PR for 1.3 https://github.com/vyos/vyos-1x/pull/1046
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Oct 26 2021
It seems in some cases we need just "reload" to re-read configuration
Same procedure on 1.2.8, when adding new settings to master, it all remains as master.
Log after commit
PR for 1.4 https://github.com/vyos/vyos-1x/pull/1045
It seems to be because of the keepalived reloading at "commit".
Oct 25 2021
@Viacheslav this is great. I hope to get around to testing it this week.
WIll be added in the next rolling release, @johannrichard could you test it?
Blocker: https://github.com/FRRouting/frr/issues/9885 this makes OSPF VRFs fail currently
Oct 24 2021
vyos@gw-1:~$ show interfaces ethernet eth1 physical
Settings for eth1:
Supported ports: [ TP ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Supported pause frame use: Symmetric Supports auto-negotiation: Yes Supported FEC modes: Not reported Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Advertised pause frame use: Symmetric Advertised auto-negotiation: Yes Advertised FEC modes: Not reported Speed: 1000Mb/s Duplex: Full Port: Twisted Pair PHYAD: 1 Transceiver: internal Auto-negotiation: on MDI-X: off (auto) Supports Wake-on: pumbg Wake-on: g
:...skipping...
Settings for eth1:
Supported ports: [ TP ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Supported pause frame use: Symmetric Supports auto-negotiation: Yes Supported FEC modes: Not reported Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Advertised pause frame use: Symmetric Advertised auto-negotiation: Yes Advertised FEC modes: Not reported Speed: 1000Mb/s Duplex: Full Port: Twisted Pair PHYAD: 1 Transceiver: internal Auto-negotiation: on MDI-X: off (auto) Supports Wake-on: pumbg Wake-on: g Current message level: 0x00000007 (7) drv probe link Link detected: yes
driver: igb
version: 5.6.0-k
firmware-version: 0. 6-1
expansion-rom-version:
bus-info: 0000:02:00.0
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: yes
~
vyos@gw-1:~$ show interfaces ethernet eth2 physical
Settings for eth2:
Supported ports: [ TP ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Supported pause frame use: Symmetric Supports auto-negotiation: Yes Supported FEC modes: Not reported Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Advertised pause frame use: Symmetric Advertised auto-negotiation: Yes Advertised FEC modes: Not reported Speed: 100Mb/s Duplex: Full Port: Twisted Pair PHYAD: 1 Transceiver: internal Auto-negotiation: on MDI-X: on (auto) Supports Wake-on: pumbg Wake-on: g Current message level: 0x00000007 (7) drv probe link Link detected: yes
driver: igb
version: 5.6.0-k
firmware-version: 0. 6-1
expansion-rom-version:
bus-info: 0000:03:00.0
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: yes
vyos@gw-1:~$
Oct 23 2021
What is the hardware used? It's weird that ethtool can not detect the NIC driver.
anything new here?
The client (IP: 192.168.122.78) doesn't connect to VyOS via OpenConnect VPN.
Tested on version: VyOS 1.3.0-epa2
The old FRR command states:
Same as T3919
I confirm. Same as T3934
Reverted back to "4.19.195"
This bug has been raised for 2 years and has not been closed yet. Is it because it has not been resolved?
Oct 22 2021
https://github.com/vyos/vyos-build/commit/402d80498683f298be1dd3581cb0143362ceb561 - developers are reverting to kernel 4.19.207. But this is the kernel that started the problem.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1039
To reproduce:
[edit vpn sstp] vyos@r4-epa1# compare [edit vpn sstp] +authentication { + local-users { + username foo { + password bar + } + } + mode local +} +client-ipv6-pool { + prefix 2001:db8::/48 { + } +} +gateway-address 192.168.122.14 +ssl { + ca-cert-file /config/user-data/sstp/ca.crt + cert-file /config/user-data/sstp/server.crt + key-file /config/user-data/sstp/server.key +} [edit vpn sstp] vyos@r4-epa1# commit [ vpn ] Note: the IPsec process will not start until you configure some tunnels, profiles, or L2TP/IPsec settings
It uses PKI.