- User Since
- Jul 28 2021, 5:47 PM (113 w, 3 d)
@Viacheslav This doesn't seem to be related. This PR is merged to 1.5 instead of 1.4.
Sun, Sep 17
@Apachez The empty table inet vyos_offload is to ensure the table exists before deleting its content. Regarding hardware offload, I don't have a hardware supporting that. The implementation is totally based on documentation and I don't add any checks before applying the nftables config.
Fri, Sep 15
Some extra lines were mistakenly included during rebase:
Thu, Sep 14
@fernando This is really nice. Thank you for the testing!
Mon, Sep 11
pim6reg is created by FFR's pim6d. It seems to me that it will create such as interface for each VRF. Does this interface have any functional impact on your setup?
Sun, Sep 10
@Apachez I am running kernel 6.1.49-amd64-vyos and this works fine with my local setup.
The patch is already in linux kernel since at least 4.3 (you can confirm with https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/log/include/net/netfilter/nf_conntrack_zones.h?h=linux-4.3.y), but it was added to nft command only since Feb 2017: https://git.netfilter.org/nftables/commit/src/ct.c?id=ed66d9966294a3bab6c8611e369861ba57374743
You can test this approach on a running VyOS router using following commands:
I created a PR to fix this issue by using direction parameter of conntrack zones: https://github.com/vyos/vyos-1x/pull/2236
I have a very basic VRF setup and it works fine. It would be much appreciated if someone could test this with more complex VRF setup.
https://github.com/vyos/vyos-1x/pull/2233 to fix the smoketest.
Sun, Sep 3
Aug 28 2023
https://github.com/vyos/vyos-1x/pull/2180 implement a workaround by changing the default values of stdout and stderr from PIPE to None.
Aug 27 2023
Jun 29 2023
I opened PR https://github.com/vyos/vyos-1x/pull/2062 for this.
Feb 4 2023
A basic implementation: https://github.com/vyos/vyos-1x/pull/1800
Jan 12 2023
Jan 7 2023
Dec 29 2022
Dec 27 2022
Nov 21 2022
Nov 20 2022
1.3 backport https://github.com/vyos/vyos-1x/pull/1670
Nov 14 2022
Created PR to fix this: https://github.com/vyos/vyos-1x/pull/1656
This issue also exists in 1.3 though I didn't backport it.
Jul 22 2022
@aaliddell I am not too concerned about tayga's maintenance. It have been proved to work well for years, and the package is already a part of the official repository of debian. Actually debian's tayga package includes a few patches: https://salsa.debian.org/debian/tayga/-/tree/debian/master/debian/patches
Jul 21 2022
Jul 11 2022
Prototype PR using Tayga: https://github.com/vyos/vyos-1x/pull/1408
Jul 8 2022
I would suggest going with tayga if this feature is planned to be implemented.
Jul 7 2022
Jul 3 2022
I already tested the PR before submitting:
Jun 30 2022
@Viacheslav There is already a set interfaces bridge brN igmp node. If the default option is enabled, I think set interfaces bridge brN igmp disable-snooping would sound better.
I prefer to have IGMP snooping disabled as the default option, since improper IGMP snooping causes issues while disabling IGMP snooping doesn't.
Jun 29 2022
PR to add the option: https://github.com/vyos/vyos-1x/pull/1378
Sep 24 2021
I met the same issue. Currently bridge vifs are missing firewall options.
Sep 23 2021
I created a PR to add those options to the config system, but I am not sure if anything else needs to be changed to support them: https://github.com/vyos/vyatta-cfg-quagga/pull/88
Aug 7 2021
I'm also affected by this. My configuration has about 5k ip prefixes in network group for policy based routing.
Jul 31 2021
@Viacheslav Hi, I saw it was fixed in current branch. Is there a plan to backport the fix to 1.3?