Page MenuHomeVyOS Platform
Feed Advanced Search

Today

c-po closed T3009: vpn l2tp remoteaccess require option broken as Resolved.
Sat, Oct 24, 3:19 PM · VyOS 1.3 Equuleus
c-po added a comment to T3009: vpn l2tp remoteaccess require option broken.

Hi @drac, good catch and nice reverse engineering of our code.

Sat, Oct 24, 3:19 PM · VyOS 1.3 Equuleus
c-po claimed T3009: vpn l2tp remoteaccess require option broken.
Sat, Oct 24, 3:18 PM · VyOS 1.3 Equuleus
c-po added a comment to T3005: i40e driver warning.

Driver will be included in next rolling ISO

Sat, Oct 24, 1:44 PM · VyOS 1.3 Equuleus
c-po closed T3005: i40e driver warning as Resolved.
Sat, Oct 24, 1:43 PM · VyOS 1.3 Equuleus
c-po claimed T3005: i40e driver warning.
Sat, Oct 24, 1:40 PM · VyOS 1.3 Equuleus

Thu, Oct 22

c-po placed T2781: Create op-mode top-level wrapper for ssh command up for grabs.
Thu, Oct 22, 8:01 PM · VyOS 1.3 Equuleus
c-po added a comment to T2781: Create op-mode top-level wrapper for ssh command.

Besides the command proposal there is a common issue with how we build op-mode commands. The best example is the ping op-mode command where and artifical node.tag folder is created which links (ln -s) back to itself.

Thu, Oct 22, 8:01 PM · VyOS 1.3 Equuleus
c-po added a comment to T2321: VRF support for SSH, NTP, SNMP service.

The current NTP config always binds to localhost and localhost is not a part of the mgmt VRF thus this error message.

Thu, Oct 22, 7:57 PM · VyOS 1.3 Equuleus

Mon, Oct 19

c-po updated the task description for T2995: Enhancements/bugfixes for vyos_dict_search().
Mon, Oct 19, 7:43 PM · VyOS 1.3 Equuleus
c-po closed T2992: Automatically verify sha256 checksum on ISO download as Resolved.
Mon, Oct 19, 7:34 PM · VyOS 1.3 Equuleus
c-po closed T3000: Mismatch between "prefix-length" and "preference" in dhcp6-server syntax as Resolved.
Mon, Oct 19, 6:56 PM · VyOS 1.3 Equuleus
c-po renamed T2994: Migrate OpenVPN interfaces to get_config_dict() syntax from Migrate OpenVPN interfaces got get_config_dict() syntax to Migrate OpenVPN interfaces to get_config_dict() syntax.
Mon, Oct 19, 6:53 PM · VyOS 1.3 Equuleus
c-po added a comment to T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.

Unfortunately I can not reproduce this issue on my test system and also our smoketests (https://github.com/vyos/vyos-1x/blob/current/smoketest/scripts/cli/test_interfaces_openvpn.py) do not trigger the bug when run locally on the VyOS device by calling:

Mon, Oct 19, 6:52 PM · VyOS 1.3 Equuleus
c-po added a comment to T2997: Allow ignoring received DHCP options.

Do other vendors suppert highjacking/altering of DHCP options? I feel this kills the whole concept of DHCP.

Mon, Oct 19, 2:42 PM · VyOS 1.3 Equuleus
c-po added a comment to T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.

There have been some deletion errors yesterday - are you running the latest rolling release? They should have been fixed in there. If noe please provide me some CLI samples to reproduce the issue.

Mon, Oct 19, 10:39 AM · VyOS 1.3 Equuleus
c-po changed the status of T2995: Enhancements/bugfixes for vyos_dict_search() from Open to In progress.
Mon, Oct 19, 10:05 AM · VyOS 1.3 Equuleus
c-po updated the task description for T2995: Enhancements/bugfixes for vyos_dict_search().
Mon, Oct 19, 10:04 AM · VyOS 1.3 Equuleus
c-po created T2995: Enhancements/bugfixes for vyos_dict_search().
Mon, Oct 19, 10:01 AM · VyOS 1.3 Equuleus
c-po renamed T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit from command_set on interface is not applied, if interface doesn't come up in commit to OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.
Mon, Oct 19, 9:02 AM · VyOS 1.3 Equuleus
c-po closed T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit, a subtask of T1579: Rewrite all interface types in new XML/Python style, as Resolved.
Mon, Oct 19, 9:01 AM · VyOS 1.3 Equuleus
c-po closed T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit as Resolved.
Mon, Oct 19, 9:01 AM · VyOS 1.3 Equuleus

Sun, Oct 18

c-po updated the task description for T2994: Migrate OpenVPN interfaces to get_config_dict() syntax.
Sun, Oct 18, 6:00 PM · VyOS 1.3 Equuleus
c-po updated the task description for T2994: Migrate OpenVPN interfaces to get_config_dict() syntax.
Sun, Oct 18, 6:00 PM · VyOS 1.3 Equuleus
c-po changed the status of T2994: Migrate OpenVPN interfaces to get_config_dict() syntax from Open to In progress.
Sun, Oct 18, 4:38 PM · VyOS 1.3 Equuleus
c-po changed the status of T2994: Migrate OpenVPN interfaces to get_config_dict() syntax, a subtask of T2653: "set interfaces" Python handler code improvements - next iteration, from Open to In progress.
Sun, Oct 18, 4:38 PM · VyOS 1.3 Equuleus
c-po created T2994: Migrate OpenVPN interfaces to get_config_dict() syntax.
Sun, Oct 18, 4:38 PM · VyOS 1.3 Equuleus
c-po added a subtask for T1579: Rewrite all interface types in new XML/Python style: T2653: "set interfaces" Python handler code improvements - next iteration.
Sun, Oct 18, 4:37 PM · VyOS 1.3 Equuleus
c-po added a parent task for T2653: "set interfaces" Python handler code improvements - next iteration: T1579: Rewrite all interface types in new XML/Python style.
Sun, Oct 18, 4:37 PM · VyOS 1.3 Equuleus
c-po added a subtask for T1579: Rewrite all interface types in new XML/Python style: T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.
Sun, Oct 18, 4:37 PM · VyOS 1.3 Equuleus
c-po added a parent task for T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit: T1579: Rewrite all interface types in new XML/Python style.
Sun, Oct 18, 4:37 PM · VyOS 1.3 Equuleus
c-po changed the status of T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit from In progress to Needs testing.
Sun, Oct 18, 4:16 PM · VyOS 1.3 Equuleus
c-po added a comment to T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.

It seems that calling openvpn --mktun is what we need.

Sun, Oct 18, 4:03 PM · VyOS 1.3 Equuleus
c-po changed the status of T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit from Open to In progress.
Sun, Oct 18, 3:58 PM · VyOS 1.3 Equuleus
c-po updated the task description for T2992: Automatically verify sha256 checksum on ISO download.
Sun, Oct 18, 3:49 PM · VyOS 1.3 Equuleus
c-po updated the task description for T2992: Automatically verify sha256 checksum on ISO download.
Sun, Oct 18, 3:49 PM · VyOS 1.3 Equuleus
c-po updated the task description for T2992: Automatically verify sha256 checksum on ISO download.
Sun, Oct 18, 3:43 PM · VyOS 1.3 Equuleus
c-po closed T2985: Add glue code to create bridge interface on demand, a subtask of T2653: "set interfaces" Python handler code improvements - next iteration, as Resolved.
Sun, Oct 18, 1:30 PM · VyOS 1.3 Equuleus
c-po closed T2985: Add glue code to create bridge interface on demand as Resolved.
Sun, Oct 18, 1:30 PM · VyOS 1.3 Equuleus
c-po changed the status of T2992: Automatically verify sha256 checksum on ISO download from Open to In progress.
Sun, Oct 18, 12:53 PM · VyOS 1.3 Equuleus
c-po created T2992: Automatically verify sha256 checksum on ISO download.
Sun, Oct 18, 12:53 PM · VyOS 1.3 Equuleus
c-po added a comment to T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.

The root cause of this problem is that OpenVPN when the deamon is started and in tries to connect to the server, yet did not create the vtun11 interface on the system. Thus all calls to the ifconfig python library will fail big time.

Sun, Oct 18, 10:16 AM · VyOS 1.3 Equuleus
c-po closed T2907: OpenVPN: Option to disable encryption as Resolved.
Sun, Oct 18, 10:03 AM · openvpn, VyOS 1.3 Equuleus

Sat, Oct 17

c-po changed the status of T2985: Add glue code to create bridge interface on demand, a subtask of T2653: "set interfaces" Python handler code improvements - next iteration, from In progress to Needs testing.
Sat, Oct 17, 8:55 PM · VyOS 1.3 Equuleus
c-po changed the status of T2985: Add glue code to create bridge interface on demand from In progress to Needs testing.
Sat, Oct 17, 8:55 PM · VyOS 1.3 Equuleus
c-po closed T2980: FRR bfdd crash due to invalid length as Resolved.
Sat, Oct 17, 8:42 PM · VyOS 1.3 Equuleus
c-po closed T2990: Update Linux Kernel to v4.19.152 as Resolved.
Sat, Oct 17, 8:38 PM · VyOS 1.3 Equuleus
c-po changed the status of T2990: Update Linux Kernel to v4.19.152 from Open to In progress.
Sat, Oct 17, 8:35 PM · VyOS 1.3 Equuleus
c-po closed T2991: Update WireGuard to 1.0.20200908, a subtask of T2990: Update Linux Kernel to v4.19.152, as Resolved.
Sat, Oct 17, 8:34 PM · VyOS 1.3 Equuleus
c-po closed T2991: Update WireGuard to 1.0.20200908 as Resolved.
Sat, Oct 17, 8:34 PM · VyOS 1.3 Equuleus
c-po created T2991: Update WireGuard to 1.0.20200908.
Sat, Oct 17, 8:34 PM · VyOS 1.3 Equuleus
c-po created T2990: Update Linux Kernel to v4.19.152.
Sat, Oct 17, 8:34 PM · VyOS 1.3 Equuleus
c-po edited projects for T2792: Failed to run `sudo make qemu` with vyos-build container due to the change of packer, added: VyOS 1.3 Equuleus; removed vyos-build.
Sat, Oct 17, 11:45 AM · VyOS 1.3 Equuleus
c-po closed T2792: Failed to run `sudo make qemu` with vyos-build container due to the change of packer as Resolved.
Sat, Oct 17, 11:44 AM · VyOS 1.3 Equuleus
c-po closed T2986: Unable to build qemu as Invalid.
Sat, Oct 17, 11:37 AM · VyOS 1.3 Equuleus
c-po added a comment to T2986: Unable to build qemu.

This will break builds in out Docker environment where we ship a packer version. See T2792 and https://github.com/vyos/vyos-build/commit/e2dd9db8a2539b6d13c98d89e18872336cf8f974

Sat, Oct 17, 11:37 AM · VyOS 1.3 Equuleus
c-po changed Version from - to 1.3-rolling-202010081758 on T2985: Add glue code to create bridge interface on demand.
Sat, Oct 17, 10:01 AM · VyOS 1.3 Equuleus
c-po changed the status of T2985: Add glue code to create bridge interface on demand from Open to In progress.
Sat, Oct 17, 10:00 AM · VyOS 1.3 Equuleus
c-po changed the status of T2985: Add glue code to create bridge interface on demand, a subtask of T2653: "set interfaces" Python handler code improvements - next iteration, from Open to In progress.
Sat, Oct 17, 10:00 AM · VyOS 1.3 Equuleus
c-po created T2985: Add glue code to create bridge interface on demand.
Sat, Oct 17, 9:59 AM · VyOS 1.3 Equuleus

Fri, Oct 16

c-po added a comment to T752: Disable IPv4 forwarding on specific interface only.

That would be a workaround only - see IPv6 syntax above. Using the refactored interface handling (T2653) makes this a low-hanging fruit.

Fri, Oct 16, 8:43 PM · VyOS 1.3 Equuleus

Thu, Oct 15

c-po renamed T2980: FRR bfdd crash due to invalid length from FRR bfdd crash due to invlid length to FRR bfdd crash due to invalid length.
Thu, Oct 15, 8:16 PM · VyOS 1.3 Equuleus
trae32566 awarded T2980: FRR bfdd crash due to invalid length a Like token.
Thu, Oct 15, 4:51 PM · VyOS 1.3 Equuleus
c-po added a comment to T2980: FRR bfdd crash due to invalid length.

Also submitted PR for FRR 7.3 series https://github.com/FRRouting/frr/pull/7318

Thu, Oct 15, 3:23 PM · VyOS 1.3 Equuleus

Wed, Oct 14

c-po changed the status of T2980: FRR bfdd crash due to invalid length from Open to Needs testing.
Wed, Oct 14, 7:41 PM · VyOS 1.3 Equuleus
c-po created T2980: FRR bfdd crash due to invalid length.
Wed, Oct 14, 7:40 PM · VyOS 1.3 Equuleus
c-po added a comment to T2978: IPoE service does not work on shared mode..

Could you share also Client1 and Client2 configuration? Would be nice adding this lab setup to the docs

Wed, Oct 14, 2:31 PM · VyOS 1.3 Equuleus
c-po added a comment to T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.

Please share your OpenVPN config

Wed, Oct 14, 4:58 AM · VyOS 1.3 Equuleus
c-po changed the status of T2972: PPPoE server rate limiter allows max 65535 kbps to be set from In progress to Needs testing.
Wed, Oct 14, 4:56 AM · VyOS 1.2 Crux (VyOS 1.2.7), VyOS 1.3 Equuleus

Tue, Oct 13

c-po changed Why the issue appeared? from none to implementation-mistake on T2976: Client IP pool does not work for PPPoE local users.
Tue, Oct 13, 4:49 PM · VyOS 1.3 Equuleus
c-po closed T2976: Client IP pool does not work for PPPoE local users as Resolved.
Tue, Oct 13, 4:49 PM · VyOS 1.3 Equuleus

Sun, Oct 11

c-po closed T2974: Migrate tftp-server to get_config_dict(), a subtask of T692: TFTP server functionality, as Resolved.
Sun, Oct 11, 7:08 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)
c-po closed T2974: Migrate tftp-server to get_config_dict() as Resolved.
Sun, Oct 11, 7:08 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)
c-po created T2974: Migrate tftp-server to get_config_dict().
Sun, Oct 11, 7:08 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc1)
c-po moved T2891: Support to change ring-buffers from CLI from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.7) board.
Sun, Oct 11, 5:36 PM · Restricted Project, VyOS 1.2 Crux (VyOS 1.2.7), VyOS 1.3 Equuleus
c-po moved T2878: LACP / bonding: new op-mode command: show interfaces bonding bond0 detail from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.7) board.
Sun, Oct 11, 5:36 PM · VyOS 1.2 Crux (VyOS 1.2.7), VyOS 1.3 Equuleus
c-po moved T2959: PPPoE server has migrations scripts but the config version is not incrememnted from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.7) board.
Sun, Oct 11, 5:36 PM · VyOS 1.2 Crux (VyOS 1.2.7)
c-po moved T2973: tftp-server can not listen on IPv6 address from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.7) board.
Sun, Oct 11, 5:36 PM · VyOS 1.3 Equuleus, VyOS 1.2 Crux (VyOS 1.2.7)
c-po closed T2973: tftp-server can not listen on IPv6 address as Resolved.
Sun, Oct 11, 5:36 PM · VyOS 1.3 Equuleus, VyOS 1.2 Crux (VyOS 1.2.7)
c-po created T2973: tftp-server can not listen on IPv6 address.
Sun, Oct 11, 5:33 PM · VyOS 1.3 Equuleus, VyOS 1.2 Crux (VyOS 1.2.7)
c-po added a comment to T2972: PPPoE server rate limiter allows max 65535 kbps to be set.

@Dmitry is this a limitation of Accel-PPP or can we increase the limits on the CLI?

Sun, Oct 11, 4:30 PM · VyOS 1.2 Crux (VyOS 1.2.7), VyOS 1.3 Equuleus
c-po renamed T2972: PPPoE server rate limiter allows max 65535 kbps to be set from Rate limiter of PPPoE session allows max 65535 kbps to be set to PPPoE server rate limiter allows max 65535 kbps to be set.
Sun, Oct 11, 4:29 PM · VyOS 1.2 Crux (VyOS 1.2.7), VyOS 1.3 Equuleus
c-po added a comment to T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.

I can feel that pain! When looking at the source from VyOS 1.2 (crux) it looks like it always behaved in this way.

Sun, Oct 11, 4:27 PM · VyOS 1.3 Equuleus

Sat, Oct 10

c-po added a comment to T2951: monitor nat not working.

@christophedc0 Have you enabled NAT rule logging?

Sat, Oct 10, 6:30 PM · VyOS 1.3 Equuleus

Fri, Oct 9

c-po added a comment to T2968: Add support for Intel Atom C2000 series QAT.
cpo@LR4.wue3# lsmod | grep qat
qat_200xx              20480  0
intel_qat             299008  2 usdm_drv,qat_200xx
dh_generic             16384  1 intel_qat
uio                    20480  1 intel_qat
authenc                16384  1 intel_qat
Fri, Oct 9, 5:10 PM · VyOS 1.3 Equuleus
c-po renamed T2968: Add support for Intel Atom C2000 series QAT from Ssupport qat_200xx to Add support for Intel Atom C2000 series QAT.
Fri, Oct 9, 5:08 PM · VyOS 1.3 Equuleus

Mon, Oct 5

c-po closed T2963: Wireless: WIFI is not password protected when security wpa mode is not defined but passphrase is as Resolved.
Mon, Oct 5, 6:24 PM · VyOS 1.3 Equuleus
c-po updated the task description for T2963: Wireless: WIFI is not password protected when security wpa mode is not defined but passphrase is.
Mon, Oct 5, 6:20 PM · VyOS 1.3 Equuleus
c-po updated the task description for T2963: Wireless: WIFI is not password protected when security wpa mode is not defined but passphrase is.
Mon, Oct 5, 6:17 PM · VyOS 1.3 Equuleus
c-po changed the status of T2963: Wireless: WIFI is not password protected when security wpa mode is not defined but passphrase is from Open to Confirmed.
Mon, Oct 5, 6:14 PM · VyOS 1.3 Equuleus
c-po created T2963: Wireless: WIFI is not password protected when security wpa mode is not defined but passphrase is.
Mon, Oct 5, 6:13 PM · VyOS 1.3 Equuleus
c-po closed T2962: Drop DHCPv6 NIS/NIS+ support as Invalid.
Mon, Oct 5, 5:22 PM · VyOS 1.3 Equuleus
c-po added a comment to T2962: Drop DHCPv6 NIS/NIS+ support.

Okay 2017 is like yesterday in NIS history so we then should keep it!

Mon, Oct 5, 5:22 PM · VyOS 1.3 Equuleus
c-po added a comment to T2961: Support "stateless" DHCP-v6 (information-request) clients.

Any rolling newer then vyos-1.3-rolling-202010050117-amd64.iso will have this included.

Mon, Oct 5, 5:21 PM
c-po added a comment to T2961: Support "stateless" DHCP-v6 (information-request) clients.

I did a minor improvement and reused the fqdn validator in our system. In addition I refactored the domain-search into an includable snippet - so changing grammar, validators can be done in one single file.

Mon, Oct 5, 5:19 PM
c-po created T2962: Drop DHCPv6 NIS/NIS+ support.
Mon, Oct 5, 5:14 PM · VyOS 1.3 Equuleus
c-po added a comment to T2951: monitor nat not working.

@christophedc0 please check out any rolling release which is newer then vyos-1.3-rolling-202010050117-amd64.iso as I have found two bugs in the implementation (one for source nat logging) and the other for the warning you have posted.

Mon, Oct 5, 4:45 PM · VyOS 1.3 Equuleus
c-po changed the status of T2951: monitor nat not working from Open to Needs testing.
Mon, Oct 5, 4:43 PM · VyOS 1.3 Equuleus

Sun, Oct 4

c-po added a comment to T2951: monitor nat not working.

This was infact only a warning - but for whatever reason nftables is not logging to kernel log :/

Sun, Oct 4, 6:32 PM · VyOS 1.3 Equuleus
c-po claimed T2951: monitor nat not working.
Sun, Oct 4, 6:32 PM · VyOS 1.3 Equuleus