Page MenuHomeVyOS Platform
People doctorpangloss

doctorpangloss (Benjamin Berman)
User

Projects

User does not belong to any projects.

User Details

User Since
Feb 6 2023, 8:40 PM (147 w, 4 d)

Recent Activity
View All

Aug 20 2025

doctorpangloss changed the status of T7675: latest rolling has broken vpn remote-access after upgrade from Needs testing to Open.
Aug 20 2025, 3:31 PM · VyOS Rolling

Aug 17 2025

doctorpangloss added a comment to T7674: pdns-recursor failing many previously working DNS lookups, failure rate of 10% after system upgrade.

related: https://forum.vyos.io/t/powerdns-recursor-returns-servfail-with-wan-load-balancer/3671/21

Aug 17 2025, 12:12 AM · VyOS Rolling

Aug 15 2025

doctorpangloss changed the status of T7675: latest rolling has broken vpn remote-access after upgrade from Open to Needs testing.
Aug 15 2025, 11:20 PM · VyOS Rolling
doctorpangloss added a comment to T7675: latest rolling has broken vpn remote-access after upgrade.

appears to be working again with VyOS 2025.08.13-0020-rolling
this might be interacting with firewall global-options receive-redirects

Aug 15 2025, 11:20 PM · VyOS Rolling

Aug 13 2025

doctorpangloss added a comment to T7674: pdns-recursor failing many previously working DNS lookups, failure rate of 10% after system upgrade.

many dns timeouts persist. is this interacting with wan load balancing?

Aug 13 2025, 12:39 AM · VyOS Rolling

Aug 1 2025

doctorpangloss added a comment to T7674: pdns-recursor failing many previously working DNS lookups, failure rate of 10% after system upgrade.

this issue persists, it's now manifesting itself in different ways. about 10% of DNS lookups from LAN clients still fail, now it's 10% of addresses looked up instead of 10% of queries total.

Aug 1 2025, 9:33 PM · VyOS Rolling
doctorpangloss reopened T7674: pdns-recursor failing many previously working DNS lookups, failure rate of 10% after system upgrade as "Open".
Aug 1 2025, 8:41 PM · VyOS Rolling
doctorpangloss closed T6042: ssh scripts should work with arguments again; they do not anymore as Resolved.
Aug 1 2025, 4:41 AM · Bugs, VyOS 1.5 Circinus
doctorpangloss added a comment to T6042: ssh scripts should work with arguments again; they do not anymore.

the ticket is closed, and

ssh vyos@vyos -- /opt/vyatta/bin/vyatta-op-cmd-wrapper show interfaces
Aug 1 2025, 4:41 AM · Bugs, VyOS 1.5 Circinus

Jul 31 2025

doctorpangloss created T7675: latest rolling has broken vpn remote-access after upgrade.
Jul 31 2025, 6:12 PM · VyOS Rolling
doctorpangloss added a comment to T6843: l2tp remote-access stops working after vpn settings modified and graceful reboot, workaround included.

VyOS 2025.07.28-0022-rolling has completely broken the remote access connectivity.

Jul 31 2025, 6:11 PM · VyOS Rolling
doctorpangloss closed T7674: pdns-recursor failing many previously working DNS lookups, failure rate of 10% after system upgrade as Resolved.
Jul 31 2025, 6:02 PM · VyOS Rolling
doctorpangloss added a comment to T7674: pdns-recursor failing many previously working DNS lookups, failure rate of 10% after system upgrade.
set service dns forwarding cache-size 10000
set service dns forwarding system

appears to resolve the issue, any insights?

Jul 31 2025, 6:02 PM · VyOS Rolling
doctorpangloss renamed T7674: pdns-recursor failing many previously working DNS lookups, failure rate of 10% after system upgrade from Too much time waiting for... pdns-recursor failing many previously working DNS lookups to pdns-recursor failing many previously working DNS lookups, failure rate of 10% after system upgrade.
Jul 31 2025, 5:51 PM · VyOS Rolling
doctorpangloss added a comment to T7674: pdns-recursor failing many previously working DNS lookups, failure rate of 10% after system upgrade.
# python3 <<'EOF'
> import socket
> import time
> import struct
> import random
> import sys
> 
> # --- Configuration ---
> DNS_SERVER = "8.8.8.8"
> DNS_PORT = 53
> QUERY_DOMAIN = "google.com"
> TIMEOUT = 1.0  # 1 second timeout
> 
> # --- Counters ---
> success_count = 0
> timeout_count = 0
> total_count = 0
> 
> def build_dns_query(domain_name):
>     # Standard DNS query header
>     transaction_id = random.randint(0, 65535)
>     flags = 0x0100  # Standard query
>     questions = 1
>     header = struct.pack('!HHHHHH', transaction_id, flags, questions, 0, 0, 0)
> 
>     # Question section
>     qname = b''
>     for part in domain_name.split('.'):
>         qname += struct.pack('B', len(part)) + part.encode('utf-8')
>     qname += b'\x00'  # End of QNAME
> 
>     qtype = 1  # A record
>     qclass = 1 # IN class
>     question = struct.pack('!HH', qtype, qclass)
> 
>     return header + qname + question
> 
> def print_stats():
>     global success_count, timeout_count, total_count
>     if total_count == 0:
>         return
>     
>     timeout_rate = (timeout_count / total_count) * 100
>     status_line = (
>         f"\rSuccess: {success_count} | "
>         f"Timeouts: {timeout_count} | "
>         f"Total: {total_count} | "
>         f"Timeout Rate: {timeout_rate:.2f}%  "
>     )
>     sys.stdout.write(status_line)
>     sys.stdout.flush()
> 
> print(f"--- Starting DNS timeout test against {DNS_SERVER} (Ctrl+C to stop) ---")
> 
> try:
>     while True:
>         total_count += 1
>         query = build_dns_query(QUERY_DOMAIN)
>         
>         sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
>         sock.settimeout(TIMEOUT)
>         
>         try:
>             sock.sendto(query, (DNS_SERVER, DNS_PORT))
>             data, addr = sock.recvfrom(512)
>             success_count += 1
>         except socket.timeout:
>             timeout_count += 1
>         except Exception as e:
>             # Handle other potential errors, though timeout is the one we expect
>             timeout_count += 1
>         finally:
>             sock.close()
> 
>         print_stats()
>         time.sleep(1)
> 
> except KeyboardInterrupt:
>     print("\n--- Test stopped. Final Statistics ---")
>     print_stats()
>     print("\n")
> 
> EOF
--- Starting DNS timeout test against 8.8.8.8 (Ctrl+C to stop) ---
Success: 68 | Timeouts: 0 | Total: 68 | Timeout Rate: 0.00%  ^C
--- Test stopped. Final Statistics ---
Success: 68 | Timeouts: 0 | Total: 68 | Timeout Rate: 0.00%
Jul 31 2025, 5:51 PM · VyOS Rolling
doctorpangloss created T7674: pdns-recursor failing many previously working DNS lookups, failure rate of 10% after system upgrade.
Jul 31 2025, 5:02 PM · VyOS Rolling

Dec 4 2024

doctorpangloss added a comment to T6843: l2tp remote-access stops working after vpn settings modified and graceful reboot, workaround included.

modifying any settings in the vpn block seems to break remote access until the vpn l2tp remote-access authentication local-users block is modified

Dec 4 2024, 9:59 PM · VyOS Rolling
doctorpangloss renamed T6843: l2tp remote-access stops working after vpn settings modified and graceful reboot, workaround included from l2tp remote-access doesn't work after graceful reboot, workaround included to l2tp remote-access stops working after vpn settings modified and graceful reboot, workaround included.
Dec 4 2024, 9:59 PM · VyOS Rolling
doctorpangloss added a comment to T6843: l2tp remote-access stops working after vpn settings modified and graceful reboot, workaround included.

still an issue in latest

Dec 4 2024, 9:40 PM · VyOS Rolling
doctorpangloss renamed T6843: l2tp remote-access stops working after vpn settings modified and graceful reboot, workaround included from l2tp remote-access doesn't work after power loss, workaround included to l2tp remote-access doesn't work after graceful reboot, workaround included.
Dec 4 2024, 9:39 PM · VyOS Rolling
doctorpangloss created T6938: removing disable from a site-to-site ipsec peer never initializes the ipsec tunnel.
Dec 4 2024, 8:15 PM

Oct 31 2024

doctorpangloss updated the task description for T6843: l2tp remote-access stops working after vpn settings modified and graceful reboot, workaround included.
Oct 31 2024, 10:52 PM · VyOS Rolling
doctorpangloss created T6843: l2tp remote-access stops working after vpn settings modified and graceful reboot, workaround included.
Oct 31 2024, 10:43 PM · VyOS Rolling

Sep 26 2024

doctorpangloss added a comment to T6716: Offload settings are being automatically updated to reflect kernel settings.

What is the approach for preventing offloads from being added back in after boot? I deleting them before upgrading, upgraded to a nightly with this patch, but I observed the offloads returned:

Sep 26 2024, 6:48 PM · Bugs, VyOS 1.5 Circinus

Feb 18 2024

doctorpangloss created T6047: Configuration path: system ip [nht] is not valid, but according to docs, it shuld be.
Feb 18 2024, 2:43 AM · VyOS 1.5 Circinus

Feb 16 2024

doctorpangloss added a comment to T6042: ssh scripts should work with arguments again; they do not anymore.

interesting, it may have been broken sometime between 1.3.1 and 1.3.6 then. I used automations like these all the time. let me verify the behavior generally on ubuntu

Feb 16 2024, 12:11 PM · Bugs, VyOS 1.5 Circinus
doctorpangloss created T6042: ssh scripts should work with arguments again; they do not anymore.
Feb 16 2024, 8:30 AM · Bugs, VyOS 1.5 Circinus

Jan 29 2024

doctorpangloss triaged T6000: [1.3.x -> 1.5.x] migrating threw exception in /opt/vyatta/etc/config-migrate/migrate/https/5-to-6, performed workaround as Normal priority.
Jan 29 2024, 4:51 PM · VyOS 1.4 Sagitta, VyOS 1.5 Circinus

Feb 25 2023

doctorpangloss added a comment to T5033: generate-public-key command fails for address with multiple public keys like GitHub.

Yes, apparently so from GitHub.

Feb 25 2023, 8:12 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.3)

Feb 24 2023

doctorpangloss created T5033: generate-public-key command fails for address with multiple public keys like GitHub.
Feb 24 2023, 9:02 PM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.3)