I was not aware that the nft implementation changes the kind of how groups are used.
We have implemented a blacklisting approach which heavily relates on using ipset because no one wants to have hundred thousand of addresses in the config file.
So I think this is essential, at least for us.

In T1610#110278, @jestabro wrote:

@adestis there were discussions on this in the past week --- I will be helping @dmbaturin with the task

Seems like this is already handled in T4101

I could commit a merge request but I have not figured out in which repo the file is located.

@Viacheslav steps to reproduce:

@m.korobeinikov why not use network group with /32 host addresses ?

Great. As soon as there is an example available I think I can also help provide additional commands.

Who can help with the architecture of this webservice?

When there is an example for operator rest api commands I could add some functionality.
But the architecture for such operations should be provided by someone who is deeper involved in the vyos roadmap.

So far I have seen that BFD for static routes in FRR is currently under development:
https://github.com/FRRouting/frr/issues/3369

@Cheeze_It BFD for static routes would be nice as well but sometimes the target you test against is not under your control and/or does not support BFD.

@jestabro you removed VyOS 1.2.6 does this mean it will not be included in 1.2.x ?

@c-po wrote:
I would not backport it. Its a proof of concept and things are still unclear about peer configuration (why does cumulus FRR behave differently and has no peer config) also the FRR interface is only a PoC.

Hi trae32566

It would be awsome if the feature could also be made available in the next VyOS 1.2.x version.
Because it likely takes a lot more time until version 1.3 gets released.

Hello runar,
I know that it's possible to do it manually.
But I really would like to see a more integrated solution where you can add a check for the next hop inside the configuration.

Hi zsdc,

The suggestion from @rps (XORP style) seems to be the best way from my point of view:
https://phabricator.vyos.net/V3#51

@higebu: Thank you we will give it a try.
I think that should be the default setting as long as the problem is not fixed.

In T67#1060, @dmbaturin wrote:

@brona Do you know exact reproducing procedure?
We noticed this problem with Veeam Backup and Replication tool that uses quiescence, but we could never reproduce it simply by making a snapshot of a test VM.

Maybe just bad luck, but 4x create snapshot 4x frozen router (Always on ESXi 5.5)