@LBegnaud if I read the source correct the command set vpn ipsec options disable-route-autoinstall is what you are looking for, it was implemented in T71.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Sep 17 2019
Sep 16 2019
Sep 15 2019
This could be used as base for testing:
No feedback received, considering this as resolved. please reopen if issue reappears.
Sep 13 2019
Please test again with the rolling release from 2019-09-14. Thanks for reporting the issue.
Sep 12 2019
Sep 10 2019
Why can I not delete the default key? If I wan‘t to drop WireGuard on a device I also wan’t to remove that key.
Sep 7 2019
Sep 6 2019
OpenVPN now runs as user openvpn with the above helper script. Please also test this new implementation, it will be in the rolling ISO which is building right now.
Persistent tunnel is a configuration option set interfaces openvpn vtun10 persistent-tunnel
Sep 5 2019
Huh? Which perl script?
As the bonding interface has been completely rewritten this should not be an issue as I do not touch underlaying interface MAC addresses
Why not specify the keys or the key file location via CLI like other VPN implementations do it?
Sep 4 2019
You could use quoting like mentioned in T1129.
Rewrite was tested using:
I like the openvpn:openvpn ownership idea
The documentation is also correct. Please not that there are two git branches for the documentation, current and equuleus. You send me the VyOS 1.2.2 crux link. I gave you the upcoming VyOS 1.2 equuleus link.
This is actually a duplicate of T1617.
The bahavior has changed, see https://vyos.readthedocs.io/en/equuleus/interfaces/bridging.html and T1556
1.3 rolling is not recommended for users - its pre-alpha.
@jdevincentis is this a custom build? Using VyOS 1.2-rolling-201909040337 I can not reproduce the issue with:
Sep 3 2019
The config generator would need to be adopted https://github.com/vyos/vyos-1x/blob/current/src/conf_mode/interface-openvpn.py and the wrapper script added. I have no time before tomorrow, sorry
Please test with latest rolling and not a custom build.
When the site looses connection and thus a SIGUSR21 is sent to OpenVPN to restart internally the priviledges have dropped and yes, /sbin/ip can't be called again.
Sep 2 2019
Should be fixed in next rolling release by: https://github.com/vyos/vyatta-cfg/commit/710728ee8eb6def82f9a142468960f6985dcf4e8
Sep 1 2019
@hagbard not a problem. Looks like we now go the "our own lib" way as pyroute2 has some flaws. DHCP is already fix and I continue improve the script and remove redundant code before it will be extended to support VLAN/bonding.
Aug 31 2019
DHCP + DHCPv6 working now in bridge interface.
Aug 29 2019
This is "as intended" b/c ping is an op-mode command.
Aug 28 2019
@hagbard during some tests with the bridge interface (https://github.com/vyos/vyos-1x/commit/71f7a947539963112c61fef2a5f278d524d71198) I noticed the following:
Pyroute2 states:
One of the major issues with IPDB is its memory footprint. It proved not to be suitable for environments with thousands of routes or neighbours. Being a design issue, it could not be fixed, so a new module was started, NDB, that aims to replace IPDB. IPDB is still more feature rich, but NDB is already more fast and stable.
Aug 27 2019
backported to crux