Page MenuHomeVyOS Platform
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Sep 3 2021

Viacheslav created T3797: show interface errors with vrrp configuration.
Sep 3 2021, 6:00 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav closed T690: Allow OpenVPN servers to push routes with custom metric values as Resolved.
Sep 3 2021, 5:38 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav claimed T690: Allow OpenVPN servers to push routes with custom metric values.
Sep 3 2021, 5:30 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav added a comment to T690: Allow OpenVPN servers to push routes with custom metric values.

PR for equuleus https://github.com/vyos/vyos-1x/pull/994

Sep 3 2021, 5:15 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav added a project to T3634: Add op command option for ping for do not fragment bit to be set: test.
Sep 3 2021, 12:56 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav moved T3634: Add op command option for ping for do not fragment bit to be set from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Sep 3 2021, 12:55 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav moved T3634: Add op command option for ping for do not fragment bit to be set from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 3 2021, 12:55 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav closed T3634: Add op command option for ping for do not fragment bit to be set as Resolved.
Sep 3 2021, 12:55 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav created T3794: MACsec interfaces in down state after create .
Sep 3 2021, 7:31 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav closed T3683: VXLAN not accept ipv6 and source-interface options and mtu bug as Resolved.
Sep 3 2021, 7:15 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav closed T3674: Webproxy squid is stared by default without any configuration as Resolved.
Sep 3 2021, 6:54 AM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T3697: Impossible to delete IPsec completely.

@dmbaturin Can we close it?

Sep 3 2021, 6:53 AM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T3702: Policy: Allow routing by fwmark.

@fetzerms Can you check it in 1.4?
For example:

set policy local-route rule 10 fwmark '42'
set policy local-route rule 10 set table '100'
Sep 3 2021, 6:53 AM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta
Viacheslav closed T2648: router-advert: erroneous syslog warning about invalid all-zeros prefix as Wontfix.
Sep 3 2021, 6:26 AM · VyOS 1.3 Equuleus (1.3.0), test
Viacheslav moved T2920: Commit crash when adding the second mGRE tunnel with the same key from Need Triage to Backport Candidates on the VyOS 1.4 Sagitta board.
Sep 3 2021, 6:01 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav closed T3788: Keys are not allowed with ipip and sit tunnels as Resolved.
Sep 3 2021, 5:56 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav moved T3788: Keys are not allowed with ipip and sit tunnels from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sep 3 2021, 5:56 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Sep 2 2021

Viacheslav claimed T3788: Keys are not allowed with ipip and sit tunnels.
Sep 2 2021, 7:08 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3788: Keys are not allowed with ipip and sit tunnels.

PR https://github.com/vyos/vyos-1x/pull/993

Sep 2 2021, 7:08 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added a comment to T2648: router-advert: erroneous syslog warning about invalid all-zeros prefix.

+1

Sep 2 2021, 7:04 PM · VyOS 1.3 Equuleus (1.3.0), test
Viacheslav added a comment to T2648: router-advert: erroneous syslog warning about invalid all-zeros prefix.

1.3 still use 2.17 version

Sep 2 2021, 6:40 PM · VyOS 1.3 Equuleus (1.3.0), test
Viacheslav edited projects for T3793: Syslog - Improve error handling, added: VyOS 1.2 Crux (VyOS 1.2.9); removed VyOS 1.2 Crux (VyOS 1.2.8).
Sep 2 2021, 2:49 PM · VyOS 1.2 Crux (VyOS 1.2.9)

Sep 1 2021

Viacheslav added a comment to T2557: clear interfaces <type> <interface> counters has no effect.

It is really somehow was in the old backend

[email protected]:~$ ${vyatta_bindir}/vyatta-show-interfaces.pl --intf=eth1
eth1: <BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master bond1 state UP group default qlen 1000
    link/ether 52:54:00:c1:05:04 brd ff:ff:ff:ff:ff:ff
    Last clear: Wed Sep 01 18:29:34 EEST 2021
    Description: FOO
Sep 1 2021, 3:43 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav moved T2434: Duplicate Address Detection Breaks Interfaces from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Sep 1 2021, 3:15 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav closed T2434: Duplicate Address Detection Breaks Interfaces as Resolved.

Not reproducible in 1.2.8 / 1.3-beta-202108300342

Sep 1 2021, 3:14 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav added a comment to T1085: Certificates containing CRLF aren't accepted.

@tracyb Can you re-check it in 1.3.0-rc6?

Sep 1 2021, 12:47 PM · VyOS 1.3 Equuleus (1.3.7), test

Aug 31 2021

Viacheslav added a comment to T2920: Commit crash when adding the second mGRE tunnel with the same key.

PR https://github.com/vyos/vyos-1x/pull/986

Aug 31 2021, 10:57 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav claimed T2920: Commit crash when adding the second mGRE tunnel with the same key.
Aug 31 2021, 10:38 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added a project to T2920: Commit crash when adding the second mGRE tunnel with the same key: VyOS 1.4 Sagitta.
Aug 31 2021, 10:34 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav created T3788: Keys are not allowed with ipip and sit tunnels.
Aug 31 2021, 9:51 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav closed T3782: Ingress Shaping with IFB No Longer Functional with 1.3 as Resolved.

@trystan will be fixed in the next 1.3-beta release.

Aug 31 2021, 9:40 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3782: Ingress Shaping with IFB No Longer Functional with 1.3.

PR for 1.3 https://github.com/vyos/vyos-1x/pull/985

Aug 31 2021, 8:38 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav claimed T3786: GRE tunnel source address 0.0.0.0 error.
Aug 31 2021, 8:18 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav added a comment to T3786: GRE tunnel source address 0.0.0.0 error.

Sure.
PR for crux https://github.com/vyos/vyatta-cfg-system/pull/166

Aug 31 2021, 8:18 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta

Aug 30 2021

Viacheslav added a comment to T3786: GRE tunnel source address 0.0.0.0 error.

PR https://github.com/vyos/vyos-1x/pull/984

Aug 30 2021, 3:50 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav changed the status of T3782: Ingress Shaping with IFB No Longer Functional with 1.3 from Open to Needs testing.
Aug 30 2021, 3:29 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav claimed T3782: Ingress Shaping with IFB No Longer Functional with 1.3.
Aug 30 2021, 3:29 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav renamed T3786: GRE tunnel source address 0.0.0.0 error from GRE tunnel source address without remote address error to GRE tunnel source address 0.0.0.0 error.
Aug 30 2021, 3:03 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav renamed T3786: GRE tunnel source address 0.0.0.0 error from GRE tunnel source address 0.0.0.0 error to GRE tunnel source address without remote address error.
Aug 30 2021, 3:01 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav closed T3677: "sipcalc" not included in 1.3 as Resolved.

Fixed/added https://github.com/vyos/vyos-user-utils/blob/d99b3497de6b057d23a7e29759b022a3567284a8/debian/control#L11

Aug 30 2021, 2:18 PM · VyOS 1.3 Equuleus (1.3.0), test
Viacheslav added a comment to T3786: GRE tunnel source address 0.0.0.0 error.

Add key to successful commit.

set interfaces tunnel tun1 parameters ip key '1'
Aug 30 2021, 2:09 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav created T3786: GRE tunnel source address 0.0.0.0 error.
Aug 30 2021, 2:07 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.2 Crux (VyOS 1.2.9), VyOS 1.4 Sagitta
Viacheslav added a project to T2941: Using a non-ASCII character in the description field causes UnicodeDecodeError in configsource.py: VyOS 1.4 Sagitta.
Aug 30 2021, 12:33 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav closed T3553: OSPFv3 redistribute configuration remains in frr running config after removal as Invalid.

Not reproducible.
I close the task.
Reopen it if necessary. Describe step by step with an example of config how to reproduce it.
Thanks.

Aug 30 2021, 11:22 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav added a comment to T3677: "sipcalc" not included in 1.3.

PR for 1.3 https://github.com/vyos/vyos-build/pull/184

Aug 30 2021, 10:59 AM · VyOS 1.3 Equuleus (1.3.0), test
Viacheslav closed T3777: adding IPv6 EUI64 address fails commit in 1.3.0-rc6 as Resolved.

Fixed in VyOS 1.3-beta-202108300342

Aug 30 2021, 10:15 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav added a comment to T3782: Ingress Shaping with IFB No Longer Functional with 1.3.

PR https://github.com/vyos/vyos-1x/pull/983

Aug 30 2021, 7:10 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added projects to T3782: Ingress Shaping with IFB No Longer Functional with 1.3: VyOS 1.4 Sagitta, test.
Aug 30 2021, 7:10 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Aug 29 2021

Viacheslav added a comment to T3782: Ingress Shaping with IFB No Longer Functional with 1.3.
In T3782#102239, @trystan wrote:
Aug 29 2021, 6:11 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3782: Ingress Shaping with IFB No Longer Functional with 1.3.

Possible bug after this commit https://github.com/vyos/vyos-1x/pull/621/commits/ede2972be4c49962a04b1addb9df6ce58f2d9f42
As it works in vyos-1.3-rolling-202011 before that commit.

Aug 29 2021, 5:39 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav changed the status of T3777: adding IPv6 EUI64 address fails commit in 1.3.0-rc6 from Open to Needs testing.
Aug 29 2021, 5:18 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav closed T3708: isisd and gre-bridge commit error as Resolved.

1.3 fixed in T3779

Aug 29 2021, 5:07 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added a comment to T1683: Difficulty monitoring VyOS through SNMP.

The issue may be with OpenVPN/dynamic interfaces only, without the option "persist".
In that case, if no connectivity between interfaces it tried to re-add the interface "down/up" vtunX with a new SNMP index. And it will be in the loop until connectivity will be restored with the remote site.

Aug 29 2021, 4:39 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
Viacheslav added a comment to T3782: Ingress Shaping with IFB No Longer Functional with 1.3.

Difference between 1.2 and 1.3
1.3 don't have option qdisc ingress ffff: dev eth0 parent ffff:fff1 ----------------

Aug 29 2021, 3:56 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3774: atop logs are not limited in size.

How about CLI set system syslog atop file 5
That means save the latest 5 files.

Aug 29 2021, 3:23 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
Viacheslav assigned T3763: wireguard checks if port already binding to zsdc.
Aug 29 2021, 3:07 PM · VyOS 1.4 Sagitta
Viacheslav added a project to T3777: adding IPv6 EUI64 address fails commit in 1.3.0-rc6: test.
Aug 29 2021, 11:52 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav changed the status of T3770: BGP neighbor not generating the correct frr configuration when moved to peer-group from Open to Confirmed.
Aug 29 2021, 11:43 AM · VyOS 1.3 Equuleus (1.3.7)
Viacheslav added a comment to T3777: adding IPv6 EUI64 address fails commit in 1.3.0-rc6.

PR https://github.com/vyos/vyos-1x/pull/981

[email protected]# set interfaces ethernet eth0 ipv6 address eui64 2001:db8::/64
[edit]
[email protected]# commit
ru[edit]
[email protected]# run show int
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             192.168.122.14/24                 u/u  
                 2001:db8::5054:ff:fe5d:4609/64
Aug 29 2021, 11:26 AM · VyOS 1.3 Equuleus (1.3.0-epa1)

Aug 24 2021

Viacheslav added a comment to T3772: VRRP virtual interfaces are not shown in show interfaces.

Similar task T3360

Aug 24 2021, 5:40 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Aug 18 2021

Viacheslav added a comment to T3766: containers: Expanding options for networking and building containers.

Network re-creates every time after reboot and gets configuration from "container network" section.
https://github.com/vyos/vyatta-cfg/blob/242f5685159f615ff79312041d3dde2063e5579a/scripts/init/vyos-router#L273-L277
So there is podman decide how to name this network.

Aug 18 2021, 4:58 PM · VyOS 1.4 Sagitta (1.4.0-epa1)
Viacheslav added a comment to T3506: Migrate loadkey command to op-mode.

From conf mode I get error VyOS 1.4-rolling-202108130117

vyos@vyos-oobm# loadkey vyos scp://[email protected]:/etc/ssh/ssh_host_rsa_key.pub
Global symbol "$generate" requires explicit package name (did you forget to declare "my $generate"?) at /opt/vyatta/sbin/vyatta-load-user-key.pl line 162.
Execution of /opt/vyatta/sbin/vyatta-load-user-key.pl aborted due to compilation errors.
[edit]
vyos@vyos-oobm#
Aug 18 2021, 4:47 PM · VyOS 1.4 Sagitta
Viacheslav added a subtask for T2816: Rewrite IPsec scripts with the new XML/Python approach: T3764: Unconfigurable IKE and ESP lifetime.
Aug 18 2021, 1:24 PM · VyOS 1.4 Sagitta
Viacheslav added a parent task for T3764: Unconfigurable IKE and ESP lifetime: T2816: Rewrite IPsec scripts with the new XML/Python approach.
Aug 18 2021, 1:24 PM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T3763: wireguard checks if port already binding.
Aug 18 2021, 10:26 AM · VyOS 1.4 Sagitta
Viacheslav added a project to T3762: Support network and address groups for policy ipv6-route: VyOS 1.4 Sagitta.
Aug 18 2021, 10:19 AM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T3763: wireguard checks if port already binding.
Aug 18 2021, 10:15 AM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T3763: wireguard checks if port already binding.
Aug 18 2021, 10:15 AM · VyOS 1.4 Sagitta
Viacheslav created T3763: wireguard checks if port already binding.
Aug 18 2021, 10:10 AM · VyOS 1.4 Sagitta
Viacheslav closed T3537: Unable to override the default OSPFv3 link cost for wireguard interface as Resolved.

I close the task, because it can't be reproducible in 1.3.0-rc5
Re-open it, if necessary with described step by step how to reproduce it.
Or open a new one.

Aug 18 2021, 9:47 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav added a comment to T3708: isisd and gre-bridge commit error.

from vyos.xml import defaults doesn't work for 1.3 correctly, for some reason it gets 2 isis process with same name "FOO"
https://github.com/sever-sever/vyos-1x/commit/7b0a33618bfa1d1ef99b9744ed1ded49a2c832af

[email protected]# compare 
[edit protocols]
+isis FOO {
+    interface tun0 {
+    }
+    net 49.0001.0000.0011.0001.00
+}
[edit]
[email protected]# commit
[ protocols isis FOO ]
{'FOO': {'interface': {'tun0': {}}, 'net': '49.0001.0000.0011.0001.00'},
 'lsp_mtu': '1497'}
Only one isis process can be defined
Aug 18 2021, 9:33 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav placed T3708: isisd and gre-bridge commit error up for grabs.
Aug 18 2021, 9:27 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Aug 17 2021

Viacheslav closed T1643: Deleting all firewall zones failed and locked out box, a subtask of T2199: Rewrite firewall in new XML/Python style, as Resolved.
Aug 17 2021, 4:00 PM · VyOS 1.4 Sagitta
Viacheslav closed T1643: Deleting all firewall zones failed and locked out box as Resolved.

Not reproducible, tested on "1.3-beta-202108151336"

Aug 17 2021, 4:00 PM · VyOS 1.3 Equuleus (1.3.0), test
Viacheslav added a comment to T1753: Configuring `ip source-validation loose` doesn't properly configure `sysctl`.
  1. Bug, values on interfaces are overwritten after firewall global parameters.

By default:

[email protected]# sudo sysctl -a | grep "\.rp_filter"
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth1.rp_filter = 0
net.ipv4.conf.eth2.rp_filter = 0
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.vtun10.rp_filter = 0

Set value for the interface eth2 value "loose"

[email protected]# set interfaces ethernet eth2 ip source-validation 'loose'
[edit]
[email protected]# commit
[email protected]# sudo sysctl -a | grep "\.rp_filter"
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.eth0.rp_filter = 0
net.ipv4.conf.eth1.rp_filter = 0
net.ipv4.conf.eth2.rp_filter = 2
net.ipv4.conf.lo.rp_filter = 0
net.ipv4.conf.vtun10.rp_filter = 0
Aug 17 2021, 1:37 PM · VyOS 1.5 Circinus
Viacheslav added a comment to T1349: L2TP remote-access vpn terminated and not showing as connected.

@Merijn Any updates?

Aug 17 2021, 12:53 PM · VyOS 1.3 Equuleus (1.3.0), test
Viacheslav added a comment to T1487: DNS (pdns_recursor) stats logs not saved to disk.

@c-po Can we close it?

Aug 17 2021, 12:47 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
Viacheslav closed T508: ISC DHCP incorrect UDP checksum generation as Resolved.

Not more actual for 1.3, as it used isc-dhcp-client/isc-dhcp-relay/isc-dhcp-server 4.4.1-2
I can't find in logs something like bad udp checksums

Aug 17 2021, 12:46 PM · VyOS 1.3 Equuleus (1.3.0-epa1), vyatta-dhcp3
Viacheslav added a comment to T1487: DNS (pdns_recursor) stats logs not saved to disk.

Do we need to set this option configurable?
We have an option --disable-syslog so for enable logging it should be --enable-syslog

Aug 17 2021, 11:06 AM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
Viacheslav added a comment to T1925: DMVPN is always listed as down in "show vpn ipsec sa".

SA only with hub, output correct

vyos@spoke1:~$ show vpn ipsec sa
Connection    State    Uptime    Bytes In/Out    Packets In/Out    Remote address    Remote ID    Proposal
------------  -------  --------  --------------  ----------------  ----------------  -----------  ----------------------------------
dmvpn         up       16m24s    2K/2K           24/23             192.0.2.1         N/A          AES_CBC_256/HMAC_SHA1_96/MODP_1024
vyos@spoke1:~$ 
vyos@spoke1:~$ 
vyos@spoke1:~$ sudo swanctl -l
dmvpn-NHRPVPN-tun100: #1, ESTABLISHED, IKEv1, 2bc867b1ca327379_i* c85b15462b657b03_r
  local  '100.64.1.11' @ 100.64.1.11[500]
  remote '192.0.2.1' @ 192.0.2.1[500]
  AES_CBC-256/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_1024
  established 1001s ago, rekeying in 2400s
  dmvpn: #1, reqid 1, INSTALLED, TRANSPORT, ESP:AES_CBC-256/HMAC_SHA1_96/MODP_1024
    installed 1001s ago, rekeying in 505s, expires in 979s
    in  cb2b55ee,   3044 bytes,    24 packets,    91s ago
    out cb3647d6,   2474 bytes,    23 packets,    91s ago
    local  100.64.1.11/32[gre]
    remote 192.0.2.1/32[gre]
vyos@spoke1:~$
Aug 17 2021, 9:46 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav added a comment to T1925: DMVPN is always listed as down in "show vpn ipsec sa".

Tested on VyOS 1.3.0-rc5

Aug 17 2021, 9:40 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav closed T2525: OSPFv3 missing route map, not establishing as Resolved.

Not reproducible update from 1.2.4 to 1.3-rc5
1.2.4 config

set interfaces ethernet eth1 bond-group bond0
set interfaces ethernet eth1 bond-group bond0
set interfaces bonding bond0 vif 29 address '192.168.159.167/31'
set interfaces bonding bond0 vif 29 address 'fd12:45:fff:29::2/126'
set interfaces bonding bond0 vif 29 description 'Point to Point - DMZ'
set interfaces bonding bond0 vif 29 ip ospf dead-interval '20'
set interfaces bonding bond0 vif 29 ip ospf hello-interval '10'
set interfaces bonding bond0 vif 29 ip ospf priority '220'
set interfaces bonding bond0 vif 29 ip ospf retransmit-interval '5'
set interfaces bonding bond0 vif 29 ip ospf transmit-delay '1'
set interfaces bonding bond0 vif 29 ipv6 dup-addr-detect-transmits '1'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 cost '1'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 dead-interval '20'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 hello-interval '10'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 instance-id '0'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 priority '220'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 retransmit-interval '5'
set interfaces bonding bond0 vif 29 ipv6 ospfv3 transmit-delay '1'
set interfaces bonding bond0 vif 29 mtu '1500'
set interfaces loopback lo address 'fd12:45::14/128'
set policy route-map OSPF-Filter description 'This route map will apply to outgoing routes sent via OSPF'
set policy route-map OSPF-Filter rule 10 action 'permit'
set policy route-map OSPF-Filter rule 10 description 'Only permit loopback interface'
set policy route-map OSPF-Filter rule 10 match interface 'lo'
set policy route-map OSPF-Filter rule 100 action 'deny'
set policy route-map OSPF-Filter rule 100 description 'Default deny'
set protocols ospfv3 area 0.0.0.0 interface 'lo'
set protocols ospfv3 area 0.0.0.0 interface 'bond0.29'
set protocols ospfv3 area 0.0.0.0 range fd12:45:fff:29::/126
set protocols ospfv3 parameters router-id '192.168.159.241'
set protocols ospfv3 redistribute connected route-map 'OSPF-Filter'
Aug 17 2021, 8:08 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav closed T1550: Add support for Large BGP Community show commands as Resolved.

Large-community and large-community-list it is different functions.
It seems all works fine

Aug 17 2021, 7:50 AM · VyOS 1.3 Equuleus (1.3.0), test
Viacheslav changed the status of T690: Allow OpenVPN servers to push routes with custom metric values from Open to Needs testing.
Aug 17 2021, 7:34 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav added a comment to T690: Allow OpenVPN servers to push routes with custom metric values.

@darkdragon-001 It will be available in the next rolling release, can you test it?

Aug 17 2021, 7:33 AM · VyOS 1.3 Equuleus (1.3.0-epa1)

Aug 16 2021

Viacheslav closed T1594: l2tpv3 error on IPv6 local-ip as Resolved.
Aug 16 2021, 9:19 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta, test
Viacheslav added a comment to T690: Allow OpenVPN servers to push routes with custom metric values.

PR for current https://github.com/vyos/vyos-1x/pull/974

Aug 16 2021, 8:39 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav added a project to T690: Allow OpenVPN servers to push routes with custom metric values: VyOS 1.4 Sagitta.
Aug 16 2021, 4:20 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav moved T3738: openvpn fails if server and authentication are configured from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Aug 16 2021, 9:40 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav closed T3738: openvpn fails if server and authentication are configured as Resolved.

Fixed, 1.3-beta-202108151336

[email protected]# run show conf com | match openvpn
set interfaces openvpn vtun10 encryption cipher 'aes256'
set interfaces openvpn vtun10 hash 'sha512'
set interfaces openvpn vtun10 local-host '192.168.122.14'
set interfaces openvpn vtun10 local-port '1194'
set interfaces openvpn vtun10 mode 'server'
set interfaces openvpn vtun10 persistent-tunnel
set interfaces openvpn vtun10 protocol 'udp'
set interfaces openvpn vtun10 server client client1 ip '10.10.0.10'
set interfaces openvpn vtun10 server domain-name 'vyos.net'
set interfaces openvpn vtun10 server max-connections '250'
set interfaces openvpn vtun10 server name-server '172.16.254.30'
set interfaces openvpn vtun10 server subnet '10.10.0.0/24'
set interfaces openvpn vtun10 server topology 'subnet'
set interfaces openvpn vtun10 tls ca-cert-file '/config/auth/ca.crt'
set interfaces openvpn vtun10 tls cert-file '/config/auth/central.crt'
set interfaces openvpn vtun10 tls dh-file '/config/auth/dh.pem'
set interfaces openvpn vtun10 tls key-file '/config/auth/central.key'
set interfaces openvpn vtun10 tls tls-version-min '1.0'
set interfaces openvpn vtun10 use-lzo-compression
[edit]
[email protected]#
[email protected]# set interfaces openvpn vtun10 authentication username foo
[edit]
[email protected]# commit
Aug 16 2021, 9:40 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav added a comment to T3758: HTTP-API: per-key command restrictions.

Not sure that it is a good idea for this format.
The syntax between versions (1.3/1.4 bgd/isisd) is changed. With every syntax change you should also change and section "service https API ... bgp"
My point API must have a full access to all configuration options.

Aug 16 2021, 9:23 AM
Viacheslav added a project to T1024: Policy Based Routing by DSCP: VyOS 1.4 Sagitta.
Aug 16 2021, 6:01 AM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta

Aug 14 2021

Viacheslav added a comment to T3741: [BGP] default no-ipv4-unicast - by default.

@c-po It makes sense
Need to try.

Aug 14 2021, 5:34 AM · VyOS 1.4 Sagitta

Aug 13 2021

Viacheslav added a comment to T3736: openvpn-option keeps and adds double dashes ''--".

https://github.com/vyos/vyos-1x/blob/595ab70a5d50ef1f9e166959affd96ea1ee8c8c8/data/templates/openvpn/server.conf.tmpl#L228

Aug 13 2021, 5:23 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav moved T3738: openvpn fails if server and authentication are configured from Need Triage to Backport Candidates on the VyOS 1.4 Sagitta board.
Aug 13 2021, 5:19 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav claimed T3738: openvpn fails if server and authentication are configured.
Aug 13 2021, 4:47 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav assigned T3752: generate pki certificate file xxx doesn't touch file to sarthurdev.
Aug 13 2021, 4:05 PM · VyOS 1.4 Sagitta
Viacheslav created T3752: generate pki certificate file xxx doesn't touch file.
Aug 13 2021, 4:04 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3738: openvpn fails if server and authentication are configured.

PR https://github.com/vyos/vyos-1x/pull/968

Aug 13 2021, 3:59 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Viacheslav claimed T3708: isisd and gre-bridge commit error.
Aug 13 2021, 3:43 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
First
Prev
Next