Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

Apr 10 2024

HollyGurza added a comment to T6106: Improve the commit error message for the case when route-reflector-client option is defined in a peer-group.

i think yes, now we will show frr logs for unhandled exceptions and normal short messages for others e.g. route-reflector-client only supported for iBGP peers

Apr 10 2024, 3:45 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
Thunderstorm claimed T6220: add IPv6 support for TACACS.
Apr 10 2024, 2:25 AM · VyOS 1.5 Circinus
Thunderstorm created T6220: add IPv6 support for TACACS.
Apr 10 2024, 2:25 AM · VyOS 1.5 Circinus
Giggum added a comment to T5694: NTP should always be allowed from localhost and bindaddress/binddevice can only exist once.

I gave it a go due to similarities between this and https://vyos.dev/T6123.

Apr 10 2024, 2:07 AM · VyOS 1.5 Circinus

Apr 9 2024

tgnthump added a comment to T6219: sysctl support for containers.

Started on a PR: https://github.com/vyos/vyos-1x/pull/3288

Apr 9 2024, 7:45 PM · VyOS 1.4 Sagitta (1.4.0-GA)
Viacheslav triaged T6218: Container network interface in VRF fails to generate IPv6 link-local address as Normal priority.
Apr 9 2024, 7:35 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
GitHub <[email protected]> committed rVYOSONEX240218750c3a: Merge pull request #3287 from vyos/mergify/bp/sagitta/pr-3286 (authored by Viacheslav).
Apr 9 2024, 7:31 PM
tgnthump added a comment to T6219: sysctl support for containers.

My specific use case is a container that requires --sysctl=net.ipv4.conf.all.forwarding=1

Apr 9 2024, 6:41 PM · VyOS 1.4 Sagitta (1.4.0-GA)
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX5497edf69c7e: container: T6218: fix host IPv6 link-local address for VRF networks (authored by jvoss).
Apr 9 2024, 6:34 PM
jvoss committed rVYOSONEX6b5590ae3325: container: T6218: fix host IPv6 link-local address for VRF networks.
Apr 9 2024, 6:33 PM
GitHub <[email protected]> committed rVYOSONEX5d890037b177: Merge pull request #3286 from jvoss/eui64_podman_vrf (authored by c-po).
Apr 9 2024, 6:33 PM
tgnthump created T6219: sysctl support for containers.
Apr 9 2024, 6:30 PM · VyOS 1.4 Sagitta (1.4.0-GA)
jvoss updated the task description for T6218: Container network interface in VRF fails to generate IPv6 link-local address.
Apr 9 2024, 6:28 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
jvoss claimed T6218: Container network interface in VRF fails to generate IPv6 link-local address.
Apr 9 2024, 6:19 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
jvoss created T6218: Container network interface in VRF fails to generate IPv6 link-local address.
Apr 9 2024, 6:19 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
GitHub <[email protected]> committed rVYOSONEX9a965086a3eb: Merge pull request #3285 from vyos/mergify/bp/sagitta/pr-3259 (authored by c-po).
Apr 9 2024, 4:56 PM
Viacheslav closed T3409: Add back TCP-MSS Clamp to PMTU as Resolved.

Mark it as resolved, reopen the task if required.

Apr 9 2024, 4:21 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T6106: Improve the commit error message for the case when route-reflector-client option is defined in a peer-group.

Was it fixed?

Apr 9 2024, 4:12 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav changed the status of T6106: Improve the commit error message for the case when route-reflector-client option is defined in a peer-group from In progress to Needs testing.
Apr 9 2024, 4:12 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav added a comment to T6124: Docker equuleus build image doesn't build due to fpm.

@MattK Could you re-check and close it?

Apr 9 2024, 4:08 PM · VyOS 1.3 Equuleus (1.3.7)
Viacheslav changed the status of T6132: Conntrack-sync Internal Cache Growing Uncontrollably from Open to Needs reporter action.
Apr 9 2024, 4:06 PM · Restricted Project, VyOS 1.5 Circinus
Viacheslav changed the status of T6212: Firewall offload counters show always zero from Open to Needs testing.
Apr 9 2024, 4:06 PM · VyOS 1.5 Circinus
Viacheslav added a comment to T2801: conntrack-tools flooding logs.

@tjh Any updates?
By the way there is a new option

vyos@r4# set service conntrack-sync disable-syslog 
[edit]
vyos@r4#
Apr 9 2024, 4:04 PM · VyOS 1.4 Sagitta (1.4.0-epa1), VyOS 1.3 Equuleus (1.3.7)
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX5264ba80e8c6: container: T6210: add capability sys-nice (authored by theflakes).
Apr 9 2024, 3:59 PM
GitHub <[email protected]> committed rVYOSONEXb8f3c61ca514: container: T6210: add capability sys-nice (authored by theflakes).
Apr 9 2024, 3:58 PM
Viacheslav added a comment to T5745: conntrack-sync: Multiprimary setups for HA/VRRP.

https://conntrack-tools.netfilter.org/manual.html#sync-aa

conntrackd allows you to deploy an symmetric Active-Active setup based on a static approach. For example, assume that you have two virtual IPs, vIP1 and vIP2, and two firewall replicas, FW1 and FW2. You can give the virtual vIP1 to the firewall FW1 and the vIP2 to the FW2.
Apr 9 2024, 3:58 PM · VyOS 1.5 Circinus, vyatta-vrrp, vyatta-conntrack-sync
GitHub <[email protected]> committed rVYOSONEX98d6fdffeae4: Merge pull request #3284 from vyos/mergify/bp/sagitta/pr-3283 (authored by c-po).
Apr 9 2024, 3:43 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXde1afd1cfe39: T6199: add missing build dependency (authored by c-po).
Apr 9 2024, 3:23 PM
c-po committed rVYOSONEX8e2330fed648: T6199: add missing build dependency.
Apr 9 2024, 3:22 PM
GitHub <[email protected]> committed rVYOSONEX1f369d50c15b: Merge pull request #3283 from c-po/T6199-build-fix (authored by c-po).
Apr 9 2024, 3:22 PM
GitHub <[email protected]> committed rVYOSONEX80257788f205: Merge pull request #3282 from vyos/mergify/bp/sagitta/pr-3280 (authored by c-po).
Apr 9 2024, 3:09 PM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX3419a8f039a6: T5858: Fix op-mode format for show conntrack statistics (authored by Viacheslav).
Apr 9 2024, 2:58 PM
Viacheslav committed rVYOSONEX13ed4f9d489d: T5858: Fix op-mode format for show conntrack statistics.
Apr 9 2024, 2:56 PM
GitHub <[email protected]> committed rVYOSONEX28e8233baae5: Merge pull request #3280 from sever-sever/T5858 (authored by dmbaturin).
Apr 9 2024, 2:56 PM
Viacheslav added a project to T6217: Set the log id of the VRRP contrack-sync script to vyos-vrrp-conntracksync: Restricted Project.
Apr 9 2024, 2:56 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav added a comment to T6132: Conntrack-sync Internal Cache Growing Uncontrollably.

@trae32566 Can you provide the next output?

sudo conntrackd -C /run/conntrackd/conntrackd.conf -s  && echo "conntrack_count: " && sudo conntrack -C
sudo conntrackd -C /run/conntrackd/conntrackd.conf -s network
sudo conntrackd -C /run/conntrackd/conntrackd.conf -s cache
sudo conntrackd -C /run/conntrackd/conntrackd.conf -s runtime
sudo conntrackd -C /run/conntrackd/conntrackd.conf -s link
sudo conntrackd -C /run/conntrackd/conntrackd.conf -s queue
Apr 9 2024, 1:05 PM · Restricted Project, VyOS 1.5 Circinus
Viacheslav triaged T6217: Set the log id of the VRRP contrack-sync script to vyos-vrrp-conntracksync as Low priority.
Apr 9 2024, 12:21 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav created T6217: Set the log id of the VRRP contrack-sync script to vyos-vrrp-conntracksync.
Apr 9 2024, 12:20 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
n.fort added a subtask for T5938: Migration fail root task for 1.4-rc: T6216: Firewall group names that contain the '+' character break the config.
Apr 9 2024, 12:20 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
n.fort added a parent task for T6216: Firewall group names that contain the '+' character break the config: T5938: Migration fail root task for 1.4-rc.
Apr 9 2024, 12:20 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
HollyGurza added a comment to T6206: L2tp smoketest fails if vyos-configd is running.

https://github.com/vyos/vyatta-cfg/pull/77

Apr 9 2024, 12:11 PM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
n.fort changed the status of T6216: Firewall group names that contain the '+' character break the config from Open to Confirmed.
Apr 9 2024, 12:11 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
n.fort created T6216: Firewall group names that contain the '+' character break the config.
Apr 9 2024, 12:11 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
n.fort added a comment to T6213: Validations in firewall groups mistakenly reject correct configurations.

PR: https://github.com/vyos/vyos-1x/pull/3281

Apr 9 2024, 11:13 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
n.fort added a comment to T6214: Error when using some constraints.

PR: https://github.com/vyos/vyos-1x/pull/3281

Apr 9 2024, 11:13 AM · VyOS 1.4 Sagitta (1.4.0-epa2)
a.hajiyev added a comment to T6215: Replace confusing error messages with clear ones when delete rule form firewall policy.

https://github.com/vyos/vyatta-cfg-firewall/pull/37

Apr 9 2024, 10:56 AM · VyOS 1.3 Equuleus (1.3.8)
a.hajiyev created T6215: Replace confusing error messages with clear ones when delete rule form firewall policy.
Apr 9 2024, 10:51 AM · VyOS 1.3 Equuleus (1.3.8)
Viacheslav moved T6121: Extend service config-sync for sections vpn, policy, vrf from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-epa3) board.
Apr 9 2024, 10:32 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav edited projects for T6121: Extend service config-sync for sections vpn, policy, vrf, added: VyOS 1.4 Sagitta (1.4.0-epa3); removed VyOS 1.4 Sagitta (1.4.0-epa2).
Apr 9 2024, 10:32 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav moved T6121: Extend service config-sync for sections vpn, policy, vrf from Open to Finished on the VyOS 1.5 Circinus board.
Apr 9 2024, 10:32 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav closed T6121: Extend service config-sync for sections vpn, policy, vrf as Resolved.
Apr 9 2024, 10:32 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav changed the status of T5858: Improve the formatting of conntrack statistics output from Open to In progress.

PR https://github.com/vyos/vyos-1x/pull/3280

vyos@r15-left:~$ show conntrack statistics 
CPU    Found    Invalid    Insert    Insert fail    Drop    Early drop    Errors    Search restart
-----  -------  ---------  --------  -------------  ------  ------------  --------  ----------------  --  --
0      0        280        0         1              1       0             1         0                 2   0
1      0        73         0         0              0       0             126       0                 1   0
vyos@r15-left:~$
Apr 9 2024, 10:30 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
n.fort renamed T6214: Error when using some constraints from Error when using some contraints to Error when using some constraints.
Apr 9 2024, 9:45 AM · VyOS 1.4 Sagitta (1.4.0-epa2)
n.fort created T6214: Error when using some constraints.
Apr 9 2024, 9:44 AM · VyOS 1.4 Sagitta (1.4.0-epa2)
Giggum updated the task description for T6123: Limit NTP allow-client config to internal addresses by default.
Apr 9 2024, 12:36 AM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus
Giggum updated the task description for T6123: Limit NTP allow-client config to internal addresses by default.
Apr 9 2024, 12:18 AM · VyOS 1.4 Sagitta (1.4.0-GA), VyOS 1.5 Circinus

Apr 8 2024

Giggum added a comment to T6099: Suppress unsupported interfaces from appearing in messages log by Telegraf .
In T6099#182627, @Viacheslav wrote:

@Giggum Can you check it in 1.5?

Yeah sure thing I can do that. Will I be able to roll back from the latest 1.5 to the version of 1.4 rolling I’m on after testing is complete or will the config mess up?

Apr 8 2024, 11:17 PM · VyOS 1.5 Circinus
c-po edited projects for T6173: Build Causes Errors When "--version" Contains Slashes ("/"), added: VyOS 1.4 Sagitta (1.4.0-epa3); removed VyOS 1.4 Sagitta (1.4.0-epa2).
Apr 8 2024, 6:46 PM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
c-po added a comment to T6173: Build Causes Errors When "--version" Contains Slashes ("/").

https://github.com/vyos/vyos-build/pull/553

Apr 8 2024, 6:45 PM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
a.apostoliuk claimed T3770: BGP neighbor not generating the correct frr configuration when moved to peer-group.
Apr 8 2024, 2:30 PM · VyOS 1.3 Equuleus (1.3.7)
n.fort moved T6068: Support active-active and active-passive high availability modes in DHCP server from Open to Finished on the VyOS 1.5 Circinus board.
Apr 8 2024, 12:04 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
n.fort moved T6068: Support active-active and active-passive high availability modes in DHCP server from Open to Finished on the VyOS 1.4 Sagitta board.
Apr 8 2024, 12:03 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
n.fort closed T6068: Support active-active and active-passive high availability modes in DHCP server as Resolved.
Apr 8 2024, 12:03 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav changed the status of T3437: BGP Confederation Addition Causes Error from Needs testing to Confirmed.
Apr 8 2024, 11:36 AM · VyOS 1.3 Equuleus (1.3.7)
n.fort changed the status of T6213: Validations in firewall groups mistakenly reject correct configurations from Open to In progress.
Apr 8 2024, 11:12 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
n.fort created T6213: Validations in firewall groups mistakenly reject correct configurations.
Apr 8 2024, 11:11 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
a.apostoliuk added a comment to T3437: BGP Confederation Addition Causes Error.

Rechecked - The issue exists.

Apr 8 2024, 11:11 AM · VyOS 1.3 Equuleus (1.3.7)
a.apostoliuk changed the status of T6196: route-map and summary-only do not work in BGP aggregation at the same time from Unknown Status to Resolved.
Apr 8 2024, 11:05 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta (1.4.0-epa3)
Viacheslav added a comment to T6212: Firewall offload counters show always zero.

After deleting and adding the firewall, it looks good
So, for some reason, the rule 10 and default action accept were applied 2 times to the firewall

	chain VYOS_FORWARD_filter {
		type filter hook forward priority filter; policy accept;
		counter packets 928376 bytes 1800341472 flow add @VYOS_FLOWTABLE_FLOWTABLE comment "ipv4-FWD-filter-10"
		counter packets 928376 bytes 1800341472 accept comment "FWD-filter default-action accept"
		counter packets 0 bytes 0 flow add @VYOS_FLOWTABLE_FLOWTABLE comment "ipv4-FWD-filter-10"
		ct state { established, related } counter packets 0 bytes 0 flow add @VYOS_FLOWTABLE_FLOWTABLE comment "ipv4-FWD-filter-20"
		counter packets 0 bytes 0 accept comment "FWD-filter default-action accept"
	}
Apr 8 2024, 11:04 AM · VyOS 1.5 Circinus
Viacheslav triaged T6212: Firewall offload counters show always zero as Normal priority.
Apr 8 2024, 10:55 AM · VyOS 1.5 Circinus
Viacheslav created T6212: Firewall offload counters show always zero.
Apr 8 2024, 10:52 AM · VyOS 1.5 Circinus
a.apostoliuk moved T6197: Validation error in the IPoE server interface client-subnet option from Open to Finished on the VyOS 1.5 Circinus board.
Apr 8 2024, 9:00 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
a.apostoliuk closed T6197: Validation error in the IPoE server interface client-subnet option as Resolved.
Apr 8 2024, 9:00 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
a.apostoliuk changed the status of T6197: Validation error in the IPoE server interface client-subnet option from In progress to Needs testing.
Apr 8 2024, 8:58 AM · VyOS 1.4 Sagitta (1.4.0-epa3)
HollyGurza added a comment to T6206: L2tp smoketest fails if vyos-configd is running.

probably related task T5660

Apr 8 2024, 8:21 AM · VyOS 1.4 Sagitta (1.4.0-epa3), VyOS 1.5 Circinus
GitHub <[email protected]> committed rVYOSONEX39e95fd06c85: Merge pull request #3279 from vyos/mergify/bp/sagitta/pr-3278 (authored by dmbaturin).
Apr 8 2024, 7:54 AM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEXd6198a155c2d: image-tools: T6207: restore choice of config.boot.default as boot config (authored by jestabro).
Apr 8 2024, 5:38 AM
Mergify <37929162+mergify[bot]@users.noreply.github.com> committed rVYOSONEX8d35b257caae: utils.io: T6207: allow default in select_entry (authored by jestabro).
Apr 8 2024, 5:38 AM
jestabro committed rVYOSONEX5a8be747febc: utils.io: T6207: allow default in select_entry.
Apr 8 2024, 5:37 AM
jestabro committed rVYOSONEX619e2262e776: image-tools: T6207: restore choice of config.boot.default as boot config.
Apr 8 2024, 5:37 AM
GitHub <[email protected]> committed rVYOSONEX41abc307f423: Merge pull request #3278 from jestabro/default-config-choice (authored by c-po).
Apr 8 2024, 5:37 AM
jestabro added a comment to T6207: image-tools: restore ability to copy config.boot.default on image install.

PRs:
https://github.com/vyos/vyos-1x/pull/3278
https://github.com/vyos/vyos-build/pull/551

Apr 8 2024, 4:10 AM · VyOS 1.4 Sagitta (1.4.0-epa3)

Apr 7 2024

Viacheslav added a project to T5169: Add CGNAT Carrier-Grade NAT based on nftables: VyOS 1.5 Circinus.
Apr 7 2024, 8:27 PM · VyOS Rolling, VyOS 1.5 Circinus
sarthurdev committed rVYOSONEX7d339d18e14d: kea: T3316: Ensure correct permissions on lease files.
Apr 7 2024, 8:22 PM
GitHub <[email protected]> committed rVYOSONEX08b5ee0a6943: Merge pull request #3277 from sarthurdev/T6163 (authored by c-po).
Apr 7 2024, 8:22 PM
sarthurdev changed the status of T6163: kea-dhcp4-server crashes due to incorrect lease file permissions after 1.5-rolling-202403120022 -> 1.5-rolling-202403230018 upgrade from Confirmed to Needs testing.

PR: https://github.com/vyos/vyos-1x/pull/3277

Apr 7 2024, 8:14 PM · VyOS 1.5 Circinus
c-po updated the task description for T5475: Analyse if forked live-boot package can be dropped.
Apr 7 2024, 7:02 PM · VyOS 1.5 Circinus
c-po closed T5862: Default MTU is not acceptable in some environments as Resolved.
Apr 7 2024, 6:59 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
c-po moved T5862: Default MTU is not acceptable in some environments from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-epa3) board.
Apr 7 2024, 6:59 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
c-po closed T6205: ipoe: error in migration script logic while renaming mac-address to mac, a subtask of T5938: Migration fail root task for 1.4-rc, as Resolved.
Apr 7 2024, 6:59 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
c-po closed T6205: ipoe: error in migration script logic while renaming mac-address to mac as Resolved.
Apr 7 2024, 6:59 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
c-po moved T6205: ipoe: error in migration script logic while renaming mac-address to mac from Open to Finished on the VyOS 1.5 Circinus board.
Apr 7 2024, 6:59 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
c-po moved T6205: ipoe: error in migration script logic while renaming mac-address to mac from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0) board.
Apr 7 2024, 6:58 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
c-po closed T6208: container: rename "cap-add" CLI node to "capability" as Resolved.
Apr 7 2024, 6:58 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
c-po moved T6208: container: rename "cap-add" CLI node to "capability" from Need Triage to Finished on the VyOS 1.4 Sagitta (1.4.0-epa3) board.
Apr 7 2024, 6:58 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
sarthurdev merged T6137: dhcp files and directory permission not correct after image uprgading into T6163: kea-dhcp4-server crashes due to incorrect lease file permissions after 1.5-rolling-202403120022 -> 1.5-rolling-202403230018 upgrade.
Apr 7 2024, 6:17 PM · VyOS 1.5 Circinus
sarthurdev merged task T6137: dhcp files and directory permission not correct after image uprgading into T6163: kea-dhcp4-server crashes due to incorrect lease file permissions after 1.5-rolling-202403120022 -> 1.5-rolling-202403230018 upgrade.
Apr 7 2024, 6:17 PM · VyOS 1.5 Circinus
sarthurdev changed the status of T6163: kea-dhcp4-server crashes due to incorrect lease file permissions after 1.5-rolling-202403120022 -> 1.5-rolling-202403230018 upgrade from Open to Confirmed.
Apr 7 2024, 6:11 PM · VyOS 1.5 Circinus
GitHub <[email protected]> committed rVYOSONEX96f7fb69fb6b: Merge pull request #3276 from vyos/mergify/bp/sagitta/pr-3265 (authored by dmbaturin).
Apr 7 2024, 5:37 PM
Viacheslav changed the status of T1641: VRRP conntrack-sync dropping packets passing through the router from Open to Needs reporter action.

@Daya @trae32566 Any updates?

Apr 7 2024, 5:20 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
First
Prev
Next