frr task related to this incident : https://github.com/FRRouting/frr/issues/16095 and forum case: https://forum.vyos.io/t/issues-with-mp-bgp-and-ipv6-link-local-peers-using-extended-next-hop/15781

here is C code where is Fixed for Versions: 10.0.3, 10.1.2, 10.2.1, 10.3 : https://github.com/FRRouting/frr/pull/17586/commits/b0800bfdf04b4fcf48504737ebfe4ba7f05268d3 , but I think it shouldn't affect to frr- 9.1.2 which is used in the 1.4 sagitta, it was refactored in the newest version :

@sarthurdev i think it can be good idea to those case , what do you think ? @dmbaturin @jestabro

tested with the fixed done by @natali-rs1985 : , works with ports as well :

we've added this new feature called Server bridge , it's available in 1.5 and backported 1.4:

merge and tested in both version .

PR https://github.com/vyos/vyos-1x/pull/4001

I think it has a interesting option `ethtool -K ethX ntuple [on|offwhich is interesting has the knowledge , we can keep it as a part the main task .

this task is already created, it involved many offload/NIC tunning which are described on this :

Documentation :
https://github.com/vyos/vyos-documentation/pull/1521

new structure was added :

PR : https://github.com/vyos/vyos-1x/pull/3920

tested and resolved : VyOS 1.5-rolling-202407251105

tested and resolved, we've added this change in our cli to fix this deprecate option in opnvpn :

[edit]
vyos@vyos-ser-win# set interfaces openvpn vtun10 server topology
Possible completions:
   subnet               Subnet topology (recommended) (default)
   point-to-point       Point-to-point topology
   net30                net30 topology (deprecated)

I've tested in the new version , the problem with default net30 , it is already there .however , when the new version started show a warning message that migrating from net30 to subnet because is going to be deprecated :

In T6211#194799, @stephenmcmahon wrote:

In T6211#189615, @Viacheslav wrote:

Probably the best way will be moving the config to the vrf section (not implemented)
For example:

set vrf name foo service dhcp-server shared-network-name eth1 option default-router '192.168.1.1'
set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 lease '300'
set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 range default start '192.168.1.10'
set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 range default stop '192.168.1.100'
set vrf name foo service dhcp-server shared-network-name eth1 subnet 192.168.1.0/24 subnet-id '1'

task related : https://vyos.dev/T4025

I've checked this bug , it's still present the vesion 1.4./1.5 and the 1.3.x , this problem is related to the update of the new version (openvpn) where the syntax to create a tunnel tap (layer2) is changed , this command allow to transport frame and it's needed when you want to bridge a vtun :

I've created the FRR bug report :

confirm that it works as well , spoke to spoke connection adding authentication. :

@volodymyr.huti I've checked a hub & spoke with Cisco nhrp and opennhrp , it works ,although, it has some issues related to establish spoke to spoke tunnel or when removing the password , here is my environment (it was merged for the master branch, not backport to stable) .

here we can add some prevention to raise error, to avoid that someone uses in EBGP a profile to IBGP, because, the problem is under FRR which syntax brakes the frr-cli.

I've tested it, the problem here is because you change a wrong local role , in your configuration is a rs-client ( IBGP relationship) but when you move to rs-server ( only works with EBGP , this attribute reflect EBGP routes to bgp router clients ) , so, that it's reason why you are not allowed to change :
VyOS :

vyos@vyos# run show configuration commands | match bgp
set protocols bgp neighbor 10.88.88.255 address-family ipv4-unicast
set protocols bgp neighbor 10.88.88.255 peer-group 'FAST'
set protocols bgp peer-group FAST capability dynamic
set protocols bgp peer-group FAST graceful-restart 'enable'
set protocols bgp peer-group FAST local-role rs-client
set protocols bgp peer-group FAST password 'F@st123!'
set protocols bgp peer-group FAST remote-as '211186'
set protocols bgp peer-group FAST update-source '10.88.88.2'
set protocols bgp system-as '211186'
[edit]
vyos@vyos# delete protocols bgp peer-group FAST local-role rs-client
[edit]
vyos@vyos# commit
[edit]

documentation : https://github.com/vyos/vyos-documentation/pull/1479

@a.apostoliuk

please , Could you share configuration on how to replicate it ? it's also here the guideline about report a bug :

please, read the guidelines that I shared, the point here if it works with our system , is not error in cli structure o functionality you should open a forum topic or support case (in case you have an active subscription), before opening a task here that is not clear.(without configuration ,debug attached or packet capture)

please , read the guidelines on this post . it doesn't see a bug if not a support task:

PR : https://github.com/vyos/vyos-1x/pull/3571

@mersl thanks for confirm.

we've added this ability to configure the topology on isis :

agree ,it's more a feature than a bug : PR https://github.com/vyos/vyos-1x/pull/3537

the problem here is that MT options is enable by default when the RIB has ipv4, if not not-MT is enable by default on IPv4 .So, you need to add additional topologies (ipv6-unicast , ipv6-multicast,etc)

tested new cli structure, it combine the new mach-group and old syntax :

I've tested and now is working correctly :

add documentation : https://github.com/vyos/vyos-documentation/pull/1444

PR https://github.com/vyos/vyos-1x/pull/3410

PR: https://github.com/vyos/vyos-1x/pull/3333

this new command was merge in order to solved this problem :

vyos@vrf-test:~$ show configuration commands | match disable
set protocols bgp parameters disable-ebgp-connected-route-check

PR:https://github.com/vyos/vyos-1x/pull/3212