PR for 1.3 https://github.com/vyos/vyos-1x/pull/1046
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Oct 26 2021
Oct 26 2021
Viacheslav changed the status of T3945: Add route-map for bgp aggregate-address from Open to Needs testing.
Viacheslav moved T3942: Generate IPSec debug archive from op-mode from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav renamed T3945: Add route-map for bgp aggregate-address from Add route-map for aggregate-address to Add route-map for bgp aggregate-address.
It seems in some cases we need just "reload" to re-read configuration
Same procedure on 1.2.8, when adding new settings to master, it all remains as master.
Log after commit
PR for 1.4 https://github.com/vyos/vyos-1x/pull/1045
Viacheslav changed the status of T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command from In progress to Needs testing.
Unknown Object (User) added a comment to T3944: VRRP fails over when adding new group to master.
It seems to be because of the keepalived reloading at "commit".
Unknown Object (User) changed the status of T3944: VRRP fails over when adding new group to master from Open to Confirmed.
zsdc changed the status of T3933: The firewall does not filter incoming traffic on the interface with vrf. from Open to Confirmed.
Oct 25 2021
Oct 25 2021
@Viacheslav this is great. I hope to get around to testing it this week.
Viacheslav changed the status of T3916: Add additional Linux capabilities to container configuration, a subtask of T3676: Container option to add Linux capabilities, from In progress to Needs testing.
Viacheslav changed the status of T3916: Add additional Linux capabilities to container configuration from In progress to Needs testing.
WIll be added in the next rolling release, @johannrichard could you test it?
Viacheslav changed the status of T2627: 'system static-host-mapping' only allows one IP address per hostname, it should allow one IPv4 and one IPv6 simultaneously, a subtask of T2464: DNS bugs (parent task), from Open to Needs testing.
Viacheslav changed the status of T2627: 'system static-host-mapping' only allows one IP address per hostname, it should allow one IPv4 and one IPv6 simultaneously from Open to Needs testing.
Viacheslav changed the status of T2683: no dual stack in system static-host-mapping host-name from In progress to Needs testing.
Viacheslav changed the status of T2763: New SNMP resource request - SNMP over TCP from In progress to Needs testing.
Blocker: https://github.com/FRRouting/frr/issues/9885 this makes OSPF VRFs fail currently
Viacheslav renamed T3942: Generate IPSec debug archive from op-mode from Generate IPSec debug archive form op-mode to Generate IPSec debug archive from op-mode.
Viacheslav changed the status of T3942: Generate IPSec debug archive from op-mode from Open to In progress.
Viacheslav changed the status of T2763: New SNMP resource request - SNMP over TCP from Open to In progress.
Viacheslav edited projects for T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command, added: VyOS 1.2 Crux (VyOS 1.2.9); removed VyOS 1.4 Sagitta.
Viacheslav changed the status of T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command from Open to In progress.
Viacheslav added a comment to T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command.
Unknown Object (User) changed the status of T3924: VRRP stops working with VRF from Open to Confirmed.
Viacheslav changed the status of T3939: When xdp is enabled on ethernet interface, interface crashes on reboot and is not started from Open to Confirmed.
Unknown Object (User) changed the status of T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect from Open to Confirmed.
Oct 24 2021
Oct 24 2021
vyos@gw-1:~$ show interfaces ethernet eth1 physical
Settings for eth1:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: Symmetric
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: Symmetric
Advertised auto-negotiation: Yes
Advertised FEC modes: Not reported
Speed: 1000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 1
Transceiver: internal
Auto-negotiation: on
MDI-X: off (auto)
Supports Wake-on: pumbg
Wake-on: g:...skipping...
Settings for eth1:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: Symmetric
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: Symmetric
Advertised auto-negotiation: Yes
Advertised FEC modes: Not reported
Speed: 1000Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 1
Transceiver: internal
Auto-negotiation: on
MDI-X: off (auto)
Supports Wake-on: pumbg
Wake-on: g
Current message level: 0x00000007 (7)
drv probe link
Link detected: yesdriver: igb
version: 5.6.0-k
firmware-version: 0. 6-1
expansion-rom-version:
bus-info: 0000:02:00.0
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: yes
~
vyos@gw-1:~$ show interfaces ethernet eth2 physical
Settings for eth2:
Supported ports: [ TP ]
Supported link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Supported pause frame use: Symmetric
Supports auto-negotiation: Yes
Supported FEC modes: Not reported
Advertised link modes: 10baseT/Half 10baseT/Full
100baseT/Half 100baseT/Full
1000baseT/Full
Advertised pause frame use: Symmetric
Advertised auto-negotiation: Yes
Advertised FEC modes: Not reported
Speed: 100Mb/s
Duplex: Full
Port: Twisted Pair
PHYAD: 1
Transceiver: internal
Auto-negotiation: on
MDI-X: on (auto)
Supports Wake-on: pumbg
Wake-on: g
Current message level: 0x00000007 (7)
drv probe link
Link detected: yesdriver: igb
version: 5.6.0-k
firmware-version: 0. 6-1
expansion-rom-version:
bus-info: 0000:03:00.0
supports-statistics: yes
supports-test: yes
supports-eeprom-access: yes
supports-register-dump: yes
supports-priv-flags: yes
vyos@gw-1:~$
dmbaturin updated the task description for T3937: Rewrite "show system memory" in Python to make it usable as a library function.
Oct 23 2021
Oct 23 2021
What is the hardware used? It's weird that ethtool can not detect the NIC driver.
anything new here?
RyVolodya added a comment to T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect.
The client (IP: 192.168.122.78) doesn't connect to VyOS via OpenConnect VPN.
Tested on version: VyOS 1.3.0-epa2
c-po added a comment to T3755: ospf: adjust to new FRR 8 syntax where "no passive-interface " moved to interface section.
The old FRR command states:
dutty renamed T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect from ocserv-worker general protection fault on client connect to Openconnect VPN broken: ocserv-worker general protection fault on client connect.
dutty added a comment to T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect.
Same as T3919
I confirm. Same as T3934
Reverted back to "4.19.195"
dutty updated the task description for T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect.
dutty updated the task description for T3934: Openconnect VPN broken: ocserv-worker general protection fault on client connect.
This bug has been raised for 2 years and has not been closed yet. Is it because it has not been resolved?
Oct 22 2021
Oct 22 2021
https://github.com/vyos/vyos-build/commit/402d80498683f298be1dd3581cb0143362ceb561 - developers are reverting to kernel 4.19.207. But this is the kernel that started the problem.
Viacheslav changed the status of T3931: SSTP doesn't work after rewriting to PKI from Open to Confirmed.
Viacheslav changed the status of T2566: sstp not able to run tunnels ipv6 only from In progress to Needs testing.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1039
RyVolodya updated the task description for T3930: The firewall does not filter incoming traffic on the interface with vrf..
Viacheslav changed the status of T2566: sstp not able to run tunnels ipv6 only from Open to In progress.
To reproduce:
[edit vpn sstp]
vyos@r4-epa1# compare
[edit vpn sstp]
+authentication {
+ local-users {
+ username foo {
+ password bar
+ }
+ }
+ mode local
+}
+client-ipv6-pool {
+ prefix 2001:db8::/48 {
+ }
+}
+gateway-address 192.168.122.14
+ssl {
+ ca-cert-file /config/user-data/sstp/ca.crt
+ cert-file /config/user-data/sstp/server.crt
+ key-file /config/user-data/sstp/server.key
+}
[edit vpn sstp]
vyos@r4-epa1# commit
[ vpn ]
Note: the IPsec process will not start until you configure some tunnels, profiles, or L2TP/IPsec settingsIt uses PKI.
Viacheslav changed the status of T3929: No option "key-file" for vpn sstp ssl from Open to In progress.
Viacheslav changed the status of T2683: no dual stack in system static-host-mapping host-name from Open to In progress.
c-po moved T3917: Use Avahi as mDNS repeater for IPv6 support from Need Triage to Finished on the VyOS 1.4 Sagitta board.
c-po closed T3188: Tunnel local-ip to dhcp-interface Change Fails to Update, a subtask of T3925: Tunnel: dhcp-interface not implemented - use source-interface instead, as Resolved.
c-po moved T3188: Tunnel local-ip to dhcp-interface Change Fails to Update from Need Triage to Finished on the VyOS 1.4 Sagitta board.
c-po moved T3188: Tunnel local-ip to dhcp-interface Change Fails to Update from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa3) board.
c-po edited projects for T3188: Tunnel local-ip to dhcp-interface Change Fails to Update, added: VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.0-epa3); removed VyOS 1.3 Equuleus.
Oct 21 2021
Oct 21 2021
c-po moved T3925: Tunnel: dhcp-interface not implemented - use source-interface instead from Need Triage to Finished on the VyOS 1.4 Sagitta board.
c-po moved T3923: Kernel: Enable TLS/IPSec offload support for Mellanox ConnectX NICs from Need Triage to Finished on the VyOS 1.4 Sagitta board.
c-po moved T3927: Kernel: Enable kernel support for HW offload of the TLS protocol from Need Triage to Finished on the VyOS 1.4 Sagitta board.
c-po moved T3927: Kernel: Enable kernel support for HW offload of the TLS protocol from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.0-epa3) board.