Page MenuHomeVyOS Platform
People diodep

diodep (Kongo Hikari)
User

Projects

User does not belong to any projects.

User Details

User Since
Thu, Mar 2, 11:46 AM (3 w, 15 h)

Recent Activity
View All

Tue, Mar 21

diodep closed T5098: PPPoE client holdoff configuration as Resolved.
Tue, Mar 21, 9:10 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Mon, Mar 20

diodep created T5098: PPPoE client holdoff configuration.
Mon, Mar 20, 8:44 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
diodep added a comment to T5049: Configure GRE over IPsec tunnel when source port is in VRF, OSPF causes GRE tunnel broken..

Workaround: put these lines to /config/scripts/vyos-postconfig-bootup.script

Mon, Mar 20, 8:38 AM · VyOS 1.4 Sagitta

Thu, Mar 16

diodep added a comment to T5049: Configure GRE over IPsec tunnel when source port is in VRF, OSPF causes GRE tunnel broken..
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: authentication of 'domain1' with RSA_EMSA_PKCS1_SHA2_256 successful
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[IKE] <JXNCCT|2> peer supports MOBIKE
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: peer supports MOBIKE
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[IKE] <JXNCCT|2> authentication of 'domain2' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: authentication of 'domain2' (myself) with RSA_EMSA_PKCS1_SHA2_256 successful
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[IKE] <JXNCCT|2> IKE_SA JXNCCT[2] established between <pubIP2>[domain2]...<pubIP1>[domain1]
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: IKE_SA JXNCCT[2] established between <pubIP2>[domain2]...<pubIP1>[domain1]
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[IKE] <JXNCCT|2> scheduling rekeying in 28200s
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: scheduling rekeying in 28200s
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[IKE] <JXNCCT|2> maximum IKE_SA lifetime 31080s
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: maximum IKE_SA lifetime 31080s
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[CFG] <JXNCCT|2> selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: selected proposal: ESP:AES_CBC_128/HMAC_SHA1_96/NO_EXT_SEQ
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[KNL] <JXNCCT|2> received netlink error: Invalid argument (22)
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: received netlink error: Invalid argument (22)
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[KNL] <JXNCCT|2> unable to install source route for 192.168.127.32
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: unable to install source route for 192.168.127.32
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[IKE] <JXNCCT|2> CHILD_SA JXNCCT-tunnel-1{2} established with SPIs c4ba20f9_i c3ba4340_o and TS 192.168.127.32/32 === 192.168.63.32/32
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: CHILD_SA JXNCCT-tunnel-1{2} established with SPIs c4ba20f9_i c3ba4340_o and TS 192.168.127.32/32 === 192.168.63.32/32
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[ENC] <JXNCCT|2> generating IKE_AUTH response 1 [ IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) ]
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: generating IKE_AUTH response 1 [ IDr AUTH SA TSi TSr N(MOBIKE_SUP) N(NO_ADD_ADDR) ]
Mar 16 12:47:29 bsp-asbr2-cm charon[45036]: 14[NET] <JXNCCT|2> sending packet: from <pubIP2>[4500] to <pubIP1>[4500] (476 bytes)
Mar 16 12:47:29 bsp-asbr2-cm charon-systemd[45036]: sending packet: from <pubIP2>[4500] to <pubIP1>[4500] (476 bytes)
Mar 16 12:47:59 bsp-asbr2-cm charon[45036]: 06[NET] <JXNCCT|2> received packet: from <pubIP1>[4500] to <pubIP2>[4500] (76 bytes)
Mar 16 12:47:59 bsp-asbr2-cm charon-systemd[45036]: received packet: from <pubIP1>[4500] to <pubIP2>[4500] (76 bytes)
Mar 16 12:47:59 bsp-asbr2-cm charon[45036]: 06[ENC] <JXNCCT|2> parsed INFORMATIONAL request 2 [ ]
Mar 16 12:47:59 bsp-asbr2-cm charon-systemd[45036]: parsed INFORMATIONAL request 2 [ ]
Mar 16 12:47:59 bsp-asbr2-cm charon[45036]: 06[ENC] <JXNCCT|2> generating INFORMATIONAL response 2 [ ]
Mar 16 12:47:59 bsp-asbr2-cm charon-systemd[45036]: generating INFORMATIONAL response 2 [ ]
Mar 16 12:47:59 bsp-asbr2-cm charon[45036]: 06[NET] <JXNCCT|2> sending packet: from <pubIP2>[4500] to <pubIP1>[4500] (76 bytes)
Mar 16 12:47:59 bsp-asbr2-cm charon-systemd[45036]: sending packet: from <pubIP2>[4500] to <pubIP1>[4500] (76 bytes)
Thu, Mar 16, 4:55 AM · VyOS 1.4 Sagitta

Tue, Mar 7

diodep added a comment to T3655: NAT Problem with VRF.
In T3655#143947, @fernando wrote:

it doesn't seem the same problem as here, this logic that was applied over this version was vrf not on the table . Could you share full configuration ? there is some point over vrfs / vrf default /leaking that are not clear. So I can replicate the scenery and we see what is going on .

Tue, Mar 7, 4:36 PM · Known issue, VyOS 1.4 Sagitta

Sat, Mar 4

diodep added a comment to T3655: NAT Problem with VRF.
In T3655#143947, @fernando wrote:

it doesn't seem the same problem as here, this logic that was applied over this version was vrf not on the table . Could you share full configuration ? there is some point over vrfs / vrf default /leaking that are not clear. So I can replicate the scenery and we see what is going on .

Sat, Mar 4, 2:52 AM · Known issue, VyOS 1.4 Sagitta

Fri, Mar 3

diodep added a comment to T5048: QoS doesn't work correctly on 1.4-rolling-202302150317.
In T5048#143916, @Viacheslav wrote:

As I understand there no percent or auto and it now expects only rate, needs to check

[email protected]# set qos policy shaper test default bandwidth
Possible completions:
   <number>             Bits per second
   <number>bit          Bits per second
   <number>kbit         Kilobits per second
   <number>mbit         Megabits per second
   <number>gbit         Gigabits per second
   <number>tbit         Terabits per second
   <number>
Fri, Mar 3, 8:51 AM · VyOS 1.4 Sagitta
diodep added a comment to T5048: QoS doesn't work correctly on 1.4-rolling-202302150317.

I don't know why when I set bandwidth from 10k-10mbit/s, the QoS shaper works correctly but when I set to 100mbit/s~600mbit/s, I only get fews of mbit/s or tens of mbit/s. When I set above about 800mbit/s it looks like no limitation at all. When I manually set limit by tc commands, it seems okay.

Fri, Mar 3, 8:45 AM · VyOS 1.4 Sagitta
diodep added a comment to T5048: QoS doesn't work correctly on 1.4-rolling-202302150317.

I don't know why I set a 100mbit/s shaper, but result in lots of retry and 5~10mbit/s speed.

Fri, Mar 3, 8:37 AM · VyOS 1.4 Sagitta
diodep added a comment to T5048: QoS doesn't work correctly on 1.4-rolling-202302150317.
In T5048#143912, @Viacheslav wrote:

Try the latest rolling release

Fri, Mar 3, 8:29 AM · VyOS 1.4 Sagitta
diodep added a comment to T3655: NAT Problem with VRF.

I have almost same problem here. Can't NAT between two VRFs correctly. The outgoing packet has been NATed correctly but the incoming packet seems be dropped, can't reach the source.

Fri, Mar 3, 6:21 AM · Known issue, VyOS 1.4 Sagitta
diodep added a comment to T5049: Configure GRE over IPsec tunnel when source port is in VRF, OSPF causes GRE tunnel broken..

Btw, in this rolling release, OSPF BFD in tunnel doesn't work correctly too.

Fri, Mar 3, 3:06 AM · VyOS 1.4 Sagitta
diodep created T5049: Configure GRE over IPsec tunnel when source port is in VRF, OSPF causes GRE tunnel broken..
Fri, Mar 3, 3:03 AM · VyOS 1.4 Sagitta
diodep added a comment to T4031: Ability to configure DMVPN in vrf.

You can manually modify strongswan's systemd service file to add 'ip vrf exec charond'. But it causes other problem.

Fri, Mar 3, 2:47 AM · VyOS 1.4 Sagitta
diodep created T5048: QoS doesn't work correctly on 1.4-rolling-202302150317.
Fri, Mar 3, 2:44 AM · VyOS 1.4 Sagitta