- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Feb 12 2024
This turns out to be non-trivial, due to the interaction between legacy and modern behavior; nonetheless, a simple preliminary fix is in testing, and the task will be updated with the details when the PR is complete.
This does seem to be new behaviour introduced with Kea. ISC dhcpd did previously assume local distribution of a subnet based on the interface having an address within the subnet, Kea has changed to require this being explicitly defined.
I'm thinking end of the day an integrated learn address script that can update vyos's forwarder or any of the upstream DNS its using, and then calling learn-address on each client learned in the openvpn is the ideal way to do it since learn-address is built into openvpn
Here is a redacted version
@evilmog Can you provide the OpenVPN/other configuration to achieve what you want?
Wait two weeks before closing.
@mb300sd Let us know if it is fixed.
It cannot be backported to 1.3 as there are no config-mode-dependencies
There have been no reports since 2021
PR for fix in vyos-build: https://github.com/vyos/vyos-build/pull/501
PR for smoketest (modified because of change in build): https://github.com/vyos/vyos-1x/pull/2991
PR for fix in vyos-build: https://github.com/vyos/vyos-build/pull/501
PR for smoketest (modified because of change in build): https://github.com/vyos/vyos-1x/pull/2991
What is the resolution? How was it resolved? @Viacheslav
@TheSin- we also need this feature because our old blacklisting implementation is no longer working since the new nft implementation replaces sets after changes in the config.
So we have to go the official way and I just stumbled over your feature request when I started to make my own implementation.
Even when I have not implemented any core parts for VyOS yet, I offer my help with the implementation of this feature.
merged
@dmbaturin I understand that show commands are already implemented via the API.
But what about commands like ping and traceroute?
Would this require much more effort?
Feb 11 2024
Seems its actually the tunnel interface it doesnt like, not the address.
Feb 10 2024
The GraphQL API supports op mode in a much nicer way.
The code in question was rewritten, but if any new bugs show up, feel free to report.
The code in question has been rewritten so if there are bugs, they are likely different. ;)