@Viacheslav if we set acct-port=0 it should to disable accounting.
[radius] server=x.x.x.x,secret,auth-port=1812,acct-port=0
@Viacheslav if we set acct-port=0 it should to disable accounting.
[radius] server=x.x.x.x,secret,auth-port=1812,acct-port=0
It looks like this works, but when we don't have any connected user, it listed the current directory file
vyos@RTR1:~$ touch 1.txt vyos@RTR1:~$ reset vpn remote-access user <tab> Possible completions: 1.txt Terminate specified user's current remote access VPN session(s)
After a user connected, all works properly
vyos@RTR1:~$ reset vpn remote-access user <tab> Possible completions: test1 Terminate specified user's current remote access VPN session(s)
Yes, both clients configured as DHCP clients.
Client 1 - eth0 - 50:00:00:06:00:00
Client 2 - eth0 - 50:00:00:07:00:00
PR for CRUX https://github.com/vyos/vyos-1x/pull/568
PR with increasing validator values https://github.com/vyos/vyos-1x/pull/566
@c-po , it looks like the wrong CLI definition, we can increase the limit in XML.
Note: New xl2tpd package does not work with the followings params in options.xl2tpd
crtscts lock
PR https://github.com/vyos/vyos-build/pull/127
Also will be good cherrypick this to crux.
Works properly, tested on 1.3-rolling-202009290117.
One remark, jitter will be applied for all accounting packet except the first packet. The first packet is a flag that the session is started.
Works properly on VyOS 1.3-rolling-202009290117.
When command set service pppoe-server authentication radius preallocate-vif committed, pppoe-server send the next attributes in Access-Request packet on a client authorization:
NAS-Port = 0 NAS-Port-Id = "ppp0" NAS-Port-Type = Virtual
Successfully tested on 1.3-rolling-202009290117
set service pppoe-server authentication radius called-sid-format 'ifname:mac'
Radius recived Called-Station-Id = "eth1:50:00:00:05:00:01"
set service pppoe-server authentication radius called-sid-format 'ifname'
Radius recived Called-Station-Id = "eth1"
By default radius recive Called-Station-Id = "50:00:00:05:00:01"
Marked as resolved
Thanks, let's merge it only after 1.2.6 release
Can we add this implementation for crux in the old style?
https://github.com/DmitriyEshenko/vyatta-cfg-system/commit/0adc41a62b6d532da7c4b47cb5da920d1ed39664
@c-po , the same behavior even with kernel 5.8.8
vyos@R1:~$ uname -a Linux R1 5.8.8-amd64-vyos #1 SMP Thu Sep 10 08:58:42 UTC 2020 x86_64 GNU/Linux
How about migrating this iptables rule from mangle to filter?
New PR for fixing it https://github.com/vyos/vyos-1x/pull/541
As discussed in the maintainer's slack channel will be good to replace CLI commands from set vpn anyconnect to set vpn openconnect. But in our docs we should use anyconnect-compatible server.
PR from @ronie https://github.com/vyos/vyos-documentation/pull/317
Intel QAT works for CRUX brunch. As for rolling with the newest kernel 5.8.5, it seems some issues on the modules building stage.
@c-po I build qat manually but add --enable-qat-lkcf to https://github.com/vyos/vyos-build/blob/crux/packages/linux-kernel/build-intel-qat.sh#L55 and it seems it works
vyos@R2-QAT:~$ show system acceleration qat device qat_dev0 flows +------------------------------------------------+ | FW Statistics for Qat Device | +------------------------------------------------+ | Firmware Requests [AE 0]: 147225 | | Firmware Responses[AE 0]: 147225 | +------------------------------------------------+ | Firmware Requests [AE 1]: 113758 | | Firmware Responses[AE 1]: 113758 | +------------------------------------------------+ | Firmware Requests [AE 2]: 144886 | | Firmware Responses[AE 2]: 144886 | +------------------------------------------------+ | Firmware Requests [AE 3]: 147221 | | Firmware Responses[AE 3]: 147221 | +------------------------------------------------+ | Firmware Requests [AE 4]: 113774 | | Firmware Responses[AE 4]: 113774 | +------------------------------------------------+ | Firmware Requests [AE 5]: 144891 | | Firmware Responses[AE 5]: 144891 | +------------------------------------------------+
Tested on 1.3-rolling-202009060846
@maznu but it seems really odd behavior, I mean message settled in 121 sec. failed!
121 sec - equal to 121 interfaces when the router is first booted. But if in config already present hw-id, it should be faster then 0 sec.
Will be interesting to reproduce this in our lab. Also will be helpful if you provide sudo dmesg output.
Hello @marekm, I think [ppp]unit-cache=n might help in this case, but the main issue in FRR. Do you want a package for the test with these improvements?
unit-cache=n By default is disabled: unit-cache=0
I tested this in LAB and it seems works properly. Changing interface name for eth1 and eth2
vyos@vyos# delete interfaces ethernet eth1 hw-id [edit] vyos@vyos# delete interfaces ethernet eth2 hw-id [edit] vyos@vyos# set interfaces ethernet eth1 hw-id 50:01:00:02:00:02 [edit] vyos@vyos# set interfaces ethernet eth2 hw-id 50:01:00:02:00:01 [edit] vyos@vyos# commit [edit] vyos@vyos# save Saving configuration to '/config/config.boot'... Done [edit] vyos@vyos# run reboot now
After reboot
vyos@vyos:~$ sudo ethtool -P eth1 Permanent address: 50:01:00:02:00:02 vyos@vyos:~$ sudo ethtool -P eth2 Permanent address: 50:01:00:02:00:01
@maznu , can you provide next:
show configuration commands | match hw-id sudo cat /run/udev/log/vyatta-net-name.coldplug
Jenkins output build ID 1015
16:14:06 DEBUG - Running Testcase: /usr/libexec/vyos/tests/smoke/cli/test_vpn_anyconnect.py 16:14:18 DEBUG - . 16:14:18 DEBUG - ---------------------------------------------------------------------- 16:14:18 DEBUG - Ran 1 test in 11.085s 16:14:18 DEBUG - 16:14:18 DEBUG - OK
Works properly, tested on 1.3-rolling-202008231246
This happens only when in config before migration exists nodes system 'ntp' without other params.
Works as expected on VyOS 1.3-rolling-202008190118
Successfully tested on VyOS 1.2.6-epa1
Hi @dongjunbo , could you try the package for 1.2.5 with fixing this issue?
The main idea to add some automation logic for calculation:
vyos@vyos# set system sysctl profile Possible completions: <text> Sysctl profile Profile1 Profile2 auto
Hi @jack9603301 , in normal condition all scripts and files should be migrated from /config/ directory on the migration process.