User Details
- User Since
- Jul 2 2023, 10:05 PM (85 w, 1 d)
Fri, Feb 14
I would prefer if both disabled, all, rx-only and tx-only setting could be applied.
Tue, Feb 11
Dunno how this is done for IPv6 but for IPv4 we got these kernel parameters to play with:
Sun, Feb 9
"Failed to listen on syslog.socket" doesnt look good if you ask me ;-)
Sat, Feb 8
Probably related:
It looks like this commit wasnt properly tested before pushed to the public tree according to:
Thu, Jan 30
Nov 28 2024
Wouldnt be surprised if it turns out to be the same root cause as this is related to:
"blackhole" is a common term in regards of dropping traffic.
Nov 26 2024
Personally I would still prefer the later that is with DebianBanner no.
Nov 25 2024
This task can remain closed - I have created a new task instead:
The new package exists at: https://github.com/vyos/vyos-build/tree/current/scripts/package-build/xen-guest-agent
Nov 14 2024
For KEA6 its defined as "The IPv6 address of a TFTP server" with example of IPv6-address:
If its common of this misuse of option66 I would suggest that VyOS would allow for URI characters (@, :, / and what else) but type a warning during re/config like:
@syncer Yeah, it was at the forum:
Nov 12 2024
Nov 3 2024
According to https://old.reddit.com/r/vyos/comments/1ggzxye/setting_forward_error_correction_in_vyos/lv09d09/ using eth-tool to both set (and show) current fec-setting(s) should be doable (tested on Intel and Mellanox nics using transceivers from FS.com, Flexoptix and Mikrotik):
Nov 2 2024
Thanks - resolved means its implemented as the blog post stated :-)
The blog post over at https://blog.vyos.io/vyos-project-october-2024-update claims this have been implemented, there is a merge from 10th sept 2024 claiming to be merged - yet this task have been closed with "not applicable - out of scope for VyOS".
Oct 16 2024
@marekm: Bugfixes will be towards current (aka 1.5-rolling as of writing) which then is being cherrypicked and backported by VyOS Networks to whatever older releases that needs that and are compatible with the change/fix/added feature.
Oct 11 2024
Im guessing this one is behind that all modules must now be signed in VyOS:
Oct 4 2024
Technically according to IEEE autoneg is mandatory when doing 1Gbps and above using RJ45.
Oct 3 2024
Sep 27 2024
Sep 25 2024
Also probably related:
I would expect the line of CLI being used to be in any of these files?
Sep 21 2024
As the message currently states over at https://sourceforge.net/projects/e1000/
Sep 12 2024
Here are my €0.05:
Aug 31 2024
https://vyos.io currently works from Sweden when I tested it at about 2024-08-31 11:30 local time.
Aug 12 2024
Might be related patches (no idea if they have anything to do with the kernel panics seen in 6.6):
Aug 11 2024
From IRC, could this be related?
Aug 10 2024
Are the in-tree or out-of-tree drivers for your Intel NICs being used?
Jul 30 2024
Jun 14 2024
I sure hope this custom waagent build will be removed once the upstream (debian packages) have been updated with this fix.
Jun 13 2024
Personally I thing there should be a difference between setting PKI manually like set pki certificate and set pki ca vs whatever the command is to utilize letsencrypt or acme or whatever they might be called automatically through VyOS (lets say set pki letsencrypt and set pki acme etc).
Jun 12 2024
Care to elaborate some on that "data integrity issues" claim since you will have integrity changed by all sort of writes (atomic or not)?
There are 2 usecases of option82 when it comes to DHCP:
Jun 8 2024
The suggested change as in matching number of "x" with number of characters in each octet/hextet in the IPv4/IPv6 address will be less anonymizing than todays method.
Jun 6 2024
Care to elaborate on why this became "wontfix"?
Because not all netadmins sits physically close to the devices being managed.
Jun 5 2024
Yes but this is what the peer would do on its own - if the opposite device is lost in connectivity it can rollback to previous config which is enabled by default (that is history of configs).
This can be handled just like "how others does it" as in if the peer is lost after a sync then the peer will automatically return to previous config.
Jun 3 2024
Please paste exact VyOS versions you have tested this with incl the config (in full or partial output of show config command | strip-private) of both VyOS and the opposite side.
Jun 2 2024
Also the config section could perhaps be name "custom" (with subsections) so that section will survive an upgrade aswell - otherwise config lines will vanish during boot/commit.
May 28 2024
Just dont, please see my comment fro april 2024.
May 24 2024
I assume that workaround would only work for a single VRF or can one do something like this?
May 22 2024
May 16 2024
I think a warning is better than to block it from being set, specially since the workaround to load it through already existing config still remains.
May 15 2024
Could this perhaps be extended into something like this in the help of the command and documentation?
May 14 2024
I have rarely seen UPnP in enterprise environments and rarely at home even if the main purpose is to use it at home and let applications backdoor your firewall (which often is a bad thing in enterprise evironments).
May 13 2024
As already commented in the PR itself:
May 10 2024
Just so I dont get the vocabulary wrong here...
Ill put it into "known issue" since IMHO a complete "resolved" would be when this feature exists in config-mode aswell.
The thing is that adding this as op-mode only doesnt really solve anything.
Also NAT-rules are in the need of a resequence feature in the config-mode:
I dont think this is resolved.
When/If doing so it would be great if the docs would suggest for alternative methods to achieve the same thing.
May 9 2024
It can be handy to have the option to have it disabled (or you can just in bash-mode do "apt-get remove intel-microcode --purge" if you dont want it after install) but it should be enabled by default due to security reasons.
May 8 2024
May 7 2024
Shouldnt this be adjusted in more files and places?
May 5 2024
@peter, did you try various offloading settings for the NIC being used with reboots in between?
May 4 2024
NETNS was removed from the 1.4 series the other day so hopefully that feature can be worked on for 1.5 since its needed:
May 1 2024
For added service when typing just:
You would still be limited to not be able to use " as part of your password.
Apr 30 2024
Apr 28 2024
Apr 27 2024
Probably related: https://vyos.dev/T5388
Apr 26 2024
Perhaps those changes should be within the firewall context?
Apr 25 2024
Im thinking since sysctl can be changed after the system have completed its boot shouldnt the "system sysctl" be runned among the last tasks according to "/usr/libexec/vyos/priority.py", which would also fix this issue ?
Note that "base_reachable_time_ms" is still valid while "base_reachable_time" is obsolete.
Apr 24 2024
I sent a question to ISC regarding https://www.isc.org/blogs/dhcp-client-relay-eom/ and:
Apr 23 2024
I have asked the OP @canoziia to provide such in the forum.
I can only refer to whats unfolded on the forum at https://forum.vyos.io/t/how-to-set-net-ipv6-neigh-etha-b-base-reachable-time-in-vyos/14304
Apr 22 2024
Apr 21 2024
Perhaps Im missing something here but where is Option82 information included (injected into the DCHP-request reaching the DHCP-server)?
Apr 20 2024
Here is a post from an OPNsense forum administrator in august 2023 (dunno if the below is still valid for OPNsense):
When evaluating proper replacement (other than choosing the best one for the task) another thing to consider is, if possible, to select something that not everybody else uses in terms of if/when a vuln is found in that softrware then not ALL vendors are affected at once.
Apr 18 2024
It would be handy if the GARP announcement wouldnt be a separate list but rather picked up from any DNAT or SNAT rules.
Probably related:
Apr 14 2024
How is this supposed to work?
Will a migrationsscript be included so that users who used the default of:
Will a migrationsscript be included so that users who used the default of:
Apr 13 2024
You can do the QoS priority on the VyOS by matching the traffic based on VLAN ID and then set the DSCP (TOS) using "set-dscp" according to the manuals below:
You mean you want QoS based on VLAN which is named 802.1p ?
Apr 11 2024
Apr 10 2024
Thats common with other vendors aswell.
Removed assignee for now in case somebody else wants to fix this?
Removed assignee for now in case somebody else wants to fix this?
Removed assignee for now in case somebody else wants to fix this?
Removed assignee for now in case somebody else wants to fix this?
Apr 1 2024
Personally I dont think its a good idea to be able to use VyOS as a jumphost towards victims of scanning.
Mar 30 2024
I think the wrapping should be left for the output to select since you can either be in a regular serialconsole of 80x25 or some highresmode which brings more characters per line or even through SSH with a 4k monitor which will be plenty of lines.