snaplen (-L) [GLOBAL, NO_NFACCTD] Desc specifies the maximum number of bytes to capture for each packet. This directive has key importance when enabling both classification and connection tracking engines. In fact, some protocols (mostly text-based eg.: RTSP, SIP, etc.) benefit of extra bytes because they give more chances to successfully track data streams spawned by control channel. But it must be also noted that capturing larger packet portion require more resources. The right value need to be traded-off. In case classification is enabled, values under 200 bytes are often meaningless. 500-750 bytes are enough even for text based protocols. Default snaplen values are ok if classification is disabled. For uacctd daemon, this option doesn't apply to packet snapshot length but rather to the Netlink socket read buffer size. This should be reasonably large - at least 4KB, which is the default value. For large uacctd_nl_size values snaplen could be further increased.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed Advanced Search
Advanced Search
Advanced Search
Sep 1 2018
Sep 1 2018
It just died with this log:
You could also alter the file /etc/default/uacctd and add -d into DAEMON_OPTS and restart flow-acounting
c-po edited projects for T771: SNMP: reduce logging noise, added: VyOS 1.2 Crux (VyOS 1.2.0-rc1); removed VyOS 1.2 Crux.
Starting with this daemon config reduces the logging entries dramatically:
@panachoi maybe this upgrade helps
Aug 31 2018
Aug 31 2018
c-po moved T815: Add DHCPv6 server prefix-delegation support from Need Triage to Backlog on the VyOS 1.2 Crux board.
c-po closed T812: DHCPv6 static mapping breaks DHCP service, a subtask of T811: Rewrite 'service dhcpv6-server' in new XML style format, as Resolved.
fixed in XML/python rewrite
c-po moved T811: Rewrite 'service dhcpv6-server' in new XML style format from In Progress to Finished on the VyOS 1.2 Crux board.
Aug 29 2018
Aug 29 2018
c-po added a comment to T733: Regression: Python snmp configuration parser doesn't set 'community6' SNMP fields.
This produces
c-po added a parent task for T812: DHCPv6 static mapping breaks DHCP service: T811: Rewrite 'service dhcpv6-server' in new XML style format.
Aug 28 2018
Aug 28 2018
c-po moved T811: Rewrite 'service dhcpv6-server' in new XML style format from Need Triage to In Progress on the VyOS 1.2 Crux board.
c-po closed T782: Cleanup dhcp-server configuration, a subtask of T778: Rewrite 'service dhcp-server' in new XML style format, as Resolved.
c-po closed T806: Update Wiki for new 1.2.0 DHCP syntax changes, a subtask of T782: Cleanup dhcp-server configuration, as Resolved.
@Maltahl can you share your hub/spoke configuration? This helps us to reproduce your issue.
Aug 27 2018
Aug 27 2018
c-po edited projects for T806: Update Wiki for new 1.2.0 DHCP syntax changes, added: VyOS 1.2 Crux; removed VyOS 1.2 Crux (VyOS 1.2.0-rc1).
c-po edited projects for T801: vyos-1x config parser does not support reading string with spaces, added: VyOS 1.2 Crux (VyOS 1.2.0-rc1); removed VyOS 1.2 Crux.
c-po edited projects for T782: Cleanup dhcp-server configuration, added: VyOS 1.2 Crux (VyOS 1.2.0-rc1); removed VyOS 1.2 Crux.
c-po edited projects for T778: Rewrite 'service dhcp-server' in new XML style format, added: VyOS 1.2 Crux (VyOS 1.2.0-rc1); removed VyOS 1.2 Crux.
c-po moved T778: Rewrite 'service dhcp-server' in new XML style format from In Progress to Finished on the VyOS 1.2 Crux board.
c-po moved T782: Cleanup dhcp-server configuration from In Progress to Finished on the VyOS 1.2 Crux board.
As stated on IRC I'm fine with the support removal as one can always upgrade through VyOS 1.1.x.
c-po added a parent task for T804: snmp error and no firewall log: T771: SNMP: reduce logging noise.
c-po moved T801: vyos-1x config parser does not support reading string with spaces from Need Triage to Finished on the VyOS 1.2 Crux board.
Aug 26 2018
Aug 26 2018
c-po closed T792: Update VyOS Kernel 4.14 -> 4.18 and iproute2, a subtask of T566: Enhanced Networking on Linux for AWS, as Resolved.
c-po closed T792: Update VyOS Kernel 4.14 -> 4.18 and iproute2, a subtask of T725: Cake and FQ-PIE, as Resolved.
Is there still time for a small CLI change?
c-po edited projects for T558: Configurable Negative TTL caching in forwarder, added: VyOS 1.2 Crux (VyOS 1.2.0-rc1); removed VyOS 1.2 Crux.
c-po edited projects for T692: TFTP server functionality, added: VyOS 1.2 Crux (VyOS 1.2.0-rc1); removed VyOS 1.2 Crux.
cpo@LR1# show service tftp-server
Possible completions:
allow-upload Allow TFTP file uploads
directory Folder containing files served by TFTP [REQUIRED]
+ listen-address
Addresses for TFTP server to listen [REQUIRED]
port Port for TFTP servicec-po moved T692: TFTP server functionality from Need Triage to In Progress on the VyOS 1.2 Crux board.
Aug 24 2018
Aug 24 2018
c-po moved T794: openvpn configuration - not important, just for beauty :) from Need Triage to In Progress on the VyOS 1.2 Crux board.
Simply fixing the node.def for remote-port and local-port will break existing configuration as also the Perl script requires changes for this to work.
Working perfectly with VyOS acting as DMVPN HUB.
Nope, It was an offer to test a pre-build image ;).
Aug 23 2018
Aug 23 2018
c-po moved T792: Update VyOS Kernel 4.14 -> 4.18 and iproute2 from Need Triage to In Progress on the VyOS 1.2 Crux board.
c-po added a subtask for T566: Enhanced Networking on Linux for AWS: T792: Update VyOS Kernel 4.14 -> 4.18 and iproute2.
c-po added a parent task for T792: Update VyOS Kernel 4.14 -> 4.18 and iproute2: T566: Enhanced Networking on Linux for AWS.
This is part of T792
c-po changed the status of T792: Update VyOS Kernel 4.14 -> 4.18 and iproute2 from Open to In progress.
c-po changed the status of T792: Update VyOS Kernel 4.14 -> 4.18 and iproute2, a subtask of T725: Cake and FQ-PIE, from Open to In progress.
If there is an official unofficial port, ad wg distinguishes if its running in server or client mode, why not use something like:
Aug 22 2018
Aug 22 2018
I agree with syncer and runar.
When cisco_unity plugin is disabled globally, can Cisco DMVPN clients still connect?
Aug 21 2018
Aug 21 2018
- set service dhcp-server shared-network-name <xyz> authoritative enable should be changed to be only set service dhcp-server shared-network-name <xyz> authoritative
- set service dhcp-server dynamic-dns-update enable true|false should be changed to be only set service dhcp-server dynamic-dns-update
- set service dhcp-server hostfile-update enable|disable should be changed to be only set service dhcp-server hostfile-update
Aug 20 2018
Aug 20 2018
@Lochnair see branches at:
It stops here, too. Why? I have no idea, yet
Upgrading to 4.18 should not take more then two hours incl. Iproute2 for me. Should we give it a try? Then I prepare an ISO
Aug 19 2018
Aug 19 2018
Thx for the info. Yeah it's a per person choice if in-tree is preferred over out-of-tree.
Is this stuff upstream? If so, we could also upgrade to 4.18, the save the backporting trouble?
c-po renamed T774: Wireguard: Write wiki documentation from write wiki documentation to Wireguard: Write wiki documentation.
Aug 18 2018
Aug 18 2018
If we'd use
range {
start 172.16.0.1
stop 172.16.0.250
}this would be transparent for IPv4 and IPv6
c-po moved T782: Cleanup dhcp-server configuration from Need Triage to In Progress on the VyOS 1.2 Crux board.
Aug 17 2018
Aug 17 2018
Aug 15 2018
Aug 15 2018
c-po moved T419: Support setting dstport for VXLAN interfaces from In Progress to Backlog on the VyOS 1.2 Crux board.
c-po moved T778: Rewrite 'service dhcp-server' in new XML style format from Need Triage to In Progress on the VyOS 1.2 Crux board.
c-po changed the status of T778: Rewrite 'service dhcp-server' in new XML style format from Open to In progress.