-code from output from Open to Finished on the VyOS 1.4 Sagitta board.
to keep track of this request on git
https://github.com/vyos/vyos-1x/pull/1960
JeffWDH closed T5732: generate firewall rule-resequence drops geoip country-code from output as Resolved.
JeffWDH added a comment to T5732: generate firewall rule-resequence drops geoip country-code from output.
Fix was merged into 1.4 and 1.5.
GitHub <[email protected]> committed rVYOSONEX7b0eaba2d365: Merge pull request #2487 from vyos/mergify/bp/sagitta/pr-2486 (authored by dmbaturin).
GitHub <[email protected]> committed rVYOSONEXe085f3e6c21a: Merge pull request #2476 from c-po/frr-pim-T5733 (authored by c-po).
Viacheslav added a project to T3983: show pki certificate Doesnt show x509 certificates: VyOS 1.5 Circinus.
I had entered the command as you have suggested and I think it's working somehow.
This is still an issue in 1.5. I tried importing a cert signed by my own CA and got the same error.
Viacheslav changed the status of T5726: HTTPS API image cannot be updated from Open to Needs testing.
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX67836889216e: T5732: generate firewall rule-resequence drops geoip country-code from output (authored by JeffWDH).
GitHub <[email protected]> committed rVYOSONEXaa7a5131a5d1: T5732: generate firewall rule-resequence drops geoip country-code from output (authored by JeffWDH).
GitHub <[email protected]> committed rVYOSONEX0cc409787389: Merge pull request #2486 from JeffWDH/current (authored by Viacheslav).
GitHub <[email protected]> committed rVYOSONEXf021386b8860: Merge pull request #2474 from vyos/mergify/bp/sagitta/pr-2435 (authored by c-po).
GitHub <[email protected]> committed rVYOSONEX8c222c3848fe: Merge pull request #2484 from vyos/mergify/bp/sagitta/pr-2479 (authored by c-po).
Viacheslav changed the status of T5732: generate firewall rule-resequence drops geoip country-code from output from Open to In progress.
GitHub <[email protected]> committed rVYOSONEX525d3364aa1a: Merge pull request #2485 from vyos/mergify/bp/sagitta/pr-2483 (authored by c-po).
JeffWDH added a comment to T5732: generate firewall rule-resequence drops geoip country-code from output.
GitHub <[email protected]> committed rVYOSONEX5ea97243eb50: Merge pull request #2478 from nicolas-fort/T5729-Sagitta (authored by c-po).
Viacheslav moved T5726: HTTPS API image cannot be updated from Open to Finished on the VyOS 1.5 Circinus board.
PR for 1.5
https://github.com/vyos/vyos-1x/pull/2483