Definitely miss behavior is generated by the new interface MGT that was created when assigning MGT vrf to eth0.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Oct 31 2021
PR for crux https://github.com/vyos/vyatta-op-vpn/pull/29
Bug still present in 1.3.0-epa2 version.
Oct 30 2021
Awesome report, thanks
@Viacheslav Yes, I have updated the system to 1.2.8-LTS. I will let you know if the disappearing openvpn tun interface reoccurs.
PR for crux https://github.com/vyos/vyos-1x/pull/1057
vyos@r12-lts:~$ show conf com | match vrrp set high-availability vrrp group GRP02 hello-source-address '203.0.113.1' set high-availability vrrp group GRP02 interface 'eth1.50' set high-availability vrrp group GRP02 no-preempt set high-availability vrrp group GRP02 priority '150' set high-availability vrrp group GRP02 rfc3768-compatibility set high-availability vrrp group GRP02 virtual-address '192.168.99.2/31' set high-availability vrrp group GRP02 vrid '10' vyos@r12-lts:~$ show interfaces vrrp Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down Interface IP Address S/L Description --------- ---------- --- ----------- eth1.50v10 192.168.99.2/31 u/u vyos@r12-lts:~$
PR for crux https://github.com/vyos/vyos-1x/pull/1056
@klipz Could you re-check it with 1.2.8?
Oct 29 2021
To fix some of this issue I modified line 102-103 in show_nat_rules.py:
I have done a lab using 1.3.0-epa2 version, and got no troubles.
Have configured 2 IP addresses on interface, and configured zone based firewall. I'm able to ping everywhere, using both IP addresses of that interface.
Also I checked that counters on firewall rules got increased while pinging from any of both IP addresses.
[email protected]# commit [ system flow-accounting ] Your "netflow source-ip" does not exist in the system
Require migration scripts to check option set vpn ipsec options disable-route-autoinstall in the configuration
The issue even with 00:00 format
After some investigation, we figured out several ways how to solve or at least mitigate the problem. From my point of view, the optimal for both developers and customers is the next one.
PR for crux https://github.com/vyos/vyos-1x/pull/1054
PR for crux https://github.com/vyos/vyos-1x/pull/1053
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1052
@ajgnet Can you re-test it?
@liam can you re-test it?
@zsdc Provide please options to solve it.
Oct 28 2021
Send it by email - [email protected]
Yep, that's fine - what's the best way the details over to you?
That is great news, any chance I can get SSH access to this machine for testing myself?
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1050
The similar FRR tasks
https://github.com/FRRouting/frr/issues/9020
https://github.com/FRRouting/frr/issues/2350
Oct 27 2021
We've now built a test x710 box for this, so we can test this more easily.
PR for address-family ipv6-unicast, 1.3 https://github.com/vyos/vyatta-cfg-quagga/pull/91