@Viacheslav if we set acct-port=0 it should to disable accounting.
[radius] server=x.x.x.x,secret,auth-port=1812,acct-port=0
Feed Advanced Search
Nov 2 2020
Nov 2 2020
Unknown Object (User) updated the task description for T3038: Supporting AZERTY keyboards .
Unknown Object (User) changed the status of T3038: Supporting AZERTY keyboards from Open to In progress.
Unknown Object (User) created T3038: Supporting AZERTY keyboards .
Oct 28 2020
Oct 28 2020
Unknown Object (User) closed T2631: l2tp, sstp, pptp add option to disable radius accounting as Resolved.
Oct 22 2020
Oct 22 2020
Oct 21 2020
Oct 21 2020
Unknown Object (User) added a comment to T2631: l2tp, sstp, pptp add option to disable radius accounting.
Oct 20 2020
Oct 20 2020
Unknown Object (User) changed the status of T2984: (igb, ixgbe) HW queues applied only for the first 2 interfaces from Needs testing to Backport candidate.
Oct 19 2020
Oct 19 2020
Unknown Object (User) changed the status of T2883: op-mode reset vpn command shows wrong completion from Open to In progress.
It looks like this works, but when we don't have any connected user, it listed the current directory file
vyos@RTR1:~$ touch 1.txt vyos@RTR1:~$ reset vpn remote-access user <tab> Possible completions: 1.txt Terminate specified user's current remote access VPN session(s)
After a user connected, all works properly
vyos@RTR1:~$ reset vpn remote-access user <tab> Possible completions: test1 Terminate specified user's current remote access VPN session(s)
Unknown Object (User) created T2996: Checking digital signature failed on downgrade from rolling to stable..
Oct 17 2020
Oct 17 2020
Unknown Object (User) changed the status of T2984: (igb, ixgbe) HW queues applied only for the first 2 interfaces from In progress to Needs testing.
Unknown Object (User) changed the status of T2984: (igb, ixgbe) HW queues applied only for the first 2 interfaces from Open to In progress.
Unknown Object (User) created T2984: (igb, ixgbe) HW queues applied only for the first 2 interfaces .
Oct 16 2020
Oct 16 2020
Unknown Object (User) changed the status of T2978: IPoE service does not work on shared mode from Confirmed to Needs testing.
Unknown Object (User) created T2983: Add support to DHCP server include an extended config.
Oct 15 2020
Oct 15 2020
Unknown Object (User) added a comment to T2978: IPoE service does not work on shared mode.
Yes, both clients configured as DHCP clients.
Client 1 - eth0 - 50:00:00:06:00:00
Client 2 - eth0 - 50:00:00:07:00:00
Oct 14 2020
Oct 14 2020
Unknown Object (User) changed the status of T2978: IPoE service does not work on shared mode from Open to Confirmed.
Unknown Object (User) created T2978: IPoE service does not work on shared mode.
Unknown Object (User) closed T2972: PPPoE server rate limiter allows max 65535 kbps to be set as Resolved.
Oct 13 2020
Oct 13 2020
Unknown Object (User) added a comment to T2972: PPPoE server rate limiter allows max 65535 kbps to be set.
PR for CRUX https://github.com/vyos/vyos-1x/pull/568
Unknown Object (User) changed the status of T2972: PPPoE server rate limiter allows max 65535 kbps to be set from Open to In progress.
Unknown Object (User) changed the status of T2976: Client IP pool does not work for PPPoE local users from Open to In progress.
Unknown Object (User) added a comment to T2972: PPPoE server rate limiter allows max 65535 kbps to be set.
PR with increasing validator values https://github.com/vyos/vyos-1x/pull/566
Unknown Object (User) created T2976: Client IP pool does not work for PPPoE local users.
Oct 11 2020
Oct 11 2020
Unknown Object (User) added a comment to T2972: PPPoE server rate limiter allows max 65535 kbps to be set.
@c-po , it looks like the wrong CLI definition, we can increase the limit in XML.
Oct 8 2020
Oct 8 2020
Oct 7 2020
Oct 7 2020
Unknown Object (User) created T2968: Add support for Intel Atom C2000 series QAT.
Oct 2 2020
Oct 2 2020
Unknown Object (User) added a comment to T2954: Use kernel mode L2TP in xl2tpd.
Note: New xl2tpd package does not work with the followings params in options.xl2tpd
crtscts lock
Unknown Object (User) created T2954: Use kernel mode L2TP in xl2tpd.
Sep 30 2020
Sep 30 2020
Unknown Object (User) added a project to T2891: Support to change ring-buffers from CLI: Ready for Crux (1.2.x).
Unknown Object (User) changed the status of T2932: The second QAT device does not start from Open to In progress.
PR https://github.com/vyos/vyos-build/pull/127
Also will be good cherrypick this to crux.
Sep 30 2020, 7:35 AM · Restricted Project
Sep 29 2020
Sep 29 2020
Unknown Object (User) closed T2918: Accounting interim jitter for pppoe, l2tp, pptp, ipoe as Resolved.
Works properly, tested on 1.3-rolling-202009290117.
One remark, jitter will be applied for all accounting packet except the first packet. The first packet is a flag that the session is started.
Works properly on VyOS 1.3-rolling-202009290117.
When command set service pppoe-server authentication radius preallocate-vif committed, pppoe-server send the next attributes in Access-Request packet on a client authorization:
NAS-Port = 0 NAS-Port-Id = "ppp0" NAS-Port-Type = Virtual
Successfully tested on 1.3-rolling-202009290117
set service pppoe-server authentication radius called-sid-format 'ifname:mac'
Radius recived Called-Station-Id = "eth1:50:00:00:05:00:01"
set service pppoe-server authentication radius called-sid-format 'ifname'
Radius recived Called-Station-Id = "eth1"
By default radius recive Called-Station-Id = "50:00:00:05:00:01"
Unknown Object (User) created T2934: proxy-arp-pvlan on VRRP interface.
Sep 28 2020
Sep 28 2020
Unknown Object (User) created T2932: The second QAT device does not start.
Unknown Object (User) changed the status of T2919: PPPoE server: Called-Station-Id attribute from In progress to Needs testing.
Unknown Object (User) changed the status of T2919: PPPoE server: Called-Station-Id attribute from Open to In progress.
Sep 24 2020
Sep 24 2020
Unknown Object (User) updated the task description for T2920: Commit crash when adding the second mGRE tunnel with the same key.
Unknown Object (User) created T2920: Commit crash when adding the second mGRE tunnel with the same key.
Sep 23 2020
Sep 23 2020
Unknown Object (User) created T2919: PPPoE server: Called-Station-Id attribute.
Unknown Object (User) created T2918: Accounting interim jitter for pppoe, l2tp, pptp, ipoe.
Unknown Object (User) created T2917: PPPoE server: Preallocate NAS-Port-Id.
Sep 18 2020
Sep 18 2020
Unknown Object (User) added a parent task for T1251: IKEv2 Agile VPN Support: T2816: Rewrite IPsec scripts with the new XML/Python approach.
Unknown Object (User) added a subtask for T2816: Rewrite IPsec scripts with the new XML/Python approach: T1251: IKEv2 Agile VPN Support.
Unknown Object (User) closed T945: Unable to change configuration after changing it from script (vbash + script-template) as Resolved.
Marked as resolved
Sep 17 2020
Sep 17 2020
Unknown Object (User) changed the status of T2891: Support to change ring-buffers from CLI from Open to Needs testing.
Thanks, let's merge it only after 1.2.6 release
Unknown Object (User) added a comment to T2891: Support to change ring-buffers from CLI.
Can we add this implementation for crux in the old style?
https://github.com/DmitriyEshenko/vyatta-cfg-system/commit/0adc41a62b6d532da7c4b47cb5da920d1ed39664
Unknown Object (User) added a project to T2891: Support to change ring-buffers from CLI: VyOS 1.2 Crux (VyOS 1.2.7).
Sep 16 2020
Sep 16 2020
Unknown Object (User) claimed T2891: Support to change ring-buffers from CLI.
Unknown Object (User) created T2891: Support to change ring-buffers from CLI.
Sep 14 2020
Sep 14 2020
Unknown Object (User) created T2883: op-mode reset vpn command shows wrong completion.
Sep 11 2020
Sep 11 2020
Unknown Object (User) added a comment to T2868: Tcp-mss option in policy calls kernel-panic.
@c-po , the same behavior even with kernel 5.8.8
vyos@R1:~$ uname -a Linux R1 5.8.8-amd64-vyos #1 SMP Thu Sep 10 08:58:42 UTC 2020 x86_64 GNU/Linux
Sep 9 2020
Sep 9 2020
Unknown Object (User) added a comment to T2868: Tcp-mss option in policy calls kernel-panic.
How about migrating this iptables rule from mangle to filter?
Unknown Object (User) added a comment to T2036: Open Connect VPN Server () support.
New PR for fixing it https://github.com/vyos/vyos-1x/pull/541
Unknown Object (User) reopened T2036: Open Connect VPN Server () support as "In progress".
As discussed in the maintainer's slack channel will be good to replace CLI commands from set vpn anyconnect to set vpn openconnect. But in our docs we should use anyconnect-compatible server.
Sep 8 2020
Sep 8 2020
Unknown Object (User) changed the status of T2810: Docs for vpn anyconnect-server, a subtask of T2036: Open Connect VPN Server () support, from Open to In progress.
Unknown Object (User) changed the status of T2810: Docs for vpn anyconnect-server from Open to In progress.
Unknown Object (User) added a comment to T2810: Docs for vpn anyconnect-server.
PR from @ronie https://github.com/vyos/vyos-documentation/pull/317
Sep 7 2020
Sep 7 2020
Unknown Object (User) added a comment to T2853: Intel QAT acceleration does not work.
Intel QAT works for CRUX brunch. As for rolling with the newest kernel 5.8.5, it seems some issues on the modules building stage.
Sep 6 2020
Sep 6 2020
Unknown Object (User) added a comment to T2853: Intel QAT acceleration does not work.
From official docs
Unknown Object (User) added a comment to T2853: Intel QAT acceleration does not work.
@c-po I build qat manually but add --enable-qat-lkcf to https://github.com/vyos/vyos-build/blob/crux/packages/linux-kernel/build-intel-qat.sh#L55 and it seems it works
vyos@R2-QAT:~$ show system acceleration qat device qat_dev0 flows +------------------------------------------------+ | FW Statistics for Qat Device | +------------------------------------------------+ | Firmware Requests [AE 0]: 147225 | | Firmware Responses[AE 0]: 147225 | +------------------------------------------------+ | Firmware Requests [AE 1]: 113758 | | Firmware Responses[AE 1]: 113758 | +------------------------------------------------+ | Firmware Requests [AE 2]: 144886 | | Firmware Responses[AE 2]: 144886 | +------------------------------------------------+ | Firmware Requests [AE 3]: 147221 | | Firmware Responses[AE 3]: 147221 | +------------------------------------------------+ | Firmware Requests [AE 4]: 113774 | | Firmware Responses[AE 4]: 113774 | +------------------------------------------------+ | Firmware Requests [AE 5]: 144891 | | Firmware Responses[AE 5]: 144891 | +------------------------------------------------+
Tested on 1.3-rolling-202009060846
Unknown Object (User) changed the status of T2860: Update Accel-PPP to fix l2tp CVE from Open to Needs testing.
Unknown Object (User) created T2860: Update Accel-PPP to fix l2tp CVE.
Sep 3 2020
Sep 3 2020
Unknown Object (User) added a project to T2853: Intel QAT acceleration does not work: VyOS 1.2 Crux (VyOS 1.2.6).
Sep 2 2020
Sep 2 2020
Unknown Object (User) created T2853: Intel QAT acceleration does not work.
Sep 1 2020
Sep 1 2020
Unknown Object (User) added a comment to T291: support for Predictable Network Interface Names.
@maznu but it seems really odd behavior, I mean message settled in 121 sec. failed!
121 sec - equal to 121 interfaces when the router is first booted. But if in config already present hw-id, it should be faster then 0 sec.
Will be interesting to reproduce this in our lab. Also will be helpful if you provide sudo dmesg output.
Aug 31 2020
Aug 31 2020
Unknown Object (User) added a comment to T2820: BGP crash in if_destroy_via_zapi.
Hello @marekm, I think [ppp]unit-cache=n might help in this case, but the main issue in FRR. Do you want a package for the test with these improvements?
unit-cache=n By default is disabled: unit-cache=0
Aug 30 2020
Aug 30 2020
Unknown Object (User) added a comment to T291: support for Predictable Network Interface Names.
I tested this in LAB and it seems works properly. Changing interface name for eth1 and eth2
vyos@vyos# delete interfaces ethernet eth1 hw-id [edit] vyos@vyos# delete interfaces ethernet eth2 hw-id [edit] vyos@vyos# set interfaces ethernet eth1 hw-id 50:01:00:02:00:02 [edit] vyos@vyos# set interfaces ethernet eth2 hw-id 50:01:00:02:00:01 [edit] vyos@vyos# commit [edit] vyos@vyos# save Saving configuration to '/config/config.boot'... Done [edit] vyos@vyos# run reboot now
After reboot
vyos@vyos:~$ sudo ethtool -P eth1 Permanent address: 50:01:00:02:00:02 vyos@vyos:~$ sudo ethtool -P eth2 Permanent address: 50:01:00:02:00:01
@maznu , can you provide next:
show configuration commands | match hw-id sudo cat /run/udev/log/vyatta-net-name.coldplug
Aug 26 2020
Aug 26 2020
Unknown Object (User) removed a project from T2333: Increase default sysctl values: VyOS 1.2 Crux (VyOS 1.2.6).
Aug 23 2020
Aug 23 2020
Unknown Object (User) closed T2812: Add basic smoketest for anyconnect, a subtask of T2036: Open Connect VPN Server () support, as Resolved.
Jenkins output build ID 1015
16:14:06 DEBUG - Running Testcase: /usr/libexec/vyos/tests/smoke/cli/test_vpn_anyconnect.py 16:14:18 DEBUG - . 16:14:18 DEBUG - ---------------------------------------------------------------------- 16:14:18 DEBUG - Ran 1 test in 11.085s 16:14:18 DEBUG - 16:14:18 DEBUG - OK
Works properly, tested on 1.3-rolling-202008231246
Unknown Object (User) created T2823: VXLAN has state A/D after configuration.
Unknown Object (User) reassigned T2810: Docs for vpn anyconnect-server from Unknown Object (User) to Unknown Object (User).
Aug 20 2020
Aug 20 2020
Unknown Object (User) created T2818: Add the possibility to passthrough LLDP, LACP, etc..
Aug 19 2020
Aug 19 2020
Unknown Object (User) changed the status of T2812: Add basic smoketest for anyconnect, a subtask of T2036: Open Connect VPN Server () support, from Open to In progress.
Unknown Object (User) changed the status of T2812: Add basic smoketest for anyconnect from Open to In progress.
Unknown Object (User) changed the status of T2811: Cannot delete vpn anyconnect from Open to In progress.
Unknown Object (User) created T2811: Cannot delete vpn anyconnect.
Unknown Object (User) added a comment to T2809: An issue with config migration (system ntp server).
This happens only when in config before migration exists nodes system 'ntp' without other params.
Works as expected on VyOS 1.3-rolling-202008190118
Aug 18 2020
Aug 18 2020
Unknown Object (User) changed the status of T2036: Open Connect VPN Server () support from Open to Needs testing.
Unknown Object (User) created T2809: An issue with config migration (system ntp server).
Unknown Object (User) claimed T2036: Open Connect VPN Server () support.
Aug 14 2020
Aug 14 2020
Successfully tested on VyOS 1.2.6-epa1
Aug 13 2020
Aug 13 2020
Unknown Object (User) changed the status of T125: Missing PPPoE interfaces in l2tp configuration from In progress to Needs testing.
Unknown Object (User) changed the status of T125: Missing PPPoE interfaces in l2tp configuration from Open to In progress.
Unknown Object (User) added a comment to T125: Missing PPPoE interfaces in l2tp configuration.
Hi @dongjunbo , could you try the package for 1.2.5 with fixing this issue?
Aug 12 2020
Aug 12 2020
Unknown Object (User) reassigned T366: SNMP Query for BGP Tunnels Returns IPv4 Tunnels Only from Unknown Object (User) to Unknown Object (User).
Aug 3 2020
Aug 3 2020
Unknown Object (User) added a comment to T2333: Increase default sysctl values.
The main idea to add some automation logic for calculation:
vyos@vyos# set system sysctl profile Possible completions: <text> Sysctl profile Profile1 Profile2 auto
Unknown Object (User) added a comment to T2659: Add fastnetmon (DDoS detection) support.
Hi @jack9603301 , in normal condition all scripts and files should be migrated from /config/ directory on the migration process.
Unknown Object (User) closed T2517: vyos-container: link_filter: No such file or directory as Resolved.
Jul 30 2020
Jul 30 2020
Unknown Object (User) claimed T2333: Increase default sysctl values.
Unknown Object (User) created T2744: igmp-proxy issue: Address already in use.