User Details
- User Since
- Oct 2 2019, 6:00 PM (182 w, 1 d)
Yesterday
There also additional bugs relates iptables-nft with marking packets
https://github.com/vyos/vyatta-wanloadbalance/blob/70ee1319c20e083ab407d8a11faa44c74d05f084/src/lbdecision.cc#L312
[email protected]# sudo nft list table ip mangle # Warning: table ip mangle is managed by iptables-nft, do not touch! table ip mangle { chain PREROUTING { type filter hook prerouting priority mangle; policy accept; counter packets 851 bytes 179376 jump WANLOADBALANCE_PRE }
Wed, Mar 29
bump hsflowd version to v2.0.50-3
Tue, Mar 28
Mon, Mar 27
Works fine after re-build the FRR package VyOS 1.3-stable-202303270905
The site-to-site mode shows that tunnel not configured
Config:
set interfaces openvpn vtun52 description 'Site-to-Site' set interfaces openvpn vtun52 local-address xxx.xxx.0.1 set interfaces openvpn vtun52 local-port '1152' set interfaces openvpn vtun52 mode 'site-to-site' set interfaces openvpn vtun52 persistent-tunnel set interfaces openvpn vtun52 protocol 'udp' set interfaces openvpn vtun52 remote-address 'xxx.xxx.0.2' set interfaces openvpn vtun52 remote-host 'xxx.xxx.41.117' set interfaces openvpn vtun52 remote-port '1152' set interfaces openvpn vtun52 shared-secret-key 's2s'
interface:
[email protected]:~$ show int openvpn Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address S/L Description --------- ---------- --- ----------- vtun52 10.52.0.1/32 u/u Site-to-Site
Output show openvpn
[email protected]:~$ show openvpn site-to-site No OpenVPN interfaces configured [email protected]:~$
The required patch is not included in builds and they have the same bug.
Version: VyOS 1.3-stable-202303270442 Release train: equuleus
Sun, Mar 26
Sat, Mar 25
Fri, Mar 24
Thu, Mar 23
Tue, Mar 21
PR https://github.com/vyos/vyos-1x/pull/1901
set service ipoe-server authentication mode 'noauth' set service ipoe-server client-ip-pool name first-pool gateway-address '192.0.2.1' set service ipoe-server client-ip-pool name first-pool next-pool 'second-pool' set service ipoe-server client-ip-pool name first-pool subnet '192.0.2.0/25' set service ipoe-server client-ip-pool name second-pool gateway-address '203.0.113.1' set service ipoe-server client-ip-pool name second-pool next-pool 'third-pool' set service ipoe-server client-ip-pool name second-pool subnet '203.0.113.0/25' set service ipoe-server client-ip-pool name third-pool gateway-address '198.51.100.1' set service ipoe-server client-ip-pool name third-pool subnet '198.51.100.0/24' set service ipoe-server interface eth1
Mon, Mar 20
Fri, Mar 17
As DROP_MONITOR merged we can extend configuration to
set system sflow drop-monitor-limit 50
hsflowd.conf
dropmon { limit=50 start=on sw=on hw=off }
Thu, Mar 16
[Service]
LimitNOFILE=4096
LimitNOFILESoft=4096
ExecStartPre=/bin/bash -c 'mkdir -p /run/frr/config; \
echo "log syslog" > /run/frr/config/frr.conf; \ echo "log facility local7" >> /run/frr/config/frr.conf; \ chown frr:frr /run/frr/config/frr.conf; \ chmod 664 /run/frr/config/frr.conf; \ mount --bind /run/frr/config/frr.conf /etc/frr/frr.conf'
[edit]
[email protected]#
Wed, Mar 15
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1892
@marc_s thanks, it makes sense.
Tue, Mar 14
Will be fixed in the next rolling release
Jenkins job looks simple
git clone https://github.com/sflow/host-sflow make deb FEATURES="NFLOG PCAP TCP DBUS SYSTEMD"
PR https://github.com/vyos/vyos-1x/pull/1888
set policy route-map RMAP6 rule 10 action 'deny' set policy route-map RMAP6 rule 10 match ip address prefix-len '0' set protocols ospfv3 route-map 'RMAP6'
Mon, Mar 13
PR https://github.com/vyos/vyos-1x/pull/1886
[email protected]# set interfaces ethernet eth0 address 192.0.2.5/24 [edit] [email protected]# commit [ interfaces ethernet eth0 ] sudo: unable to resolve host 91800359325b: System error