User Details
- User Since
- Mar 8 2023, 12:11 PM (90 w, 5 d)
Wed, Nov 6
Oct 10 2024
I just bit on this in prod causing one very unhappy IX to write unhappy emails.
ETICKET, sorry.
Jul 15 2024
Moin,
i currently bit on this in 1.4.0; The issue is that, ideally LE reissuance should be automated in the background. One can, of course, add a ca statement. However, that statement is single-valued, i.e., if a reissuance due to the cycling of intermediates (see: https://letsencrypt.org/certificates/) ends up with another intermediate, configuration breaks.
Imho, this should be reflected in the documentation, at least; Ideally with an example for how to import the most recent ACME intermediates.
Apr 6 2024
Feb 13 2024
The patch is btw here, in case anyone want to use it as inspiration: https://github.com/vyos/vyos-1x/compare/current...ichdasich:vyos-1x:bgp_large_community_validator_new
Honestly? Rather not. Even though i have been testing this extensively, there needs to be some discussion re: old-config-impact (+some testing); Similarly, _ideally_ this would not just go for standard python regex, but instead try to figure out what frr _acutally_ uses. So, while a poc, i think this needs a bit more work.
Oct 26 2023
Apr 10 2023
kk, will try to remember to setup a box for that; Usually rolling my own images. ;-)
What is meant with testing? Writing the unit tests? Or seeing whether it actually works? If it is the latter, this is in prod on my boxes for roughly a month ;-)
done
Mar 10 2023
Wanted to have the ticketid to write the right commit message right away. Diff is here: https://github.com/vyos/vyos-1x/compare/current...ichdasich:vyos-1x:filtered_routes
Mar 9 2023
Just put this on a live system, and it behaves as intended (so far). Special meaning of _ would certainly have to be added to the check, i guess, but that needs further delving into bgp-regex syntax.
Let me give it another test-run in a bit and then i'll issue a PR.