Page MenuHomeVyOS Platform

roedie (Sander Klein)
User

Projects

User does not belong to any projects.

User Details

User Since
Jul 29 2022, 1:49 PM (69 w, 5 d)

Recent Activity

Sep 11 2023

roedie added a comment to T5080: Conntrack enabled by default.

I just tested this with a firewall config with no connection tracking config enabled, still the conntrack modules are loaded and used.

Sep 11 2023, 2:52 PM · VyOS 1.4 Sagitta

Jun 9 2023

roedie added a comment to T5267: Another corruption on upgrade.

On another router I've changed the base mounts to sync ie: mount /dev/md127 /boot -o remount,rw,noatime,sync before upgrading, but after a reboot it came back corrupted.

Jun 9 2023, 7:04 AM · VyOS 1.4 Sagitta

Jun 8 2023

roedie created T5267: Another corruption on upgrade.
Jun 8 2023, 2:07 PM · VyOS 1.4 Sagitta

Apr 3 2023

roedie added a comment to T5080: Conntrack enabled by default.

I think one of the problems is that all tables are generated even if there are no rules in it.

Apr 3 2023, 7:26 PM · VyOS 1.4 Sagitta

Apr 1 2023

roedie created T5136: Possible config corruption on upgrade.
Apr 1 2023, 7:03 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Jan 11 2023

roedie added a comment to T4918: Odd show interface behavior.

@jestabro I've created the backport PR just now.

Jan 11 2023, 7:08 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
roedie added a comment to T4918: Odd show interface behavior.

Will push the backport for 1.3 as well.

Jan 11 2023, 6:26 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Jan 7 2023

roedie closed T4884: Missing a community6 in snmpd config as Resolved.
Jan 7 2023, 8:57 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Jan 6 2023

roedie created T4918: Odd show interface behavior.
Jan 6 2023, 7:40 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Dec 31 2022

roedie created T4903: conntrack ignore does not suppotr IPv6 addresses.
Dec 31 2022, 3:53 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Dec 18 2022

roedie moved T4884: Missing a community6 in snmpd config from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Dec 18 2022, 6:57 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Dec 17 2022

roedie added a comment to T4809: radvd: Allow use of AdvRASrcAddress.

Backport for this PR. I am not running 1.3 so YMMV.

Dec 17 2022, 5:10 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
roedie updated subscribers of T4884: Missing a community6 in snmpd config.

Had a quick look at the 1.3 implementation and it seems the bug isn't present there. So no back-porting needed @c-po

Dec 17 2022, 4:52 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Dec 16 2022

roedie added a comment to T4809: radvd: Allow use of AdvRASrcAddress.

After screwin up the previous PR:
https://github.com/vyos/vyos-1x/pull/1712

Dec 16 2022, 10:00 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
roedie added a comment to T4884: Missing a community6 in snmpd config.

https://github.com/vyos/vyos-1x/pull/1711

Dec 16 2022, 9:04 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
roedie changed the status of T4884: Missing a community6 in snmpd config from Open to In progress.
Dec 16 2022, 8:54 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
roedie claimed T4884: Missing a community6 in snmpd config.
Dec 16 2022, 8:53 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
roedie created T4884: Missing a community6 in snmpd config.
Dec 16 2022, 8:53 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Nov 23 2022

roedie closed T4835: SNMPD configuration incorrect for IPv6 as Resolved.
Nov 23 2022, 7:18 PM · VyOS 1.4 Sagitta
roedie added a comment to T4794: show firewall name <name> - Can't use .items() on a list.

This task can be closed since the PR is merged.

Nov 23 2022, 6:43 PM · VyOS 1.4 Sagitta
roedie closed T4526: keepalived-fifo.py unable to load config as Resolved.
Nov 23 2022, 6:23 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie moved T4835: SNMPD configuration incorrect for IPv6 from Need Triage to Finished on the VyOS 1.4 Sagitta board.

https://github.com/vyos/vyos-1x/pull/1675

Nov 23 2022, 6:22 PM · VyOS 1.4 Sagitta
roedie changed the status of T4835: SNMPD configuration incorrect for IPv6 from Open to In progress.
Nov 23 2022, 6:14 PM · VyOS 1.4 Sagitta
roedie created T4835: SNMPD configuration incorrect for IPv6.
Nov 23 2022, 6:14 PM · VyOS 1.4 Sagitta

Nov 16 2022

roedie added a comment to T4794: show firewall name <name> - Can't use .items() on a list.

https://github.com/vyos/vyos-1x/pull/1661

Nov 16 2022, 7:30 PM · VyOS 1.4 Sagitta

Nov 8 2022

roedie changed the status of T4809: radvd: Allow use of AdvRASrcAddress from Open to In progress.
Nov 8 2022, 8:58 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
roedie added a comment to T4809: radvd: Allow use of AdvRASrcAddress.

I've added PR https://github.com/vyos/vyos-1x/pull/1649 for review. Not tested yet, I want to know if I'm on the right path.

Nov 8 2022, 8:57 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
roedie created T4809: radvd: Allow use of AdvRASrcAddress.
Nov 8 2022, 8:47 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Oct 30 2022

roedie added a comment to T4526: keepalived-fifo.py unable to load config.

Done: https://github.com/vyos/vyos-1x/pull/1630

Oct 30 2022, 2:53 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta

Oct 10 2022

roedie reopened T4526: keepalived-fifo.py unable to load config as "Backport pending".
Oct 10 2022, 9:18 AM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie added a comment to T4526: keepalived-fifo.py unable to load config.

@florin If this is needed I'll make a pull request coming week.

Oct 10 2022, 9:17 AM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta

Sep 18 2022

roedie claimed T4639: Crowdsec in VyOS (Blocking only).
Sep 18 2022, 5:57 PM · VyOS 1.4 Sagitta

Sep 17 2022

roedie moved T4526: keepalived-fifo.py unable to load config from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 8:34 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie moved T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 17 2022, 8:31 PM · VyOS 1.4 Sagitta
roedie closed T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 as Resolved.

It works for me (tm)

Sep 17 2022, 8:30 PM · VyOS 1.4 Sagitta

Sep 10 2022

roedie added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.
In T1185#133944, @sdev wrote:

A similar syntax change is in progress as part of a larger firewall refactor. It should reach the 1.4 branch in a week or so. It should allow for any valid existing interface name.

Sep 10 2022, 6:31 PM · VyOS 1.3 Equuleus (1.3.5)
roedie added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

Or, come to think, some free from of set interfaces unknown <typeyourownname> firewall local name <ruleset> where you can only config stuff that doesn't really depend on an interface.

Sep 10 2022, 6:17 PM · VyOS 1.3 Equuleus (1.3.5)
roedie added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

Just a suggestion, would it be a weird idea to move the firewall config from the interface section to the firewall section? A bit like the zone config. So something like:

Sep 10 2022, 6:09 PM · VyOS 1.3 Equuleus (1.3.5)

Sep 8 2022

roedie closed T4526: keepalived-fifo.py unable to load config as Resolved.

I've tested this and it seems to work correctly.

Sep 8 2022, 5:11 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie added a comment to T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3.

The interface naming is incorrect after this change for the second interface with the same VRID. It breaks show int.

Sep 8 2022, 2:54 PM · VyOS 1.4 Sagitta

Sep 2 2022

roedie added a comment to T3933: The firewall does not filter incoming traffic on the interface with vrf..

In case of filtering on a VRF, would it be an idea to use the MAC address instead of the interface name in the rule?

Sep 2 2022, 7:45 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
roedie added a comment to T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3.

https://github.com/vyos/vyos-documentation/pull/845 for docs

Sep 2 2022, 7:13 PM · VyOS 1.4 Sagitta
roedie added a comment to T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3.

I will modify the docs.

Sep 2 2022, 10:17 AM · VyOS 1.4 Sagitta

Sep 1 2022

roedie added a comment to T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3.

I do see I need to update the docs. Will do if this change is going to be merged.

Sep 1 2022, 9:46 AM · VyOS 1.4 Sagitta
roedie created T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3.
Sep 1 2022, 9:16 AM · VyOS 1.4 Sagitta

Aug 23 2022

roedie added a comment to T4635: Add zebra option ip nht resolve-via-default as default option.

While reading the FRR docs I see it is only used in BGP and nowhere else. That would make something like set protocols bgp parameters next-hop-track resolve-via-default logical.

Aug 23 2022, 4:13 PM · VyOS 1.4 Sagitta
roedie created T4639: Crowdsec in VyOS (Blocking only).
Aug 23 2022, 2:18 PM · VyOS 1.4 Sagitta
roedie added a comment to T4635: Add zebra option ip nht resolve-via-default as default option.

@Viacheslav Do you just want this option added to the zebra config, or you it also be possible to enable/disable this via the conf mode?

Aug 23 2022, 1:02 PM · VyOS 1.4 Sagitta

Aug 22 2022

roedie added a comment to T4526: keepalived-fifo.py unable to load config.

https://github.com/vyos/vyos-1x/pull/1486 try#2

Aug 22 2022, 7:51 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie added a comment to T4526: keepalived-fifo.py unable to load config.

I've create a PR which does the retry part. It retries 10 time every 0.5 seconds until it succeeds or it's out of retries.

Aug 22 2022, 4:14 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie added a comment to T4526: keepalived-fifo.py unable to load config.

The problem here seems to be that keepalived is started before the complete commit is finished. So conf.get_config_dict() fails to get the config.

Aug 22 2022, 2:21 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie added a comment to T4633: Change keepalived to v2.2.7.

Created PR for this https://github.com/vyos/vyos-build/pull/256

Aug 22 2022, 1:20 PM · VyOS 1.4 Sagitta
roedie added a comment to T4634: Bgp neighbor disable-connected-check does not work.

Hi, I've created https://github.com/vyos/vyos-1x/pull/1483 for this one.

Aug 22 2022, 11:28 AM · VyOS 1.4 Sagitta

Aug 21 2022

roedie created T4633: Change keepalived to v2.2.7.
Aug 21 2022, 7:04 PM · VyOS 1.4 Sagitta

Jul 31 2022

roedie created T4581: 'show system cpu' not working.
Jul 31 2022, 7:42 PM · VyOS 1.4 Sagitta