User Details
- User Since
- Jul 28 2021, 5:47 PM (191 w, 5 d)
Dec 1 2023
Note: Mikrotik's RouterOS can add received IPv6 prefixes to a pool in its DHCPv6 client configuration, then the pool can be configured for DHCPv6 server to hand out addresses or sub-prefixes: https://wiki.mikrotik.com/wiki/Manual:IPv6/DHCP_Client
Sep 30 2023
@Viacheslav This doesn't seem to be related. This PR is merged to 1.5 instead of 1.4.
Sep 17 2023
@Apachez The empty table inet vyos_offload is to ensure the table exists before deleting its content. Regarding hardware offload, I don't have a hardware supporting that. The implementation is totally based on documentation and I don't add any checks before applying the nftables config.
Sep 15 2023
Some extra lines were mistakenly included during rebase:
Sep 14 2023
@fernando This is really nice. Thank you for the testing!
Sep 12 2023
Sep 11 2023
pim6reg is created by FFR's pim6d. It seems to me that it will create such as interface for each VRF. Does this interface have any functional impact on your setup?
Sep 10 2023
@Apachez I am running kernel 6.1.49-amd64-vyos and this works fine with my local setup.
The patch is already in linux kernel since at least 4.3 (you can confirm with https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/log/include/net/netfilter/nf_conntrack_zones.h?h=linux-4.3.y), but it was added to nft command only since Feb 2017: https://git.netfilter.org/nftables/commit/src/ct.c?id=ed66d9966294a3bab6c8611e369861ba57374743
You can test this approach on a running VyOS router using following commands:
I created a PR to fix this issue by using direction parameter of conntrack zones: https://github.com/vyos/vyos-1x/pull/2236
I have a very basic VRF setup and it works fine. It would be much appreciated if someone could test this with more complex VRF setup.
https://github.com/vyos/vyos-1x/pull/2233 to fix the smoketest.
Sep 9 2023
Sep 3 2023
Aug 28 2023
https://github.com/vyos/vyos-1x/pull/2180 implement a workaround by changing the default values of stdout and stderr from PIPE to None.
Aug 27 2023
Jun 29 2023
I opened PR https://github.com/vyos/vyos-1x/pull/2062 for this.
Feb 28 2023
Feb 4 2023
A basic implementation: https://github.com/vyos/vyos-1x/pull/1800
Jan 15 2023
Jan 12 2023
Jan 7 2023
Dec 30 2022
Dec 29 2022
Dec 27 2022
Dec 17 2022
Nov 21 2022
Nov 20 2022
1.3 backport https://github.com/vyos/vyos-1x/pull/1670
Nov 15 2022
Nov 14 2022
Created PR to fix this: https://github.com/vyos/vyos-1x/pull/1656
This issue also exists in 1.3 though I didn't backport it.
Jul 22 2022
@aaliddell I am not too concerned about tayga's maintenance. It have been proved to work well for years, and the package is already a part of the official repository of debian. Actually debian's tayga package includes a few patches: https://salsa.debian.org/debian/tayga/-/tree/debian/master/debian/patches
Jul 21 2022
Jul 11 2022
Prototype PR using Tayga: https://github.com/vyos/vyos-1x/pull/1408
Jul 8 2022
I would suggest going with tayga if this feature is planned to be implemented.
Jul 7 2022
Jul 3 2022
I already tested the PR before submitting:
Jun 30 2022
@Viacheslav There is already a set interfaces bridge brN igmp node. If the default option is enabled, I think set interfaces bridge brN igmp disable-snooping would sound better.
I prefer to have IGMP snooping disabled as the default option, since improper IGMP snooping causes issues while disabling IGMP snooping doesn't.
Jun 29 2022
PR to add the option: https://github.com/vyos/vyos-1x/pull/1378
Sep 24 2021
I met the same issue. Currently bridge vifs are missing firewall options.
Sep 23 2021
I created a PR to add those options to the config system, but I am not sure if anything else needs to be changed to support them: https://github.com/vyos/vyatta-cfg-quagga/pull/88
Aug 7 2021
I'm also affected by this. My configuration has about 5k ip prefixes in network group for policy based routing.
Jul 31 2021
@Viacheslav Hi, I saw it was fixed in current branch. Is there a plan to backport the fix to 1.3?