I have included the requested configs (some portions of configs have been censored for security purposes). I have since rolled back to 1.1.8 for this and other reasons but I can confirm that this configuration works on 1.1.8 but not on 1.2.0.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Feb 27 2019
Can you share your config please, with the statement that breaks your config. thx.
Well that is interesting, the package versions are still the same but now it works.
Unfortunately, this works only for default route, but not for any other.
e.g. could indeed be tested to make sure that it works
I think the issue you found might still be a valid one, even though it was not the same one that was originally talked about on IRC.
Needs more testing. I might have been testing the wrong thing. :(
Feb 26 2019
The only packages i manually build are vyatta-cfg-firewall and vyatta-nat, the rest of the packages directories are empty so the packages get downloaded.
Feb 25 2019
Why not use a combination of two?
Feb 24 2019
cpo@LR1:~$ netstat -an | grep 69 udp 0 0 172.18.201.10:69 0.0.0.0:* udp6 0 0 2001:db8::ffff:69 :::*
Feb 23 2019
Feb 22 2019
Root cause is the inability of tftpd to listen on multiple addresses.
Will test with the next rolling before I close off the task.
Feb 21 2019
Yeah, I agree.
As there is no recorded bug in this behavior on 1.2 we only would increase the risk on the LTS versions without legitimate benefit.
We should NOT backport this to VyOS 1.2 crux
Feb 20 2019
We should NOT backport this to VyOS 1.2 crux
Yes, please migrate that function, too. One more migrated command.
Feb 19 2019
/opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def writes the entry, I think the functionality should be integrated into host_name.py. I contacted @c-po to hear his opinion.
@hagbardIt fixes the issue with WANLOADBALANCE_PRE chain, but we still observe unexpected behavior.
I will write a little bit more letter.
Feb 17 2019
Feb 15 2019
@zsdc Is it working for you with the package above?
Feb 14 2019
@zsdc All right, http://dev.packages.vyos.net/repositories/current/vyos/pool/main/v/vyatta-wanloadbalance/vyatta-wanloadbalance_0.13.70+vyos2+current1_amd64.deb should solve the issue you are seeing. The code of the binary is good for another dozen bug tickets =)
Pls let me know if it works as expected, since I only tested your particular use case.
LBDecision::execute(): applying command to system: iptables -t mangle -A WANLOADBALANCE_PRE -i eth1 --proto all --destination ! 192.168.0.0/16 -m state --state NEW -j ISP_eth1
Bad argument `192.168.0.0/16'
Try `iptables -h' or 'iptables --help' for more information.
LBDecision::execute(): applying command to system: iptables -t mangle -A WANLOADBALANCE_PRE -i eth1 --proto all --destination ! 192.168.0.0/16 -j CONNMARK --restore-mark
Bad argument `192.168.0.0/16'
Try `iptables -h' or 'iptables --help' for more information.
Happens in /opt/vyatta/sbin/wan_lb.
I checked the 'server' options for 'push-route' and 'name-server' and even with these configured as opposed to the openvpn-option configuration entry, it still gives the "Options error" complaint about the push command.
Feb 13 2019
I checked and $ show system kernel-messages | grep pppoe0 did not return any output.
Feb 12 2019
Feb 10 2019
I will have to re-test tonight (when nobody else is using the Internet) and get some log output.
Interface name is ppp0 but will later be renamed to pppoe0
cpo@BR1# set interfaces ethernet eth1 pppoe 0 ipv6 address autoconf [edit] cpo@BR1# commit [ interfaces ethernet eth1 pppoe 0 ipv6 address autoconf ] cp: cannot create regular file ‘/etc/ppp/ipv6-up.d/50-vyos-pppoe0-autoconf’: No such file or directory sed: can't read /etc/ppp/ipv6-up.d/50-vyos-pppoe0-autoconf: No such file or dire ctory chmod: cannot access ‘/etc/ppp/ipv6-up.d/50-vyos-pppoe0-autoconf’: No such file or directory Warning: IPv6 forwarding is currently enabled. IPv6 address auto-configuration will not be performed unless IPv6 forwarding is disabled.
Feb 9 2019
Feb 8 2019
Feb 6 2019
I’ll add that I think this is happening because of the .252 and .254 addresses. The 254 address connects, but the 252 address is marked in a constant state of connecting.
Feb 5 2019
In T1226#32102, @hagbard wrote:@Maltahl Let me know if you still need help, please. I put the task meanwhile on-hold.
Feb 4 2019
@Maltahl Let me know if you still need help, please. I put the task meanwhile on-hold.
Configured protocols does not match Proposed protocols. Try without pfs configuration on the VyOS side.
http://dev.packages.vyos.net/repositories/current/vyos/pool/main/v/vyos-1x/vyos-1x_1.2.0-12_all.deb next rolling release has it.
Feb 3 2019
Feb 2 2019
In T1226#32033, @hagbard wrote:@Maltahl Did you try the same with the rolling release? I don't see any issue with your config in particular, did you check that the wg traffic is actually getting to your router02?
@Maltahl Did you try the same with the rolling release? I don't see any issue with your config in particular, did you check that the wg traffic is actually getting to your router02?
That is not how wireguard works ? that is how ipsec and openvpn works.
This is how ipv4 works :) and have nothing to do with wireguard, ipsec etc. Actually the config you have applied eill in some situations work, but that relies on the handling of the packets inside the kernel and is not following the tcp/ip principles... If you take a look on the quick start guide on the wireguard webpage you se it there aswell... https://www.wireguard.com/quickstart/.
In T1226#32008, @runar wrote:Hi! I see that your tunnels does not resides inside the same subnet, one devise is '10.0.90.1/24' and the other one '10.0.100.1/24'.. please move one of then to ip .2 in the subnet belonging to the other router.
Hi! I see that your tunnels does not resides inside the same subnet, one devise is '10.0.90.1/24' and the other one '10.0.100.1/24'.. please move one of then to ip .2 in the subnet belonging to the other router.
Feb 1 2019
Forgot to add version for both routers, sorry.