User Details
User Details
- User Since
- Oct 2 2019, 6:00 PM (182 w, 1 d)
Yesterday
Yesterday
Viacheslav added a comment to T5123: Display route originator in show ospf table command.
Viacheslav added a comment to T4173: Wan Load Balancing - Error on firewall NAT rules.
There also additional bugs relates iptables-nft with marking packets
https://github.com/vyos/vyatta-wanloadbalance/blob/70ee1319c20e083ab407d8a11faa44c74d05f084/src/lbdecision.cc#L312
[email protected]# sudo nft list table ip mangle # Warning: table ip mangle is managed by iptables-nft, do not touch! table ip mangle { chain PREROUTING { type filter hook prerouting priority mangle; policy accept; counter packets 851 bytes 179376 jump WANLOADBALANCE_PRE }
Wed, Mar 29
Wed, Mar 29
Viacheslav added a comment to T4173: Wan Load Balancing - Error on firewall NAT rules.
Viacheslav placed T4173: Wan Load Balancing - Error on firewall NAT rules up for grabs.
Viacheslav added a comment to T4173: Wan Load Balancing - Error on firewall NAT rules.
Viacheslav added a comment to T5086: Integrate hsflowd for sflow accounting.
bump hsflowd version to v2.0.50-3
Viacheslav changed the subtype of T5121: Incorrect "architecture" config loaded from "Task" to "Bug".
Viacheslav changed the status of T5122: Move "archive-areas" to defaults.toml to support "non-free-firmware" repository from Open to Needs testing.
Viacheslav changed the status of T5110: Show frr op-mode vtysh_pam: Failed in account validation, a subtask of T5100: Update FRR to 8.5, from In progress to Needs testing.
Viacheslav changed the status of T5110: Show frr op-mode vtysh_pam: Failed in account validation from In progress to Needs testing.
Viacheslav changed the status of T5110: Show frr op-mode vtysh_pam: Failed in account validation, a subtask of T5100: Update FRR to 8.5, from Open to In progress.
Viacheslav changed the status of T5110: Show frr op-mode vtysh_pam: Failed in account validation from Open to In progress.
Viacheslav added a comment to T5110: Show frr op-mode vtysh_pam: Failed in account validation.
Viacheslav changed the status of T5118: Cleanup vestigial ntp completion script from Open to Needs testing.
Viacheslav changed the subtype of T5117: wide-dhcpv6 prefix delegation & router adverts for prefixes not working with decrement-lifetimes from "Task" to "Bug".
Tue, Mar 28
Tue, Mar 28
Viacheslav added a comment to T4516: Rewrite system image manipulation tools in Python.
Viacheslav changed the subtype of T5116: Better VRF support from "Task" to "Feature Request".
Mon, Mar 27
Mon, Mar 27
Viacheslav closed T4737: FRRouting/zebra 7.5.1 does not redistribute routes to other protocols as Resolved.
Works fine after re-build the FRR package VyOS 1.3-stable-202303270905
Viacheslav added a comment to T4770: Rewrite OpenVPN op-mode to vyos.opmode format.
The site-to-site mode shows that tunnel not configured
Config:
set interfaces openvpn vtun52 description 'Site-to-Site' set interfaces openvpn vtun52 local-address xxx.xxx.0.1 set interfaces openvpn vtun52 local-port '1152' set interfaces openvpn vtun52 mode 'site-to-site' set interfaces openvpn vtun52 persistent-tunnel set interfaces openvpn vtun52 protocol 'udp' set interfaces openvpn vtun52 remote-address 'xxx.xxx.0.2' set interfaces openvpn vtun52 remote-host 'xxx.xxx.41.117' set interfaces openvpn vtun52 remote-port '1152' set interfaces openvpn vtun52 shared-secret-key 's2s'
interface:
[email protected]:~$ show int openvpn Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address S/L Description --------- ---------- --- ----------- vtun52 10.52.0.1/32 u/u Site-to-Site
Output show openvpn
[email protected]:~$ show openvpn site-to-site No OpenVPN interfaces configured [email protected]:~$
Viacheslav raised the priority of T4737: FRRouting/zebra 7.5.1 does not redistribute routes to other protocols from Normal to High.
The required patch is not included in builds and they have the same bug.
Version: VyOS 1.3-stable-202303270442 Release train: equuleus
Viacheslav changed the status of T5113: PDNS: Support custom port for DNS forwarders from Open to Needs testing.
Sun, Mar 26
Sun, Mar 26
Viacheslav changed the status of T5112: Enable support for Network Time Security (NTS) for chrony, a subtask of T3008: Migrate from ntpd to chronyd, from Open to Needs testing.
Viacheslav changed the status of T5112: Enable support for Network Time Security (NTS) for chrony from Open to Needs testing.
Sat, Mar 25
Sat, Mar 25
Viacheslav added a project to T5112: Enable support for Network Time Security (NTS) for chrony: VyOS 1.4 Sagitta.
Fri, Mar 24
Fri, Mar 24
Viacheslav placed T5022: VRRP add mail notification up for grabs.
Thu, Mar 23
Thu, Mar 23
Viacheslav added a parent task for T5110: Show frr op-mode vtysh_pam: Failed in account validation: T5100: Update FRR to 8.5.
Viacheslav updated the task description for T5110: Show frr op-mode vtysh_pam: Failed in account validation.
Viacheslav renamed T5110: Show frr op-mode vtysh_pam: Failed in account validation from Show version frr vtysh_pam: Failed in account validation to Show frr op-mode vtysh_pam: Failed in account validation.
Viacheslav added a comment to T5108: Get rate limit for L2TP/PPTP/SSTP/IPoE in raw format.
Viacheslav changed the status of T5108: Get rate limit for L2TP/PPTP/SSTP/IPoE in raw format from Open to In progress.
Tue, Mar 21
Tue, Mar 21
Viacheslav changed the status of T5099: IPoE server add option 'next-pool' for named ip pools from Open to In progress.
Viacheslav added a comment to T5099: IPoE server add option 'next-pool' for named ip pools.
PR https://github.com/vyos/vyos-1x/pull/1901
set service ipoe-server authentication mode 'noauth' set service ipoe-server client-ip-pool name first-pool gateway-address '192.0.2.1' set service ipoe-server client-ip-pool name first-pool next-pool 'second-pool' set service ipoe-server client-ip-pool name first-pool subnet '192.0.2.0/25' set service ipoe-server client-ip-pool name second-pool gateway-address '203.0.113.1' set service ipoe-server client-ip-pool name second-pool next-pool 'third-pool' set service ipoe-server client-ip-pool name second-pool subnet '203.0.113.0/25' set service ipoe-server client-ip-pool name third-pool gateway-address '198.51.100.1' set service ipoe-server client-ip-pool name third-pool subnet '198.51.100.0/24' set service ipoe-server interface eth1
Viacheslav changed the status of T5050: Firewall - Add options for logging packets from In progress to Needs testing.
Viacheslav edited projects for T5098: PPPoE client holdoff configuration, added: VyOS 1.3 Equuleus (1.3.3); removed VyOS 1.3 Equuleus (1.3.4).
Viacheslav moved T5098: PPPoE client holdoff configuration from Need Triage to Backport Candidates on the VyOS 1.4 Sagitta board.
Viacheslav added a comment to T5100: Update FRR to 8.5.
Mon, Mar 20
Mon, Mar 20
Viacheslav updated the task description for T5099: IPoE server add option 'next-pool' for named ip pools.
Viacheslav updated the task description for T5099: IPoE server add option 'next-pool' for named ip pools.
Viacheslav updated the task description for T5099: IPoE server add option 'next-pool' for named ip pools.
Viacheslav renamed T5099: IPoE server add option 'next-pool' for named ip pools from IPoE server add option 'next-pool' to IPoE server add option 'next-pool' for named ip pools.
Fri, Mar 17
Fri, Mar 17
Viacheslav added a comment to T5086: Integrate hsflowd for sflow accounting.
Viacheslav closed T5092: IPoE-server named pool must not rely on the authentication type as Resolved.
Viacheslav added a comment to T5086: Integrate hsflowd for sflow accounting.
As DROP_MONITOR merged we can extend configuration to
set system sflow drop-monitor-limit 50
hsflowd.conf
dropmon { limit=50 start=on sw=on hw=off }Viacheslav renamed T5091: IPoE server with RADIUS authentication does not verify radius configuration from IPoE server with RADIUS authentication does not check radius configuration to IPoE server with RADIUS authentication does not verify radius configuration.
Viacheslav changed the status of T5092: IPoE-server named pool must not rely on the authentication type from In progress to Needs testing.
Viacheslav changed the status of T5086: Integrate hsflowd for sflow accounting from In progress to Needs testing.
Thu, Mar 16
Thu, Mar 16
Viacheslav moved T5063: IPoE-server ethX vlan must not be used with client-subnet from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav reopened T5057: IPoE server incorrect interface regex as "Open".
Viacheslav moved T3083: Add feature event-handler from Backlog to Finished on the VyOS 1.4 Sagitta board.
Viacheslav changed the status of T5091: IPoE server with RADIUS authentication does not verify radius configuration from Open to In progress.
Viacheslav renamed T5091: IPoE server with RADIUS authentication does not verify radius configuration from IPoE server with RARIUS authentication does not check radius configuration to IPoE server with RADIUS authentication does not check radius configuration.
Viacheslav updated the task description for T5094: FRR systemd logs unknow key LimitNOFILESoft.
Viacheslav updated the task description for T5094: FRR systemd logs unknow key LimitNOFILESoft.
Viacheslav added a comment to T5094: FRR systemd logs unknow key LimitNOFILESoft.
[Service]
LimitNOFILE=4096
LimitNOFILESoft=4096
ExecStartPre=/bin/bash -c 'mkdir -p /run/frr/config; \
echo "log syslog" > /run/frr/config/frr.conf; \ echo "log facility local7" >> /run/frr/config/frr.conf; \ chown frr:frr /run/frr/config/frr.conf; \ chmod 664 /run/frr/config/frr.conf; \ mount --bind /run/frr/config/frr.conf /etc/frr/frr.conf'
[edit]
[email protected]#
Viacheslav added a comment to T5092: IPoE-server named pool must not rely on the authentication type.
Viacheslav changed the status of T5092: IPoE-server named pool must not rely on the authentication type from Open to In progress.
Wed, Mar 15
Wed, Mar 15
Viacheslav added a comment to T3083: Add feature event-handler.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1892
Viacheslav added a comment to T4362: Wan Load Balancing - Can't create routing tables.
@marc_s thanks, it makes sense.
Viacheslav moved T2516: vyos-container: cannot configure ethernet interface from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a comment to T4362: Wan Load Balancing - Can't create routing tables.
Tue, Mar 14
Tue, Mar 14
Viacheslav changed the status of T5086: Integrate hsflowd for sflow accounting from Open to In progress.
Viacheslav added a comment to T5086: Integrate hsflowd for sflow accounting.
Viacheslav changed the status of T5085: ospfv3 route-map not applied in FRR configuration from In progress to Needs testing.
Viacheslav added a comment to T5085: ospfv3 route-map not applied in FRR configuration.
Will be fixed in the next rolling release
Viacheslav added a comment to T5086: Integrate hsflowd for sflow accounting.
Jenkins job looks simple
git clone https://github.com/sflow/host-sflow make deb FEATURES="NFLOG PCAP TCP DBUS SYSTEMD"
Viacheslav added a comment to T5085: ospfv3 route-map not applied in FRR configuration.
PR https://github.com/vyos/vyos-1x/pull/1888
set policy route-map RMAP6 rule 10 action 'deny' set policy route-map RMAP6 rule 10 match ip address prefix-len '0' set protocols ospfv3 route-map 'RMAP6'
Viacheslav changed the status of T5085: ospfv3 route-map not applied in FRR configuration from Open to In progress.
Mon, Mar 13
Mon, Mar 13
Viacheslav added a comment to T2516: vyos-container: cannot configure ethernet interface.
PR https://github.com/vyos/vyos-1x/pull/1886
[email protected]# set interfaces ethernet eth0 address 192.0.2.5/24 [edit] [email protected]# commit [ interfaces ethernet eth0 ] sudo: unable to resolve host 91800359325b: System error
Viacheslav changed the status of T2516: vyos-container: cannot configure ethernet interface from Needs testing to In progress.
Viacheslav added a project to T2516: vyos-container: cannot configure ethernet interface: VyOS 1.4 Sagitta.