It was investigated - the bug is indeed in the kernel.
Currently, the patch is proposed. But it probably would be refactored in the near future to a patch ver3:

Oct 16 2025, 12:23 PM · Bugs, VyOS Rolling

natali-rs1985 committed rVYOSONEX5e2e4a8f183f: T7897: VPP: fix rx-mode interrupt for XDP driver with workers.

Oct 16 2025, 12:04 PM

GitHub <noreply@github.com> committed rVYOSONEXd8dc670cd3eb: Merge pull request #4781 from natali-rs1985/T7897 (authored by Viacheslav).

Oct 16 2025, 12:04 PM

GitHub <noreply@github.com> committed rVYOSONEX4f46ade201e4: Merge pull request #4789 from sever-sever/T7890 (authored by Viacheslav).

Oct 16 2025, 12:03 PM

Viacheslav committed rVYOSONEXa5b92ceff7d2: T7890: VPP fix verify_dev_driver.

Oct 16 2025, 12:03 PM

Viacheslav triaged T7935: Rewrite accel-ppp-nd build to exclude whole build VPP and include VPP required dependencies as Normal priority.

Oct 16 2025, 10:42 AM · VyOS Rolling

Viacheslav created T7935: Rewrite accel-ppp-nd build to exclude whole build VPP and include VPP required dependencies.

Oct 16 2025, 10:37 AM · VyOS Rolling

Viacheslav closed T7823: DHCP-server lease cannot be cleared as Resolved.

Oct 16 2025, 10:16 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

Viacheslav closed T7823: DHCP-server lease cannot be cleared, a subtask of T6211: VRF support for Kea-based DHCP server, as Resolved.

Oct 16 2025, 10:16 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

natali-rs1985 added a comment to T7930: VPP: Changing NAT44 Settings Resets `forwarding_enabled` to False.

https://github.com/vyos/vyos-1x/pull/4795

Oct 16 2025, 8:14 AM · VyOS 1.5 Circinus (2025.11)

roedie closed T7852: Switch to yescrypt password encryption as Resolved.

Oct 16 2025, 7:38 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling

drixter added a comment to T7771: OSPFv3 doesn't come up.

Thanks for analysis and confirmation.

Oct 16 2025, 6:10 AM

factor2431 added a comment to T7823: DHCP-server lease cannot be cleared.

Confirmed fixed in v2025.10.12-0019-rolling

Oct 16 2025, 1:14 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

Oct 15 2025

Viacheslav edited projects for T7928: load-balancing haproxy not taking into account listen-address when checking for other services on port, added: VyOS 1.5 Circinus (1.5-stream-2025-Q4); removed VyOS 1.5 Circinus.

Oct 15 2025, 8:10 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling

Viacheslav added a comment to T7928: load-balancing haproxy not taking into account listen-address when checking for other services on port.

There are several errors.

listen_address instead of address
`listen-address could has multiple values

vyos@r14# run show conf com | match haproxy
set load-balancing haproxy backend bk01 server 192.0.2.5 address '192.0.2.5'
set load-balancing haproxy backend bk01 server 192.0.2.5 port '993'
set load-balancing haproxy service wan-993 listen-address 192.0.2.2
set load-balancing haproxy service wan-993 port '993'
[edit]
vyos@r14# 
[edit]
vyos@r14# set  load-balancing haproxy service wan-993 listen-address 192.168.122.14
[edit]
vyos@r14# commit
[ load-balancing haproxy ]
{'backend': {'bk01': {'balance': 'round-robin',
                      'mode': 'http',
                      'server': {'192.0.2.5': {'address': '192.0.2.5',
                                               'port': '993'}}}},
 'global_parameters': {'ssl_bind_ciphers': ['ecdhe-ecdsa-aes128-gcm-sha256',
                                            'ecdhe-rsa-aes128-gcm-sha256',
                                            'ecdhe-ecdsa-aes256-gcm-sha384',
                                            'ecdhe-rsa-aes256-gcm-sha384',
                                            'ecdhe-ecdsa-chacha20-poly1305',
                                            'ecdhe-rsa-chacha20-poly1305',
                                            'dhe-rsa-aes128-gcm-sha256',
                                            'dhe-rsa-aes256-gcm-sha384'],
                       'tls_version_min': '1.3'},
 'pki': {},
 'service': {'wan-993': {'listen_address': {'192.0.2.2': {},
                                            '192.168.122.14': {}},
                         'mode': 'http',
                         'port': '993'}},
 'timeout': {'check': '5', 'client': '50', 'connect': '10', 'server': '50'}}

Oct 15 2025, 8:05 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling

ruffy91 added a comment to T7928: load-balancing haproxy not taking into account listen-address when checking for other services on port.

tmp_address = front_config.get('address', None)

shouldn't this be listen_address instead of address on line 75?

Oct 15 2025, 5:40 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling

Viacheslav added a comment to T7928: load-balancing haproxy not taking into account listen-address when checking for other services on port.

Something is wrong with this check

Oct 15 2025, 5:15 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling

ruffy91 added a comment to T7928: load-balancing haproxy not taking into account listen-address when checking for other services on port.

After my workaround described above:

vyos@vyos# sudo netstat -tulpn | grep 993                                         
tcp        0      0 192.0.2.1:993      0.0.0.0:*               LISTEN      513
01/haproxy
tcp6       0      0 2001:0db8::25:993  :::*                    LISTEN      784
61/conmon

and then when configuring the other way around:

edit]
vyos@vyos# set load-balancing haproxy service wan-993 port 994
[edit]
vyos@vyos# commit
[edit]
vyos@vyos# set load-balancing haproxy service wan-993 port 993
[edit]
vyos@vyos# commit
[ load-balancing haproxy ]
TCP port "993" is used by another service
[[load-balancing haproxy]] failed
Commit failed
[edit]
vyos@vyos# sudo netstat -tulpn | grep 993                     
tcp6       0      0 2001:0db8::25:993  :::*                    LISTEN      784
61/conmon

Oct 15 2025, 5:12 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling

Viacheslav added a comment to T7928: load-balancing haproxy not taking into account listen-address when checking for other services on port.

sudo netstat -tulpn | grep 993

Oct 15 2025, 5:02 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling

Viacheslav moved T7188: haproxy op-mode not reporting correct usage stats from Need Triage to Completed on the VyOS Rolling board.

Oct 15 2025, 4:03 PM · VyOS Rolling

Viacheslav closed T7188: haproxy op-mode not reporting correct usage stats as Resolved.

vyos@r14# run show haproxy 
Proxy name            Role       Status    Req rate    Resp time    Last change
--------------------  ---------  --------  ----------  -----------  -------------
web                   FRONTEND   OPEN      4
buildin_acme_certbot  BACKEND    UP                    0 ms         3m24s
bk01                  BACKEND    UP                    1 ms         1m8s
buildin_acme_certbot  localhost  no check              0 ms         3m24s
bk01                  srv01      UP                    1 ms         1m8s
bk01                  srv02      UP                    1 ms         1m3s
[edit]
vyos@r14# run show ver
Version:          VyOS 2025.10.10-0733-integration
Release train:    current
Release flavor:   generic

Oct 15 2025, 4:03 PM · VyOS Rolling

hedrok added a comment to T7771: OSPFv3 doesn't come up.

The issue reproduces on 1.4.3.
This is Linux kernel issue fixed in v6.6.99 (VyOS 1.4.3 has kernel v6.6.93): https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=2ca1db269a8d202c3f97fd53fa7c9ef7f1bb21d6 and will be fixed in VyOS 1.4.4 with kernel update.
Till then the workaround you've found

set protocols static route6 ff00::/8 interface tun2
set protocols static route6 ff00::/8 interface tun3

should work fine - the kernel commit has message:

gre: Fix IPv6 multicast route creation.

Oct 15 2025, 3:51 PM

Viacheslav updated subscribers of T7811: VPP: 'delete vpp' commit fails on GCP.

Links from @zsdc where the problem could be

Oct 15 2025, 3:10 PM · VyOS Rolling

Viacheslav added a comment to T7811: VPP: 'delete vpp' commit fails on GCP.

With the 1.4.7 gve driver the behaviour is the same

vyos@VyOS-for-Smoke-Tests# delete vpp 
[edit]
vyos@VyOS-for-Smoke-Tests# commit
[ vpp ]
Traceback (most recent call last):
  File "/usr/libexec/vyos/services/vyos-configd", line 156, in run_script
    script.apply(c)
  File "/usr/libexec/vyos/conf_mode/vpp.py", line 660, in apply
    initialize_interface(
  File "/usr/libexec/vyos/conf_mode/vpp.py", line 594, in initialize_interface
    iface_new_name: str = control_host.get_eth_name(iface_config['dev_id'])
                          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/vyos/vpp/control_host.py", line 227, in get_eth_name
    raise FileNotFoundError(
FileNotFoundError: A device with ID 0000:00:05.0 not found in ethernet interfaces

Oct 15 2025, 2:47 PM · VyOS Rolling

Viacheslav added a comment to T7934: Trigger rebuild linux-kernel if vyos-vpp-patches changed.

PR https://github.com/vyos/vyos-vpp-patches/pull/20

Oct 15 2025, 2:11 PM · GitHub Infrastructure

Viacheslav changed the status of T7934: Trigger rebuild linux-kernel if vyos-vpp-patches changed from Open to In progress.

Oct 15 2025, 2:01 PM · GitHub Infrastructure

Viacheslav created T7934: Trigger rebuild linux-kernel if vyos-vpp-patches changed.

Oct 15 2025, 2:00 PM · GitHub Infrastructure

Viacheslav moved T7016: Unable to remove DHCP client from interface when dynamic IPv6 address is configured from Open to Finished on the VyOS 1.5 Circinus (1.5-stream-2025-Q3) board.

Oct 15 2025, 1:28 PM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

Viacheslav closed T7016: Unable to remove DHCP client from interface when dynamic IPv6 address is configured as Resolved.

Oct 15 2025, 1:28 PM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (2025.11)

natali-rs1985 changed the status of T7690: VPP add new interface to sFlow fails from Open to In progress.

Oct 15 2025, 12:23 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

natali-rs1985 changed the status of T7690: VPP add new interface to sFlow fails, a subtask of T7070: VPP related bugs the root task, from Open to In progress.

Oct 15 2025, 12:23 PM · VyOS Rolling

natali-rs1985 changed the status of T7691: VPP delete sFlow configuration does not work, a subtask of T7070: VPP related bugs the root task, from Open to In progress.

Oct 15 2025, 12:22 PM · VyOS Rolling

natali-rs1985 changed the status of T7691: VPP delete sFlow configuration does not work from Open to In progress.

Oct 15 2025, 12:22 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

hedrok closed T6769: Commit command does not validate its arguments as Resolved.

Oct 15 2025, 6:12 AM · VyOS 1.5 Circinus (2025.11)

hedrok closed T7568: Docker: clean apt cache + clean some /tmp files as Resolved.

Oct 15 2025, 6:11 AM · VyOS Rolling

lingfish created T7933: got: offload found in config -> rule_sets -> rules'.

Oct 15 2025, 4:19 AM · VyOS Ansible Collection

Viacheslav placed T7478: SNMP for VPP interfaces up for grabs.

I have found another implementation if someone wants to play with it https://git.ipng.ch/ipng/govpp-snmp-agentx

Oct 15 2025, 12:58 AM · VyOS Rolling

natali-rs1985 committed rVYOSONEX888eec975ff7: T7750: VPP: CGNAT commit failure with vpptunX interface.

Oct 15 2025, 12:15 AM

GitHub <noreply@github.com> committed rVYOSONEX7c021181e0bc: Merge pull request #4780 from natali-rs1985/T7750 (authored by Viacheslav).

Oct 15 2025, 12:15 AM

Oct 14 2025

Viacheslav added a comment to T6625: Firewall group size limit API.

@pr0ton11, do you see the same log? Can you try the latest rolling?

Oct 14 2025, 9:44 PM · VyOS Rolling, Bugs

Viacheslav closed T7909: EIGRP: daemon crashes with malformed packet #19503 as Resolved.

PR https://github.com/vyos/vyos-build/pull/1053

Oct 14 2025, 4:24 PM · VyOS Rolling

c-po closed T7899: virtual-ethernet interfaces are not exposed to "list_interface --broadcast" completion helper as Resolved.

Oct 14 2025, 3:18 PM · VyOS 1.5 Circinus (2025.11)

c-po moved T7899: virtual-ethernet interfaces are not exposed to "list_interface --broadcast" completion helper from Open to Finished on the VyOS 1.5 Circinus (1.5-stream-2025-Q3) board.

Oct 14 2025, 3:18 PM · VyOS 1.5 Circinus (2025.11)

c-po edited projects for T7899: virtual-ethernet interfaces are not exposed to "list_interface --broadcast" completion helper, added: VyOS 1.5 Circinus (1.5-stream-2025-Q3); removed VyOS 1.5 Circinus (1.5-stream-2025-Q4).

Oct 14 2025, 3:18 PM · VyOS 1.5 Circinus (2025.11)

Unknown Object (User) closed T7774: Routed IPsec not working dual stack as Invalid.

Oct 14 2025, 2:59 PM · VyOS 1.4 Sagitta

GitHub <noreply@github.com> committed rVYOSONEX3c4c1275493e: Merge pull request #4786 from mzpqnxow/T7723 (authored by dmbaturin).

Oct 14 2025, 2:25 PM

mz committed rVYOSONEX04434b1e82d2: dhcp-server: T7723: add DHCP Option 26 (interface MTU).

Oct 14 2025, 2:25 PM

GitHub <noreply@github.com> committed rVYOSONEX8a163d92b7de: Merge pull request #4790 from c-po/certbot-auto-renew (authored by dmbaturin).

Oct 14 2025, 1:42 PM

c-po committed rVYOSONEX2aec74e52193: pki: T7908: certbot.timer must call CLI script to update certificates.

Oct 14 2025, 1:42 PM

natali-rs1985 changed the status of T7929: VPP: Too Strict Validation for NAT44 Static Rules from Open to In progress.

Oct 14 2025, 1:12 PM · VyOS 1.5 Circinus (2025.11)

natali-rs1985 changed the status of T7929: VPP: Too Strict Validation for NAT44 Static Rules, a subtask of T7070: VPP related bugs the root task, from Open to In progress.

Oct 14 2025, 1:12 PM · VyOS Rolling

natali-rs1985 changed the status of T7930: VPP: Changing NAT44 Settings Resets `forwarding_enabled` to False from Open to In progress.

Oct 14 2025, 1:12 PM · VyOS 1.5 Circinus (2025.11)

natali-rs1985 changed the status of T7930: VPP: Changing NAT44 Settings Resets `forwarding_enabled` to False, a subtask of T7070: VPP related bugs the root task, from Open to In progress.

Oct 14 2025, 1:12 PM · VyOS Rolling

natali-rs1985 triaged T7930: VPP: Changing NAT44 Settings Resets `forwarding_enabled` to False as Normal priority.

Oct 14 2025, 1:12 PM · VyOS 1.5 Circinus (2025.11)

Viacheslav closed T7932: Changes in the repo vyos-vpp-patches have to trigger rebuild linux-kernel instead of vpp as Invalid.

Oct 14 2025, 1:00 PM · VyOS Rolling

rherold added a comment to T7774: Routed IPsec not working dual stack.

Yes got the information that the other side is no vyos (sorry didn't expect this) it's an current sophos box with strongswan.
It try to replicate it here between two vyos boxes the next days

Oct 14 2025, 12:12 PM · VyOS 1.4 Sagitta

Viacheslav triaged T7918: Bonding interface - Status up based on LACP state as Normal priority.

Oct 14 2025, 11:28 AM · VyOS Rolling

Viacheslav triaged T7923: Design a new syntax for "firewall groups" as Normal priority.

Oct 14 2025, 11:27 AM · VyOS Rolling

Viacheslav added a comment to T7932: Changes in the repo vyos-vpp-patches have to trigger rebuild linux-kernel instead of vpp.

PR https://github.com/vyos/vyos-vpp-patches/pull/19

Oct 14 2025, 10:48 AM · VyOS Rolling

Viacheslav claimed T7932: Changes in the repo vyos-vpp-patches have to trigger rebuild linux-kernel instead of vpp.

Oct 14 2025, 10:41 AM · VyOS Rolling

Viacheslav raised the priority of T7932: Changes in the repo vyos-vpp-patches have to trigger rebuild linux-kernel instead of vpp from Low to Normal.

Oct 14 2025, 10:41 AM · VyOS Rolling

Viacheslav created T7932: Changes in the repo vyos-vpp-patches have to trigger rebuild linux-kernel instead of vpp.

Oct 14 2025, 10:41 AM · VyOS Rolling

hedrok created T7931: FRR restarted on any configuration change when there is static route in VRF.

Oct 14 2025, 10:10 AM · VyOS Rolling

Viacheslav triaged T7911: Wireguard support in VPP as Normal priority.

Oct 14 2025, 9:09 AM

Viacheslav added a parent task for T7911: Wireguard support in VPP: T7221: VPP related features the root task.

Oct 14 2025, 9:09 AM

Viacheslav added a subtask for T7221: VPP related features the root task: T7911: Wireguard support in VPP.

Oct 14 2025, 9:09 AM · VyOS Rolling

Viacheslav moved T7864: Bump HostAP version to 2.11 from Need Triage to Completed on the VyOS Rolling board.

Oct 14 2025, 9:06 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

Viacheslav moved T7864: Bump HostAP version to 2.11 from Backlog to Finished on the VyOS 1.4 Sagitta (1.4.4) board.

Oct 14 2025, 9:06 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

Viacheslav moved T7864: Bump HostAP version to 2.11 from Open to Finished on the VyOS 1.5 Circinus (1.5-stream-2025-Q3) board.

Oct 14 2025, 9:06 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

Viacheslav added projects to T7864: Bump HostAP version to 2.11: VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS 1.4 Sagitta (1.4.4).

Oct 14 2025, 9:06 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

Viacheslav moved T7873: Bump Suricata version to 7.0.10 from Need Triage to Completed on the VyOS Rolling board.

Oct 14 2025, 9:04 AM · VyOS Rolling

Viacheslav changed the status of T7881: Bump curl and libcurl to 8.14 from Resolved to Invalid.

Oct 14 2025, 9:04 AM · VyOS Rolling

Viacheslav added a comment to T7774: Routed IPsec not working dual stack.

@rherold any updates?

Oct 14 2025, 9:03 AM · VyOS 1.4 Sagitta

asklymenko closed T7881: Bump curl and libcurl to 8.14 as Resolved.

Oct 14 2025, 8:58 AM · VyOS Rolling

asklymenko added a comment to T7881: Bump curl and libcurl to 8.14.

The current patch level of cURL package already contains almost all fixes (security patched: 7.88.1-10+deb12u14). We can leave the current version of cURL package.

Oct 14 2025, 8:58 AM · VyOS Rolling

asklymenko closed T7873: Bump Suricata version to 7.0.10 as Resolved.

Oct 14 2025, 8:54 AM · VyOS Rolling

asklymenko added a comment to T7873: Bump Suricata version to 7.0.10.

The Suricata package has been updated to 7.0.10.

Oct 14 2025, 8:54 AM · VyOS Rolling

asklymenko closed T7864: Bump HostAP version to 2.11 as Resolved.

Oct 14 2025, 8:52 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

asklymenko added a comment to T7864: Bump HostAP version to 2.11.

The HostAP package has been updated to 2.11.

Oct 14 2025, 8:52 AM · VyOS 1.5 Circinus (1.5-stream-2025-Q3), VyOS Rolling

GitHub <noreply@github.com> committed rVYOSONEX749954d75321: Merge pull request #4793 from sarthurdev/T7882 (authored by Viacheslav).

Oct 14 2025, 8:28 AM

sarthurdev committed rVYOSONEX963eab40998e: dhcp6: T7882: Restart dhcp6c if PD is defined.

Oct 14 2025, 8:28 AM

natali-rs1985 closed T7920: VPP: dataplane capacity warning is not displayed as Resolved.

Oct 14 2025, 7:34 AM · VyOS Rolling

natali-rs1985 closed T7920: VPP: dataplane capacity warning is not displayed, a subtask of T7070: VPP related bugs the root task, as Resolved.

Oct 14 2025, 7:34 AM · VyOS Rolling

natali-rs1985 moved T7920: VPP: dataplane capacity warning is not displayed from Need Triage to Completed on the VyOS Rolling board.

Oct 14 2025, 7:34 AM · VyOS Rolling

Oct 13 2025

MartB added a comment to T7485: DHCPv6 does not work on PPPoE interfaces.

martb@rauter# set interfaces pppoe pppoe0 address 'dhcpv6' 
[edit]
martb@rauter# comp
[interfaces pppoe pppoe0]
+ address "dhcpv6"

Oct 13 2025, 10:02 PM · VyOS 1.4 Sagitta (1.4.4), VyOS 1.5 Circinus (1.5-stream-2025-Q4)

Viacheslav added a subtask for T7070: VPP related bugs the root task: T7930: VPP: Changing NAT44 Settings Resets `forwarding_enabled` to False.

Oct 13 2025, 9:38 PM · VyOS Rolling

Viacheslav added a parent task for T7930: VPP: Changing NAT44 Settings Resets `forwarding_enabled` to False: T7070: VPP related bugs the root task.

Oct 13 2025, 9:38 PM · VyOS 1.5 Circinus (2025.11)

zsdc created T7930: VPP: Changing NAT44 Settings Resets `forwarding_enabled` to False.

Oct 13 2025, 8:28 PM · VyOS 1.5 Circinus (2025.11)

Viacheslav triaged T7928: load-balancing haproxy not taking into account listen-address when checking for other services on port as Normal priority.

Oct 13 2025, 8:08 PM · VyOS 1.5 Circinus (1.5-stream-2025-Q4), VyOS Rolling

All StoriesUse ResultsEdit QueryHide Query

Oct 16 2025

Oct 15 2025

Oct 14 2025

Oct 13 2025

All Stories
Use Results
Edit Query
Hide Query