SNMP community should stay. If it should be removed it can be handled via dedicates task
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Dec 6 2019
Dec 6 2019
c-po moved T1470: improve output of "show dhcpv6 server leases" from Backlog to Finished on the VyOS 1.2 Crux (VyOS 1.2.4) board.
c-po moved T1485: Enable 'AdvIntervalOpt' option in for radvd.conf from In Progress to Finished on the VyOS 1.2 Crux (VyOS 1.2.4) board.
c-po moved T1857: strip-private pipe option does not handle IPv6 addresses on interfaces from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.4) board.
c-po edited projects for T1857: strip-private pipe option does not handle IPv6 addresses on interfaces, added: VyOS 1.2 Crux (VyOS 1.2.4); removed VyOS 1.2 Crux (VyOS 1.2.5).
c-po moved T1860: Update WireGuard to Debian release 0.0.20191127-2 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1859: Update Linux Kernel to v4.19.88 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1847: set_level incorrectly handles path given as empty string from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1852: ifconfig.py - apply interface config takes long from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1849: DHCPv6 client does not start from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1854: Dynamic DNS configuration cannot be deleted from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T1568: strip-private command improvement for additional masking of IPv6 and MAC address from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po renamed T1568: strip-private command improvement for additional masking of IPv6 and MAC address from strip-private command improvement for additional masking to strip-private command improvement for additional masking of IPv6 and MAC address.
c-po added a comment to T1568: strip-private command improvement for additional masking of IPv6 and MAC address.
c-po assigned T1568: strip-private command improvement for additional masking of IPv6 and MAC address to Unknown Object (User).
c-po added a comment to T1568: strip-private command improvement for additional masking of IPv6 and MAC address.
backported 20822ca3 to crux
c-po renamed T1849: DHCPv6 client does not start from A bug caused by DHCPv6 client to DHCPv6 client does not start.
hagbard changed the status of T1845: syslog host no longer accepts a port from In progress to Needs testing.
c-po closed T1860: Update WireGuard to Debian release 0.0.20191127-2, a subtask of T1859: Update Linux Kernel to v4.19.88, as Resolved.
Works as expected in VyOS 1.2-rolling and 1.3-rolling.
Unknown Object (User) triaged T1858: l2tp: Delete deprecated outside-nexthop and add gateway-address as Normal priority.
Unknown Object (User) added a comment to T1349: L2TP remote-access vpn terminated and not showing as connected.
Hello @primoz , seems you right. left|rightnexthop deprecated in strongswan.
This parameter is usually not needed any more because the NETKEY IPsec stack does not require explicit routing entries for the traffic to be tunneled. If left|sourceip is used with IKEv1 then left|rightnexthop must still be set in order for the source routes to work properly.
And in CLI rolling l2tp implementation we need replace outside-nexthop to gw-ip-address.
c-po edited projects for T1857: strip-private pipe option does not handle IPv6 addresses on interfaces, added: VyOS 1.2 Crux (VyOS 1.2.5); removed VyOS 1.2 Crux.
c-po added a comment to T1629: IP addresses configured on vif-s interfaces are not added to the system.
I pick this up as I did the rewrite of this whole stuff
@Viacheslav thank you for testing!
I have tried multiple times to reproduce this with 1.2-rolling-201912060217 with no luck. It would be great if together with logs you will provide a detailed description of the environment. Because, possible that even CPU cores count or memory size can lead to some condition, in which dhclient-script cannot get proper values from config and add unwanted servers to the resolv.conf.
c-po edited projects for T1856: Support configuring IPSec SA bytes, added: VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.
@zsdc Maybe Incorrect file location. "ddclient.pid"
kroy added a comment to T1851: wireguard - changing the pubkey on an existing peer seems to destroy the running config..
Okay, so this problem just got a LOT more bizarre.
Dec 5 2019
Dec 5 2019
The runtime errors are fixed by the above commit.
dmbaturin added a parent task for T1826: Misleading message on "reboot at" command: T1855: Clean up the reboot/poweroff CLI and script.
dmbaturin renamed T1826: Misleading message on "reboot at" command from Missleading message on "reboot at" command to Misleading message on "reboot at" command.
hagbard added a comment to T1851: wireguard - changing the pubkey on an existing peer seems to destroy the running config..
@kroy I can't really reproduce it if I disable the peer first when multiple peers are defined on the same wg interface.
Can you please do a touch /tmp/vyos.ifconfig.debug and then run your commands and post it here?
It will show you the commands execute for each step like:
vyos@wg01# set interfaces wireguard wg0 peer wg02 disable [edit] vyos@wg01# commit [ interfaces wireguard wg0 ] DEBUG/wg0 write '1420' > '/sys/class/net/wg0/mtu' DEBUG/wg0 write 'wg0' > '/sys/class/net/wg0/ifalias' DEBUG/wg0 cmd 'wg set wg0 peer G1aA2KkyFyC8xsCUeENvuIW8HC5yDxwi902nR20592Y= remove' DEBUG/wg0 cmd 'wg set wg0 listen-port 12345 fwmark 0 private-key /config/auth/wireguard/default/private.key peer hbwJSCu6SGUKIReNhWxlDIFRNCl5L7PaUSYOo2BF+Rg= preshared-key /dev/null allowed-ips 10.100.100.3/32 endpoint 10.1.1.203:12345 persistent-keepalive 0' DEBUG/wg0 cmd 'ip link set dev wg0 up'
hagbard moved T1853: wireguard - disable peer doesn't work from Need Triage to Finished on the VyOS 1.3 Equuleus board.
hagbard changed the status of T1853: wireguard - disable peer doesn't work , a subtask of T1851: wireguard - changing the pubkey on an existing peer seems to destroy the running config., from In progress to Needs testing.
hagbard changed the status of T1853: wireguard - disable peer doesn't work from In progress to Needs testing.
looks like i had an old version, newer iso doesn't show that issue.
jjakob awarded T1354: Add support for VLAN-Aware bridges a Like token.
zsdc changed the status of T1854: Dynamic DNS configuration cannot be deleted from Open to Confirmed.
There have been some time since i've managed to work on this now, and in the mean-time the whole ethernet/bridge sertup have been rewritten into python, so i need to restart my work on this implementation , also the bridge membership part is moved around in the cli so information in this ticket is out-of-sync with the current implementation and needs to be rethinked
hagbard changed the status of T1853: wireguard - disable peer doesn't work , a subtask of T1851: wireguard - changing the pubkey on an existing peer seems to destroy the running config., from Open to In progress.
hagbard changed the status of T1853: wireguard - disable peer doesn't work from Open to In progress.
DEBUG/wg0 cmd 'ip link add dev wg0 type wireguard' DEBUG/wg0 cmd 'ip addr add "10.100.100.1/32" dev "wg0"' DEBUG/wg0 cmd 'ip addr add "2001:db8::1/128" dev "wg0"' DEBUG/wg0 write '1420' > '/sys/class/net/wg0/mtu' DEBUG/wg0 write 'wg0' > '/sys/class/net/wg0/ifalias' DEBUG/wg0 cmd 'wg set wg0 listen-port 12345 fwmark 0 private-key /config/auth/wireguard/default/private.key peer G1aA2KkyFyC8xsCUeENvuIW8HC5yDxwi902nR20592Y= preshared-key /dev/null allowed-ips 0.0.0.0/0,::/0 endpoint 10.1.1.201:12345 persistent-keepalive 0' DEBUG/wg0 cmd 'ip link set dev wg0 up' DEBUG/wg0 read 'unknown' < '/sys/class/net/wg0/operstate' DEBUG/wg0 read 'unknown' < '/sys/class/net/wg0/operstate' [...] Interface wg0 could not be brought up in time ...
hagbard added a comment to T1851: wireguard - changing the pubkey on an existing peer seems to destroy the running config..
What were the steps you used when you upated the pubkey?
kroy added a comment to T1851: wireguard - changing the pubkey on an existing peer seems to destroy the running config..
When the config was gone, the processes still seemed to be running
Could you provide the log output in a case when DNS servers, received from DHCP appears in resolv.conf? As I understand, it should happen immediately after the boot.
Also, please, check if they are not deleting after the first DHCP lease renewal.
hagbard updated the task description for T1850: syslog protocol can be set multiple times per facility for the same host.
hagbard changed the status of T1845: syslog host no longer accepts a port from Needs testing to In progress.
Just a quick note that this issue remains in 1.2.4-epa1
hagbard added a comment to T1828: Missing completion helper for "set system syslog host 192.0.2.1 facility all protocol".
You can via https://github.com/vyos/vyos-1x/commit/dad110ce666edae42ac18c59a800bda503589f27, which just sets the completion help.
For T1845, yes it solves the issue with setting address:port _and_ moves protocol up from facility to host. Do you want me to revert and do 2 commits, which requires then 2 migrations, once for address:port and one to solve the logical issue with protocol. Right now you can set a different protocol for different facilities for the same host.
Unknown Object (User) changed the status of T1784: DMVPN with IPSec does not work in HUB mode from Confirmed to Needs testing.
jestabro closed T1847: set_level incorrectly handles path given as empty string, a subtask of T1758: Switch vyos.config to libvyosconfig, as Resolved.
xzjt renamed T1849: DHCPv6 client does not start from A bug caused by a DHCPv6 client to A bug caused by DHCPv6 client.
Wrong logic.
Need to return line 108 code
print (cmd.decode (). split (",", 1) [0])Bug in latest rolling
Please reopen T1786 in case of further troubles.
I can't so I've reopened this one; I don't have permissions to do this :(
c-po added a comment to T1828: Missing completion helper for "set system syslog host 192.0.2.1 facility all protocol".
Wha cant the change which adds the completion helper be backported? Git best practice is you should group changes per commit. But in this commit you add the completion helper and also other regexes (BAD!)
I agree. If it works in a way that is consistent with what the command promises, let's use it.
Dec 4 2019
Dec 4 2019
hagbard added a comment to T1828: Missing completion helper for "set system syslog host 192.0.2.1 facility all protocol".
hagbard changed the status of T1845: syslog host no longer accepts a port from In progress to Needs testing.
The fix suggested in the pull request did not resolve the issue as a consequence of T1847. With that issue resolved, we can consider this merge.
jestabro changed the status of T1847: set_level incorrectly handles path given as empty string from Open to In progress.
@christopher.crews07
In you example some mistake (2 times vif-s)
This bug is fixed in latest rolling releases 1.3.
Tested on
[email protected]# run show vers Version: VyOS 1.3-rolling-201912040242
Thanks