Page MenuHomeVyOS Platform

Merijn (Merijn)
User

Projects

User does not belong to any projects.

User Details

User Since
May 13 2016, 10:32 PM (438 w, 1 d)

Recent Activity

Sep 2 2020

Merijn closed T2214: BGP peers dropping randomly as Resolved.
Sep 2 2020, 7:52 AM · VyOS 1.2 Crux
Merijn closed T2378: BGPD crash in Vyos 1.2.5 as Invalid.
Sep 2 2020, 7:38 AM · VyOS 1.2 Crux
Merijn added a comment to T2378: BGPD crash in Vyos 1.2.5.

@Viacheslav it happened yesterday again but the stack trace was different. This time it was complaining that BGPD did not respond and the frr watch process tried to restart it, which of course did not help the situation.
I will continue to monitor but i think we can close this issue and wait for more details when it happens again.

Sep 2 2020, 7:38 AM · VyOS 1.2 Crux

May 21 2020

Merijn added a comment to T2214: BGP peers dropping randomly.

Just to confirm, increasing the route,max_size fixed this issue completely. I think it can be closed. But maybe we should set these settings by default before closing this.

May 21 2020, 9:10 AM · VyOS 1.2 Crux

Apr 28 2020

Merijn added a comment to T2214: BGP peers dropping randomly.

Some statistics from ipv6 bgp summary

Apr 28 2020, 3:37 PM · VyOS 1.2 Crux
Merijn added a comment to T2214: BGP peers dropping randomly.

@thomas-mangin the sessions are still stable, for 7 days now. The only thing changed was that max_size limit. Also no packetloss on the IPv6 connections has been observed during this time.

Apr 28 2020, 3:36 PM · VyOS 1.2 Crux
Merijn reopened T2214: BGP peers dropping randomly as "Needs testing".
Apr 28 2020, 3:34 PM · VyOS 1.2 Crux

Apr 25 2020

Merijn added a comment to T2214: BGP peers dropping randomly.

@syncer Re-opening this. Had the first exact same incident on a different router with an IPv6 BGP session on a RJ45 connection, so that would rule out any issues with the Intel X710 card in relation to this issue.

Apr 25 2020, 12:48 PM · VyOS 1.2 Crux

Apr 24 2020

Merijn added a comment to T2378: BGPD crash in Vyos 1.2.5.

We ave no RPKI filtering active yet, so https://github.com/FRRouting/frr/issues/5458 seems not related.

Apr 24 2020, 10:32 AM · VyOS 1.2 Crux
Merijn created T2378: BGPD crash in Vyos 1.2.5.
Apr 24 2020, 10:29 AM · VyOS 1.2 Crux

Apr 18 2020

Merijn created T2332: Backport node option for a syslog server.
Apr 18 2020, 3:18 PM · VyOS 1.2 Crux (VyOS 1.2.6)
Merijn created T2327: Unable to create syslog server entry with different port.
Apr 18 2020, 2:19 PM · VyOS 1.2 Crux (VyOS 1.2.6)

Apr 15 2020

Merijn added a comment to T2287: LLDP not working on X710 adapter, i40e driver.

This issue exists in firmware 6.8 and 7.1.
Starting with 7.1 i can see that the disable command 'sudo ethtool --set-priv-flags <interface name> disable-fw-lldp on' also works.

Apr 15 2020, 12:09 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)

Apr 13 2020

Merijn added a comment to T2287: LLDP not working on X710 adapter, i40e driver.

Found that in drivers 2.3.6 and newer this should also work:

Apr 13 2020, 10:31 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
Merijn created T2287: LLDP not working on X710 adapter, i40e driver.
Apr 13 2020, 10:16 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
Merijn closed T2214: BGP peers dropping randomly as Invalid.

Upgraded the firmware of the X710 adapters from 6.0 to 6.8, waiting for Dell to get 7.0 and 7.2 ready. But for now the sessions are 18 hours stable so little optimistic that it was a firmware issue and not BGPd causing issues

Apr 13 2020, 11:01 AM · VyOS 1.2 Crux

Apr 12 2020

Merijn added a comment to T2207: IPv6 route install failed.

Trying to find more information with debugging settings of zebra process.
Apr 12 23:52:18 router zebra[1472]: 0:2404:5780:3::/48: Route install failed
Apr 12 23:52:18 router zebra[1472]: 0:2404:5780:3::/48 Stale dplane result for old_re 0x555f6166b300
Apr 12 23:52:18 router zebra[1472]: 0:2404:5780:3::/48 Processing dplane ctx 0x555f765ff7a0, op ROUTE_UPDATE result FAILURE

Apr 12 2020, 9:54 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)

Apr 3 2020

Merijn created T2214: BGP peers dropping randomly.
Apr 3 2020, 10:43 PM · VyOS 1.2 Crux
Merijn added a comment to T2207: IPv6 route install failed.

My main question is why is this message displayed and do we need to worry.

Apr 3 2020, 8:52 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
Merijn added a comment to T2207: IPv6 route install failed.

I have had the maximum-paths setting for years since Vyos 1.1.x and I have a lot of routes ipv4 and ipv6 installed in the routing table with 2 or 3 routes even if they are not the same. I am not specifically using ecmp I just have multiple routes for fast failover.

Apr 3 2020, 8:41 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
Merijn added a comment to T2207: IPv6 route install failed.

I have the following:
set protocols bgp as maximum-paths ebgp '3'
set protocols bgp as maximum-paths ibgp '3'

Apr 3 2020, 8:14 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
Merijn added a comment to T2207: IPv6 route install failed.

After receiving
zebra[1507]: 0:2804:fa0:8000::/33: Route install failed

Apr 3 2020, 6:48 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)
Merijn created T2207: IPv6 route install failed.
Apr 3 2020, 6:14 PM · Restricted Project, VyOS 1.4 Sagitta (1.4.1)

Mar 25 2020

Merijn added a comment to T1894: FRR config not loaded after daemons segfault or restart.

A router reboot last week reminded me to never to write mem in vtysh (but after looking it was automatic bij me :( )
The router booted with the configuration in FRR already loaded, and then Vyos tried to populate FRR based on the Vyos configuration and everything was broken :-)
It didn't help that the configuration i saved in FRR was a couple of months old.

Mar 25 2020, 9:42 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Jan 10 2020

Merijn created T1959: Error message when adding IPSec VPN.
Jan 10 2020, 9:51 AM · VyOS 1.3 Equuleus (1.3.0)

Jan 8 2020

Merijn added a comment to T1931: Enabling SNMP commit error.

@hagbard

set service snmp community dummycomm authorization 'ro'
set service snmp community dummycomm client '8.8.8.8'
set service snmp community dummycomm client '8.8.4.4'
set service snmp contact '[email protected]'
set service snmp location 'Datacenter, City, Country'
Jan 8 2020, 5:30 PM · VyOS 1.3 Equuleus (1.3.0)

Jan 7 2020

Merijn added a comment to T1931: Enabling SNMP commit error.

@hagbard i tried testing by installing the package.
The service is running but not working correctly.
The following is shown:
Jan 07 10:25:54 server snmpd[9979]: /etc/snmp/snmpd.conf: line 10: Warning: Unknown token: smuxpeer.
Jan 07 10:25:54 server snmpd[9979]: /etc/snmp/snmpd.conf: line 11: Warning: Unknown token: smuxpeer.
Jan 07 10:25:54 server snmpd[9979]: /etc/snmp/snmpd.conf: line 12: Warning: Unknown token: smuxsocket.
Jan 07 10:25:54 server snmpd[9979]: notificationEvent OID: linkUp
Jan 07 10:25:54 server snmpd[9979]: /etc/snmp/snmpd.conf: line 21: Error: unknown notification OID
Jan 07 10:25:54 server snmpd[9979]: notificationEvent OID: linkDown
Jan 07 10:25:54 server snmpd[9979]: /etc/snmp/snmpd.conf: line 22: Error: unknown notification OID
Jan 07 10:25:54 server snmpd[9979]: /etc/snmp/snmpd.conf: line 23: Warning: Unknown token: monitor.
Jan 07 10:25:54 server snmpd[9979]: /etc/snmp/snmpd.conf: line 24: Warning: Unknown token: monitor.
Jan 07 10:25:54 server snmpd[9979]: net-snmp: 2 error(s) in config file(s)

Jan 7 2020, 9:30 AM · VyOS 1.3 Equuleus (1.3.0)

Jan 1 2020

Merijn added a comment to T1931: Enabling SNMP commit error.

I have built the current branch this evening, version is 1.3.0-rolling because i named it that way.

Jan 1 2020, 9:08 PM · VyOS 1.3 Equuleus (1.3.0)
Merijn added a comment to T1930: Issue with iperf 2.0.12.

Tested by installing the new package
https://packages.debian.org/bullseye/amd64/iperf

Jan 1 2020, 8:57 PM
Merijn added a comment to T1931: Enabling SNMP commit error.

Most of the times when i try a second time it just works.

Jan 1 2020, 8:45 PM · VyOS 1.3 Equuleus (1.3.0)
Merijn created T1931: Enabling SNMP commit error.
Jan 1 2020, 8:36 PM · VyOS 1.3 Equuleus (1.3.0)
Merijn created T1930: Issue with iperf 2.0.12.
Jan 1 2020, 8:22 PM

Nov 27 2019

Merijn added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

@jestabro i am not able to build the vyos-1x package because of dependencies on other packages.
Can we include them in rolling so i can test tomorrow?

Nov 27 2019, 2:10 PM · Restricted Project, Restricted Project, VyOS 1.3 Equuleus (1.3.9)
Merijn added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

@jestabro i have encountered the first situation in my networks where i really need RFC-Complaint VRRP
(Some devices do not learn the MAC-address on the VRRP gateway, it works for some time and then stops).

Nov 27 2019, 9:27 AM · Restricted Project, Restricted Project, VyOS 1.3 Equuleus (1.3.9)

Nov 24 2019

Merijn added a comment to T1035: SNMP BGP 32 bit AS number fail.

Ok so that would mean the BGP4 info is exposed to the SNMP server and someone has to check it on a client.

Nov 24 2019, 9:12 AM · VyOS 1.4 Sagitta (1.4.0)
Merijn added a comment to T1035: SNMP BGP 32 bit AS number fail.

@cpo the SNMP server has to support the MIB to export the OID. And afterwards the client has to have an up2data MIB to map it again. If the server does not export it the client can update the MIB but the OID won’t be there.

Nov 24 2019, 8:46 AM · VyOS 1.4 Sagitta (1.4.0)

Nov 20 2019

Merijn closed T1815: HTTP API config not saved on image upgrade as Invalid.
Nov 20 2019, 9:06 PM · Invalid
Merijn added a comment to T1815: HTTP API config not saved on image upgrade.

I was reading old documentation. It does work once I set it with the configuration instead of editing the file directly.

Nov 20 2019, 9:05 PM · Invalid
Merijn added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

@dmbaturin did you find time to check the pull requests? Checked with latest crux build and the issue still exists.
I can test this if needed.

Nov 20 2019, 9:14 AM · Restricted Project, Restricted Project, VyOS 1.3 Equuleus (1.3.9)

Nov 19 2019

Merijn added a comment to T1815: HTTP API config not saved on image upgrade.
if [ -f /etc/vyos/http-api.conf ]; then
  resp=''
  while [ -z "$resp" ]; do
    echo 'Would you like to save the HTTP API server configuration from your '
    echo -n 'current configuration? (Yes/No) [Yes]: '
    resp=$(get_response "Yes" "Yes No Y N")
    if [ "$resp" == 'yes' ] || [ "$resp" == 'y' ]; then
      echo 'Copying HTTP API configuration...'
      ndir=${INST_ROOT}/etc/vyos
      mkdir -p $ndir
      cp -p /etc/vyos/http-api.conf $ndir
    fi
  done
fi
Nov 19 2019, 11:45 PM · Invalid
Merijn created T1815: HTTP API config not saved on image upgrade.
Nov 19 2019, 11:34 PM · Invalid

Nov 5 2019

Merijn added a comment to T1538: Update conntrack-sync packages to fix VRRP issues.

In 1.2.3 build this error does not appear and it seems to work correctly

Nov 5 2019, 6:36 AM · VyOS 1.3 Equuleus (1.3.0)

Nov 4 2019

Merijn added a comment to T1538: Update conntrack-sync packages to fix VRRP issues.

You have to add a sync-group.
set high-availability vrrp sync-group intgroup member int1
set service conntrack-sync failover-mechanism vrrp sync-group intgroup

Nov 4 2019, 11:54 AM · VyOS 1.3 Equuleus (1.3.0)

May 20 2019

Merijn added a comment to T1391: In route-map set community additive.

I have prepared the change
https://github.com/mevertse/vyatta-cfg-quagga/commit/d3685f504e0c22a8c88899aebc1e8705637259c4

May 20 2019, 7:47 PM · VyOS 1.2 Crux (VyOS 1.2.4)
Merijn created T1391: In route-map set community additive.
May 20 2019, 7:41 PM · VyOS 1.2 Crux (VyOS 1.2.4)

Apr 24 2019

Merijn added a comment to T1096: BGP process memory leak.

This router is receiving BGP from several internal BGP routers each with full table peers or couple of peerings.

Apr 24 2019, 7:27 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Merijn added a comment to T1096: BGP process memory leak.

This one is running on Hyper-V 2016 and is not pushing any traffic. It is my test router and experimenting with RPKI.
The routers doing traffic are on hardware and not running 1.2.x yet.

Apr 24 2019, 7:17 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Merijn added a comment to T1096: BGP process memory leak.

I am running 1.2.1 compiled on 17-04-2019, uptime is 6 days without issue.
RIB entries 1366663, using 209 MiB of memory
Peers 16, using 330 KiB of memory
Peer groups 4, using 256 bytes of memory

Apr 24 2019, 7:01 PM · VyOS 1.3 Equuleus (1.3.0-epa1)

Apr 23 2019

Merijn added a comment to T1349: L2TP remote-access vpn terminated and not showing as connected.

Relevant config:

Apr 23 2019, 12:43 PM · VyOS 1.3 Equuleus (1.3.0), test
Merijn created T1349: L2TP remote-access vpn terminated and not showing as connected.
Apr 23 2019, 12:39 PM · VyOS 1.3 Equuleus (1.3.0), test

Mar 16 2019

Merijn added a comment to T1218: Static routes not being applied in 1.2 Release.

With 1.2.0-H4 this issue seems to be fixed on my router.

Mar 16 2019, 9:28 PM · VyOS 1.2 Crux (VyOS 1.2.1)

Mar 6 2019

Merijn added a comment to T1218: Static routes not being applied in 1.2 Release.

Do you have an iso to test? I tried latest rolling and also my own iso built from current and i continue to see this issue.
It makes transitioning to 1.2.0 impossible at this moment. Still at 1.1.8 on the routers.

Mar 6 2019, 2:07 PM · VyOS 1.2 Crux (VyOS 1.2.1)

Feb 27 2019

Merijn closed T1268: Unable to build iso from current as Resolved.

Well that is interesting, the package versions are still the same but now it works.

Feb 27 2019, 3:31 PM · Invalid
Merijn added a comment to T1218: Static routes not being applied in 1.2 Release.

I tested the current release and the issue still exists.
After adding staticd=yes on a reboot everything seemed to work.
More specific routes work even when a larger blackhole route is present.
However adding a new blackhole route while more specific routes exist (and work fine) stops them from working. The new blackhole routes get loaded and supress the more specific routes.
Removed a blackhole route allow other routes to work even when they are not part of the blackhole route.

Feb 27 2019, 3:21 PM · VyOS 1.2 Crux (VyOS 1.2.1)

Feb 26 2019

Merijn added a comment to T1268: Unable to build iso from current.

The only packages i manually build are vyatta-cfg-firewall and vyatta-nat, the rest of the packages directories are empty so the packages get downloaded.

Feb 26 2019, 10:38 AM · Invalid
Merijn created T1268: Unable to build iso from current.
Feb 26 2019, 10:37 AM · Invalid

Feb 14 2019

Merijn added a comment to T1218: Static routes not being applied in 1.2 Release.

@kroy by using chroot and trying to install the vyatta-cfg-quagga package i found out what is causing my build iso error:

Feb 14 2019, 10:57 AM · VyOS 1.2 Crux (VyOS 1.2.1)
Merijn added a comment to T1218: Static routes not being applied in 1.2 Release.

@Maltahl just re-tested this, with the staticd=yes added, and a reboot done.
When i add two static routes i would expect the /24 route to work because it is more specific. But is does not and show ip route shows only the /23 blackhole.

Feb 14 2019, 10:38 AM · VyOS 1.2 Crux (VyOS 1.2.1)
Merijn added a comment to T1218: Static routes not being applied in 1.2 Release.

@Maltahl for me it was not fixed with that addition, and i read above that others had this as well.

Feb 14 2019, 9:19 AM · VyOS 1.2 Crux (VyOS 1.2.1)

Feb 13 2019

Merijn added a comment to T1218: Static routes not being applied in 1.2 Release.

@kroy everything is at current, except 'frr' because then i get 7.1dev and i would like 6.0.2 to test if this solved it.
I used debian/master branch from FRR.

Feb 13 2019, 8:38 AM · VyOS 1.2 Crux (VyOS 1.2.1)

Feb 12 2019

Merijn added a comment to T1218: Static routes not being applied in 1.2 Release.

I am experiencing the same issues with a router i tested with 1.2.0 current.
Can we create a test release going back to FRR 6.0.2?

Feb 12 2019, 11:14 PM · VyOS 1.2 Crux (VyOS 1.2.1)

Feb 8 2019

Merijn added a comment to T1148: epa2 BGP peers initiate before config is fully loaded, routes leak..

@zsdc i meant test with 1.2.0 :-)

Feb 8 2019, 12:11 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Merijn added a comment to T1148: epa2 BGP peers initiate before config is fully loaded, routes leak..

We are seeing this issue mostly on BGP routers with Internet Exchange connections because at a reboot we are hitting max-prefix limits with a lot of peers.
At this moment it is not possible to upgrade to latest 1.2.0, still running 1.1.8.

Feb 8 2019, 8:06 AM · VyOS 1.3 Equuleus (1.3.0-epa1)

Jan 29 2019

Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

@hagbard Did you merge the second PR also? For vyos/vyatta-nat?

Jan 29 2019, 11:12 PM · VyOS 1.2 Crux (VyOS 1.2.1)
Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

@hagbard created an iso image and loaded it in a VM. I can add the configuration and at commit the right ip6tables rules are created.

Jan 29 2019, 8:53 PM · VyOS 1.2 Crux (VyOS 1.2.1)
Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

@hagbard the changes are created with the patch files mentioned earlier.
I am in the process of creating packages and an iso with it.

Jan 29 2019, 7:56 PM · VyOS 1.2 Crux (VyOS 1.2.1)
Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

@hagbard PRs created, first time so hope its done right.

Jan 29 2019, 1:55 PM · VyOS 1.2 Crux (VyOS 1.2.1)

Jan 24 2019

Merijn added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

@jmlccdmd
I added a second router and configured conntrack-sync.
Failover and preempt failback works correct.
Both routers show statistics for the firewall rules

Jan 24 2019, 9:50 PM · Restricted Project, Restricted Project, VyOS 1.3 Equuleus (1.3.9)

Jan 22 2019

Merijn added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

But if you run only on the first router, including the VRRP setup it does not work?

Jan 22 2019, 7:39 PM · Restricted Project, Restricted Project, VyOS 1.3 Equuleus (1.3.9)

Jan 21 2019

Merijn added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

@jmlccdmd
I have recreated your setup with Vyos 1.2.0-rc10 and it seems to be working correctly

Jan 21 2019, 9:37 AM · Restricted Project, Restricted Project, VyOS 1.3 Equuleus (1.3.9)

Jan 19 2019

Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

After some searching i found that with the following commands it works:

Jan 19 2019, 10:53 PM · VyOS 1.2 Crux (VyOS 1.2.1)
Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

@hagbard
Test setup created

Jan 19 2019, 10:25 PM · VyOS 1.2 Crux (VyOS 1.2.1)

Jan 16 2019

Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

I can probably create a test setup this week and test the normal implementation in NPTv6 te see what is not working in my production setups.
As i do not have a build server at this moment creating a PR would be a bit difficult, the patch files are included in the comments above.

Jan 16 2019, 8:22 AM · VyOS 1.2 Crux (VyOS 1.2.1)

Jan 15 2019

Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

Then we do not have the same setup :-)
set interfaces ethernet eth0 address 'x.x.x.225/24'
set interfaces ethernet eth0 address 'x:x:x:x::225/64'
set interfaces ethernet eth1 address '10.0.201.1/24'
set interfaces ethernet eth1 address 'fd00:10:0:201::1/64'
set nat nptv6 rule 10 outbound-interface 'eth0'
set nat nptv6 rule 10 source prefix 'fd00:10:0:201::/64'
set nat nptv6 rule 10 translation prefix 'x:x:x:x::/64'
set protocols static route 0.0.0.0/0 next-hop x.x.x.1
set protocols static route6 ::/0 next-hop x:x:x:x::1

Jan 15 2019, 10:36 PM · VyOS 1.2 Crux (VyOS 1.2.1)
Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

@hagbard What do you want me to try. I downloaded and loaded that rolling image and i do not see the proposed patches in it.
I rebooted the router and it did not work.

Jan 15 2019, 9:55 PM · VyOS 1.2 Crux (VyOS 1.2.1)

Jan 14 2019

Merijn added a comment to T1176: FRR - BGP replicating routes.

According to FRR this is normal behavior.
https://github.com/FRRouting/frr/pull/3044

Jan 14 2019, 9:22 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Jan 6 2019

Merijn added a comment to T1157: Static route not reachable through VRRP address.

Do you mean the 31 and 32 also couldn’t ping eachother?

Jan 6 2019, 10:06 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA)

Jan 5 2019

Merijn added a comment to T1035: SNMP BGP 32 bit AS number fail.

https://www.shrubbery.net/mibs/BGP4-MIB.txt
We can start with this like @rherold suggests since FRR supports BGP4 MIB.

Jan 5 2019, 10:23 AM · VyOS 1.4 Sagitta (1.4.0)
Merijn added a comment to T1035: SNMP BGP 32 bit AS number fail.

Seems duplicate with https://phabricator.vyos.net/T366
If we use the Cisco BGP MIBv2 we solve both issues.

Jan 5 2019, 12:06 AM · VyOS 1.4 Sagitta (1.4.0)

Jan 4 2019

Merijn added a comment to T1157: Static route not reachable through VRRP address.

I see in the config that you do not have an interface IP on the VRRP members.
This works in 1.1.8 most of the time. But can you test if 1.2.0 works with those added. The hello source address is not needed then and the chances are the kernel wil load the connected route this way.

Jan 4 2019, 11:51 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-GA)

Jan 2 2019

Merijn added a comment to T1149: flow-accounting stops on 1.2.0-epa2.

Solved by disabling engine ID when the version is 9, not sure if this is enough but on my router it works.

Jan 2 2019, 10:07 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-EPA3)
Merijn added a comment to T1149: flow-accounting stops on 1.2.0-epa2.

Until version 1.7.0 it was possible to (mistakenly) configure the
NetFlow v9 SourceID field/IPFIX Observation Domain ID with the old
NetFlow v5 jargon, ie. '1:1'. This is now threated as invalid and
a positive 32-bit number, ie. '100000', is expected. If exporting
NetFlow v5, nothing changed: the Engine ID/Engine Type input, ie.
'1:1', is still valid and expected.

Jan 2 2019, 9:44 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-EPA3)
Merijn created T1149: flow-accounting stops on 1.2.0-epa2.
Jan 2 2019, 9:42 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-EPA3)
Merijn added a comment to T1148: epa2 BGP peers initiate before config is fully loaded, routes leak..

This behavior was already present in the old Quagga implementation in Vyos 1.1.7.
As a workaround we always shutdown the peers when doing a planned reboot.

Jan 2 2019, 8:21 PM · VyOS 1.3 Equuleus (1.3.0-epa1)

Dec 31 2018

Merijn added a comment to T1112: BGP redistribute static not migrated on upgrade.

Hi, yeah i was planning on adding it later. Thanks.

Dec 31 2018, 12:26 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-EPA3)

Dec 30 2018

Merijn added a comment to T1133: Confusing commit error message for non-existent VRRP sync-groups used in conntrack sync.

@dmbaturin I believe you forgot to create the Sync-Group. The following configuration is working, and it is really nice to see how this got created during migration from Vyos 1.1.8, and to finally have IPv6 in the VRRP configuration.

Dec 30 2018, 9:31 AM · VyOS-1.2.0-GA, vyatta-vrrp, conntrack-tools

Dec 24 2018

Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

One extra patch needed

Dec 24 2018, 1:58 PM · VyOS 1.2 Crux (VyOS 1.2.1)
Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

SInce this is a 1-to-1 mapping it also opens up all incoming ports to the hosts behind the router.

Dec 24 2018, 12:43 PM · VyOS 1.2 Crux (VyOS 1.2.1)

Dec 21 2018

Merijn added a comment to T1096: BGP process memory leak.

It was at 2GB because it is a test router running in the production network.
I increased memory and will check to see if this resolves it.

Dec 21 2018, 11:30 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Merijn added a comment to T1096: BGP process memory leak.

@syncer
It is a virtual machine on Hyper-V 2016 with 2 cores, 2GB memory.
I compared the output from top over te past week and the only changes are in the uacctd processes.

Dec 21 2018, 11:25 AM · VyOS 1.3 Equuleus (1.3.0-epa1)

Dec 17 2018

Merijn added a comment to T1112: BGP redistribute static not migrated on upgrade.

With the following patch the statements are migrated. Needs some work to also migrate the metric and route-map settings. Will try to do that later.

Dec 17 2018, 10:31 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-EPA3)
Merijn created T1112: BGP redistribute static not migrated on upgrade.
Dec 17 2018, 9:24 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-EPA3)

Dec 12 2018

Merijn added a comment to T1095: Connection tracking NAT / FIREWALL.

The idea for 'helper ftp' is a bit harder to implement, because it seems it requires iptables -t raw and currently we only have filter and mangle.

Dec 12 2018, 10:35 PM

Dec 11 2018

Merijn added a comment to T1095: Connection tracking NAT / FIREWALL.

Since during parsing we cannot detect if it is FTP traffic or not, because you can choose whatever port you want, i think the only solution would be to add something like

Dec 11 2018, 4:13 PM
Merijn added a comment to T1095: Connection tracking NAT / FIREWALL.

Probable cause is:
https://unix.stackexchange.com/questions/385693/iptables-nf-conntrack-ftp-not-working-under-debian

Dec 11 2018, 4:09 PM
Merijn created T1096: BGP process memory leak.
Dec 11 2018, 3:53 PM · VyOS 1.3 Equuleus (1.3.0-epa1)

Dec 4 2018

Merijn added a comment to T904: BGP process does not start a boot.

Upgrade to 1.2.0-rc10 and BGP is still working fine. It starts at boot and loads all BGP peers and several full tables.

Dec 4 2018, 10:36 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-EPA3)

Nov 27 2018

Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

With some small changes i changed the scripts to create the proposed NETMAP rules when editing the NPTv6 rules in the configuration. For me this is working and surviving reboot.
I can add the diff files if anyone wants them.

Nov 27 2018, 8:38 PM · VyOS 1.2 Crux (VyOS 1.2.1)
Merijn added a comment to T166: NPTv6 is broken in the rolling release 999.201609170235 .

Re-tested with 1.2.0-rc9 with the same result.
I found that i can enable debug in /opt/vyatta/sbin/vyos-update-nptv6.pl to see what is added and deleted.

Nov 27 2018, 8:02 PM · VyOS 1.2 Crux (VyOS 1.2.1)

Nov 26 2018

Merijn added a comment to T977: Permission denied error when performing config rollback on a machine upgraded from VyOS 1.1.x.

This seems to be easy.
sudo chmod 776 /opt/vyatta/etc/config/archive/config.boot

Nov 26 2018, 9:49 PM · VyOS 1.2 Crux (VyOS 1.2.0-GA), VyOS-1.2.0-GA