User Details
- User Since
- May 11 2021, 12:36 PM (167 w, 3 d)
Thu, Jul 25
tested and resolved : VyOS 1.5-rolling-202407251105
tested and resolved, we've added this change in our cli to fix this deprecate option in opnvpn :
[edit] vyos@vyos-ser-win# set interfaces openvpn vtun10 server topology Possible completions: subnet Subnet topology (recommended) (default) point-to-point Point-to-point topology net30 net30 topology (deprecated)
Sat, Jul 13
I've tested in the new version , the problem with default net30 , it is already there .however , when the new version started show a warning message that migrating from net30 to subnet because is going to be deprecated :
Fri, Jul 5
Thu, Jul 4
task related : https://vyos.dev/T4025
Wed, Jul 3
I've checked this bug , it's still present the vesion 1.4./1.5 and the 1.3.x , this problem is related to the update of the new version (openvpn) where the syntax to create a tunnel tap (layer2) is changed , this command allow to transport frame and it's needed when you want to bridge a vtun :
Mon, Jul 1
I've created the FRR bug report :
Thu, Jun 27
confirm that it works as well , spoke to spoke connection adding authentication. :
Jun 27 2024
@volodymyr.huti I've checked a hub & spoke with Cisco nhrp and opennhrp , it works ,although, it has some issues related to establish spoke to spoke tunnel or when removing the password , here is my environment (it was merged for the master branch, not backport to stable) .
Jun 25 2024
Jun 13 2024
here we can add some prevention to raise error, to avoid that someone uses in EBGP a profile to IBGP, because, the problem is under FRR which syntax brakes the frr-cli.
I've tested it, the problem here is because you change a wrong local role , in your configuration is a rs-client ( IBGP relationship) but when you move to rs-server ( only works with EBGP , this attribute reflect EBGP routes to bgp router clients ) , so, that it's reason why you are not allowed to change :
VyOS :
vyos@vyos# run show configuration commands | match bgp set protocols bgp neighbor 10.88.88.255 address-family ipv4-unicast set protocols bgp neighbor 10.88.88.255 peer-group 'FAST' set protocols bgp peer-group FAST capability dynamic set protocols bgp peer-group FAST graceful-restart 'enable' set protocols bgp peer-group FAST local-role rs-client set protocols bgp peer-group FAST password 'F@st123!' set protocols bgp peer-group FAST remote-as '211186' set protocols bgp peer-group FAST update-source '10.88.88.2' set protocols bgp system-as '211186' [edit] vyos@vyos# delete protocols bgp peer-group FAST local-role rs-client [edit] vyos@vyos# commit [edit]
Jun 12 2024
documentation : https://github.com/vyos/vyos-documentation/pull/1479
Jun 8 2024
please , Could you share configuration on how to replicate it ? it's also here the guideline about report a bug :
Jun 5 2024
Jun 3 2024
please, read the guidelines that I shared, the point here if it works with our system , is not error in cli structure o functionality you should open a forum topic or support case (in case you have an active subscription), before opening a task here that is not clear.(without configuration ,debug attached or packet capture)
please , read the guidelines on this post . it doesn't see a bug if not a support task:
May 31 2024
May 29 2024
@mersl thanks for confirm.
we've added this ability to configure the topology on isis :
agree ,it's more a feature than a bug : PR https://github.com/vyos/vyos-1x/pull/3537
the problem here is that MT options is enable by default when the RIB has ipv4, if not not-MT is enable by default on IPv4 .So, you need to add additional topologies (ipv6-unicast , ipv6-multicast,etc)
May 28 2024
May 27 2024
tested new cli structure, it combine the new mach-group and old syntax :
May 12 2024
May 11 2024
I've tested and now is working correctly :
add documentation : https://github.com/vyos/vyos-documentation/pull/1444
May 4 2024
May 3 2024
Apr 20 2024
Apr 19 2024
Apr 2 2024
this new command was merge in order to solved this problem :
vyos@vrf-test:~$ show configuration commands | match disable set protocols bgp parameters disable-ebgp-connected-route-check
Mar 29 2024
Mar 21 2024
Feb 22 2024
Jan 31 2024
it think that we can use also something similar to what we use ocserv to generate ssl certificates:
Jan 30 2024
it makes seens , agree with add a Config Error to do not allow both options simultaneously ,.
Jan 29 2024
as I mentioned , it was added in 9.1 as default behavior :
this command was added by default in FRR , but it's supported on lasted version (9.1):
Jan 12 2024
Jan 10 2024
i've re-checked with the new image from GCP and new cloud-init version , it seems to be working as expexted :
Dec 27 2023
this fix is not merge yet : https://github.com/vyos/vyatta-op-vpn/pull/37
Dec 15 2023
some improvements were added in this task , enable or disable the http security headers in the openconnect configuration :
Dec 13 2023
when it's merge , I will test with the controller to see if we are able to get BMP with the new FRR version.
Dec 4 2023
tested on 1.5/1.4 :
Dec 2 2023
PR 1.5/1.4 : https://github.com/vyos/vyos-1x/pull/2564
Dec 1 2023
Nov 17 2023
Do you tested it ? using our current rolling-release
Nov 13 2023
I'll hava a lab with PIM SSM and BFD , I'll update our documentation with those feature with example.
Nov 8 2023
I've tested this flag in both version 1.4 / 1.5 , it seems to work as expected :
tested on 1.4-rolling-202311080309
Nov 6 2023
it's not a bug, this command are able in ospf :
after merge this ldp bug fixed , I saw that now it's already working . Could you check it ? I've tested on a lab and it seems to work :
tested /resolved
Oct 27 2023
Oct 26 2023
@jvoss thanks to confirm !
Oct 25 2023
I've tested this issues in our lasted rolling-realese , after last commit , it seems works without problems :
vyos@vyos# load test.conf Loading configuration from 'test.conf' Load complete. Use 'commit' to make changes effective. [edit] vyos@vyos# compare [policy] + route-map TEST { + rule 10 { + action "permit" + set { + community { + add "65001:1" + } + large-community { + add "4200000000:100:1" + } + } + } + }
Oct 24 2023
exactly , i'll give an example of what is the improving (or new cli) , we have a policy where we can mach different DSCPs associate with REAL TIME or VIOCE . Current in our cli , it would be something like this :
Oct 23 2023
this case was resolved lasted configuration done .
this task is a re-definition from a traffic class , I think it could be more clear if we separate tc-filter in a class-map , so we can define different profiles in our cli based on services :