If you manually partition you need to keep in mind 2 things.
the filesystem label needs to be "persistence" (mkfs.ext4 < device > -L persistence)
and in the root of the filesystem you must create a persistence.conf file containing "/ union"
(echo "/ union" > /persistence.conf) on your partition meat for vyos.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Mar 14 2019
Mar 14 2019
UnicronNL closed T1298: Use vti tunnel with ipsec and dhcp. as Resolved by committing Restricted Diffusion Commit.
UnicronNL changed the status of T1298: Use vti tunnel with ipsec and dhcp. from Open to In progress.
Jan 27 2019
Jan 27 2019
Jan 23 2019
Jan 23 2019
@bjtangseng so changing that remote_ts = 0.0.0.0/0[gre] fixed it right?
@bjtangseng
On the HUB, can you change in /etc/swanctl/swanctl.conf
remote_ts = dynamic[gre] to remote_ts = 0.0.0.0/0[gre]
can you do:
sudo swanctl --list-sas
@bjtangseng, Ah that is the problem. I do not know if there is an option allow any network, have to do some research.
@bjtangseng,
Does your nat address change everytime?
can you put log from hub?
ipsec log
@bjtangseng
I think you replaced the wrong ip in the swanctl.conf
@bjtangseng Can you post the output, than i can maybe look and mod things.
@bjtangseng thanks!
Jan 22 2019
Jan 22 2019
@bjtangseng The spoke, and do not reboot.
make sure hub is up and do changes mentioned in previous post on the spoke (no reboot)
and post the output of:
Jan 21 2019
Jan 21 2019
@bjtangseng
can you please edit your swanctl.conf file and put the local_ts to 115.60.62.155/32[gre] ( local_ts = 115.60.62.155/32[gre] )
after editing swanctl please run:
sudo swanctl -q
then please check if you can connect with:
sudo swanctl -i -c dmvpn -S 100.64.161.96 -R 116.90.86.181 -l 2
or:
sudo swanctl -i -c dmvpn -S 0.0.0.0 -R 116.90.86.181 -l 2
Jan 20 2019
Jan 20 2019
UnicronNL edited projects for T1186: Setup DMVPN cannot work, added: VyOS 1.3 Equuleus; removed VyOS 1.2 Crux (VyOS 1.2.0-GA).
@bjtangseng could you try with IKEv2 on both hub and spoke?
set vpn ipsec ike-group IKE-HUB key-exchange ikev2 for hub
set vpn ipsec ike-group IKE-SPOKE key-exchange ikev2 for spoke.
@bjtangseng This is definitely a NAT issue, if i change the local_ts = dynamic[gre] in /etc/swanctl/swanctl.conf to local_ts = *.*.*.*/32[gre] i can replicate the error you get.
Jan 15 2019
Jan 15 2019
UnicronNL added a comment to T1116: About delete DMVPN set file, but look for dmvpn log in show log.
@bjtangseng I do not know if dmvpn was in rc.10.
Can you please try the same in the last roling release?
UnicronNL edited projects for T1070: SWANCTL: DMVPN: ALL peers are deleted in swan when opennhrp tries to delete ONE peer, added: VyOS-1.2.0-GA; removed VyOS 1.3 Equuleus.
Dec 14 2018
Dec 14 2018
added the patch! thanks
Dec 12 2018
Dec 12 2018
Nov 23 2018
Nov 23 2018
@m.tremer added the patch, thanks... was under the impression cloud-init added the user as it is stated as default user, but clearly it does not.
Nov 13 2018
Nov 13 2018
Do you also create the iso yourself or dowload it?
In 1.2 we will be using cloud-init and the ec2 init script was removed.
Nov 9 2018
Nov 9 2018
@vtsingaras I merged it in to our repo.
@syncer i see we have no crux branch for pmacct i slacked @dmbaturin
@syncer i added a branch in vyos-build, after testing, do you think we can merge to current/crux and update the live-build package on the build server?
@syncer If we use kernel 4.19 driver version for ethernet is DRV_VERSION "5.1.0-k"
Also cpu should be supported without enabling something i guess.
Will mod the script to update rate on the fly.
vyos@vyos:~$ stty -F /dev/ttyS0 115200 cstopb
@kroy
If you would like to test:
git clone https://github.com/vyos/vyos-build.git
cd vyos-build
git checkout current-uefi
docker build -t vyos-builder .
docker run -it --privileged -v /HOST_PATH_OF_VYOS_BUILD_REPO:/vyos -w="/vyos" vyos-builder bash
./configure
make iso
Nov 6 2018
Nov 6 2018
@kroy what kernel is it now you use? I updated the kernel 4.14.75 and 4.19.0
https://github.com/vyos/vyos-kernel/commit/32f3f5caaec8bff6f372ab22801cfaaa30a766cd
Nov 5 2018
Nov 5 2018
@commo How did you prepare the usb drive?
On which os, and what tools did you use?
Nov 4 2018
Nov 4 2018
@vtsingaras I see it is merged in upstream, try to merge in vyos asap.
Oct 19 2018
Oct 19 2018
UnicronNL added a project to T920: Add Client keepalive option needed for cloud-init: VyOS-1.2.0-GA.
UnicronNL moved T919: Add option set multiple ports on ssh from Finished to Needs Triage on the VyOS 1.2 Crux (VyOS 1.2.0-rc4) board.
UnicronNL moved T919: Add option set multiple ports on ssh from Needs Triage to In Progress on the VyOS 1.2 Crux (VyOS 1.2.0-rc5) board.
Oct 14 2018
Oct 14 2018
UnicronNL added a comment to T891: Current multi-table usage with VRF-netns tables in FRR is partially broken for PBR..
@Watcher7 Ah i see, was confused... tnx
Oct 12 2018
Oct 12 2018
UnicronNL added a comment to T891: Current multi-table usage with VRF-netns tables in FRR is partially broken for PBR..
do you mean like:
set protocols static table 10 route 192.168.0.0/24 next-hop 192.168.0.1 interface ethx
If so could you please create a new task for creating new syntax?
Oct 11 2018
Oct 11 2018
UnicronNL added a comment to T891: Current multi-table usage with VRF-netns tables in FRR is partially broken for PBR..
@Watcher7 I do not really understand what you mean, can you share your configs or a way to reproduce and elaborate a bit more?
Aug 2 2018
Aug 2 2018
Found that already :)
Aug 1 2018
Aug 1 2018
Haha tnx!
image vyos-1.2.0-rolling+201807301123-amd64.iso
@hagbard and then install the packages on that. (download and install)
Jul 31 2018
Jul 31 2018
@syncer he means the edgOs one :) package i build are only the wire guard tools and kernel module. Those packages are good.
@hagbard http://dev.packages.vyos.net/repositories/current/vyos/pool/main/w/wireguard/
here are the packages
@hagbard I have created the wireguard package https://github.com/vyos/vyos-wireguard
Mar 14 2018
Mar 14 2018
These are the pachtes i took from old vyatta, seems like you got them all.
https://github.com/vyos/vyos-kernel/commit/4c8de1009e13a978bacd5066024d194be983ecbd
https://github.com/vyos/vyos-kernel/commit/e8b8c70f0e20666824f33083d7aa76a3f1a1f6f5
https://github.com/vyos/vyos-kernel/commit/fc58d4a339537765585855a9b793b953c7c984f1
https://github.com/vyos/vyos-kernel/commit/e59dab9f2985869cfdbf9b74cb5c8034c218707b
Feb 27 2018
Feb 27 2018
fixed this couple of days ago.
Jan 23 2018
Jan 23 2018
Nice!
Dec 21 2017
Dec 21 2017
package is now in the vyos repo and used in images
Dec 14 2017
Dec 14 2017
support added,
only need Jenkis up to build te kernel.
https://github.com/vyos/vyos-kernel/commit/b72a65de9fd1c68c8d371152cfdcbc85d2b0dbd9
Nov 18 2017
Nov 18 2017
@syncer This tasked can be moved to finished, i do not have the rights.
What to so with this task, requests were closed.
Nov 7 2017
Nov 7 2017
@dmbaturin , why you reverted?
https://github.com/vyos/vyos-build/commit/e5259ccb17e93e110d1dcdeb98f4dc1b9d1df192
This seems to have done the trick thanks.
Nov 2 2017
Nov 2 2017
UnicronNL added a comment to T414: Remove the telnet service and make sure old configs that use it still load.
+1 removal
Oct 28 2017
Oct 28 2017
I added new pmacct package (https://github.com/vyos/pmacct/tree/current) but now we also need to update vyatta-netflow package.
Oct 23 2017
Oct 23 2017
UnicronNL moved T186: DHCP with VRRP from Needs Triage to In Progress on the VyOS 1.1.x (1.1.8) board.
Oct 22 2017
Oct 22 2017
added to helium branch
UnicronNL moved T410: dnsmasq in 1.1.x is outdated and vulnerable to many CVEs from Backlog to Finished on the VyOS 1.1.x (1.1.8) board.
Oct 8 2017
Oct 8 2017
UnicronNL moved T403: Outstanding CVEs - Other from Backlog to Finished on the VyOS 1.1.x (1.1.8) board.
Oct 5 2017
Oct 5 2017
added jessie one. https://github.com/vyos/dnsmasq
need to test in 1.1.8 rc1
Oct 4 2017
Oct 4 2017
Oct 3 2017
Oct 3 2017
@dmbaturin @syncer Where can i find the lithium repo?
@dmbaturin @syncer Where can i find the lithium repo?
Sep 8 2017
Sep 8 2017
In T379#7550, @dmbaturin wrote:And now that I've actually looked into it... ;)
There are some bad practices that I think should be changed before we call it complete as well.
First, now that the Python configuration library and the templates convertor work, can we stop adding new Perl code? Those scripts are short at least.
There are some very good reasons to do that as well. For example, now that we are using systemd, why should we have start-stop-daemon? We should never had it right in Perl code to begin with.
Second, I'm strongly against mixing VyOS configuration code with applications it configures. Let's move that out of this, and if we are going to move the configuration code to vyos-1x package, it will come naturally. We can merge the bcast-relay and mDNS repeater into one package perhaps.The features are appreciated, but let's add them in a fashion that will make VyOS easier to maintain, not harder.
Sep 6 2017
Sep 6 2017
UnicronNL closed T346: Fix various 'show vpn' commands that no longer function correctly as Resolved.
UnicronNL moved T346: Fix various 'show vpn' commands that no longer function correctly from In Progress to Finished on the VyOS 1.2 Crux board.
UnicronNL moved T334: Not setting ESP DH Group properly on "esp=" line in ipsec.conf from Backlog to Finished on the VyOS 1.1.x (1.1.8) board.
merged to lithium
UnicronNL moved T145: Fix PXE boot in helium from Backlog to Finished on the VyOS 1.1.x (1.1.8) board.
UnicronNL moved T176: Kernel: CVE-2016-5195 from Finished to In Progress on the VyOS 1.1.x (1.1.8) board.