Page MenuHomeVyOS Platform
Feed Advanced Search

Sep 2 2021

Unknown Object (User) changed the status of T2661: SSTP wrong certificates check from Open to Needs testing.
Sep 2 2021, 3:50 PM · VyOS 1.3 Equuleus (1.3.0)
Unknown Object (User) closed T3790: Does not possible to configure PPTP static ip-address to users as Resolved.
Sep 2 2021, 2:09 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T2661: SSTP wrong certificates check.

PR https://github.com/vyos/vyos-1x/pull/989

Sep 2 2021, 2:08 PM · VyOS 1.3 Equuleus (1.3.0)
Unknown Object (User) changed the status of T3790: Does not possible to configure PPTP static ip-address to users from Open to Needs testing.
Sep 2 2021, 8:49 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T3790: Does not possible to configure PPTP static ip-address to users.

PR for current https://github.com/vyos/vyos-1x/pull/988

Sep 2 2021, 8:49 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Sep 1 2021

Unknown Object (User) added a comment to T3790: Does not possible to configure PPTP static ip-address to users.

PR https://github.com/vyos/vyos-1x/pull/987
Can we cherry-pick this patch to the current branch?

Sep 1 2021, 7:03 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) claimed T3790: Does not possible to configure PPTP static ip-address to users.
Sep 1 2021, 11:42 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) created T3790: Does not possible to configure PPTP static ip-address to users.
Sep 1 2021, 11:41 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Aug 18 2021

Unknown Object (User) created T3764: Unconfigurable IKE and ESP lifetime.
Aug 18 2021, 1:21 PM · VyOS 1.4 Sagitta

Aug 12 2021

Unknown Object (User) closed T2432: dhcpd: Can't create new lease file: Permission denied as Resolved.
Aug 12 2021, 2:35 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) closed T3405: PPPoE server unit-cache as Resolved.
Aug 12 2021, 11:19 AM · VyOS 1.3 Equuleus (1.3.0), Restricted Project, VyOS 1.4 Sagitta

Aug 9 2021

Unknown Object (User) added a comment to T3731: verify_accel_ppp_base_service return wrong config error for SSP.

PR for Equuleus https://github.com/vyos/vyos-1x/pull/959

Aug 9 2021, 9:08 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) changed the status of T3731: verify_accel_ppp_base_service return wrong config error for SSP from Open to In progress.
Aug 9 2021, 8:55 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) created T3731: verify_accel_ppp_base_service return wrong config error for SSP.
Aug 9 2021, 8:54 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) closed T2776: QAT acceleration not working for IPSec AES-128 (CBC) / SHA256 tunnel as Invalid.
Aug 9 2021, 11:17 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Unknown Object (User) added a comment to T2776: QAT acceleration not working for IPSec AES-128 (CBC) / SHA256 tunnel .

Tested on 1.3-rc5, all works properly

set vpn ipsec esp-group ESP_DEFAULT compression 'disable'
set vpn ipsec esp-group ESP_DEFAULT lifetime '3600'
set vpn ipsec esp-group ESP_DEFAULT mode 'tunnel'
set vpn ipsec esp-group ESP_DEFAULT pfs 'dh-group19'
set vpn ipsec esp-group ESP_DEFAULT proposal 10 encryption 'aes128'
set vpn ipsec esp-group ESP_DEFAULT proposal 10 hash 'sha256'
set vpn ipsec ike-group IKEv2_DEFAULT close-action 'none'
set vpn ipsec ike-group IKEv2_DEFAULT dead-peer-detection action 'hold'
set vpn ipsec ike-group IKEv2_DEFAULT dead-peer-detection interval '30'
set vpn ipsec ike-group IKEv2_DEFAULT dead-peer-detection timeout '120'
set vpn ipsec ike-group IKEv2_DEFAULT ikev2-reauth 'no'
set vpn ipsec ike-group IKEv2_DEFAULT key-exchange 'ikev2'
set vpn ipsec ike-group IKEv2_DEFAULT lifetime '10800'
set vpn ipsec ike-group IKEv2_DEFAULT mobike 'disable'
set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 dh-group '19'
set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 encryption 'aes128'
set vpn ipsec ike-group IKEv2_DEFAULT proposal 10 hash 'sha256'

Flow served QAT

vyos@R2-QAT#  run show system acceleration qat device qat_dev0 flows 
+------------------------------------------------+
| FW Statistics for Qat Device                   |
+------------------------------------------------+
| Firmware Requests [AE  0]:               60046 |
| Firmware Responses[AE  0]:               60046 |
+------------------------------------------------+
| Firmware Requests [AE  1]:              112720 |
| Firmware Responses[AE  1]:              112720 |
+------------------------------------------------+
| Firmware Requests [AE  2]:              219657 |
| Firmware Responses[AE  2]:              219657 |
+------------------------------------------------+
| Firmware Requests [AE  3]:               60046 |
| Firmware Responses[AE  3]:               60046 |
+------------------------------------------------+
| Firmware Requests [AE  4]:              112722 |
| Firmware Responses[AE  4]:              112722 |
+------------------------------------------------+
| Firmware Requests [AE  5]:              219657 |
| Firmware Responses[AE  5]:              219657 |
+------------------------------------------------+

Interrupts

vyos@R2-QAT# run show system acceleration qat interrupts 
140:      44039          0          0          0          0          0          0          0  IR-PCI-MSI 524288-edge      qat0-bundle0
141:          0      42358          0          0          0          0          0          0  IR-PCI-MSI 524289-edge      qat0-bundle1
142:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524290-edge      qat0-bundle2
143:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524291-edge      qat0-bundle3
144:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524292-edge      qat0-bundle4
145:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524293-edge      qat0-bundle5
146:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524294-edge      qat0-bundle6
147:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524295-edge      qat0-bundle7
148:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524296-edge      qat0-bundle8
149:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524297-edge      qat0-bundle9
150:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524298-edge      qat0-bundle10
151:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524299-edge      qat0-bundle11
152:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524300-edge      qat0-bundle12
153:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524301-edge      qat0-bundle13
154:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524302-edge      qat0-bundle14
155:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524303-edge      qat0-bundle15
156:          0          0          0          0          0          0          0          0  IR-PCI-MSI 524304-edge      qat0-ae-cluster
Aug 9 2021, 11:17 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
Unknown Object (User) changed the status of T3695: OpenConnect reports commit success when ocserv fails to start due to SSL cert/key file issues from Open to Needs testing.

PR for 1.3 https://github.com/vyos/vyos-1x/pull/957

Aug 9 2021, 9:58 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Aug 6 2021

Unknown Object (User) added a comment to T3724: Allow setting host-name in l2tp section of accel-ppp.

Hello @maznu , I also prefer the first variant set vpn l2tp remote-access lns host-name example.com I'm sure that we no need to overload l2tp remote-access root noded

Aug 6 2021, 4:49 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Aug 5 2021

Unknown Object (User) added a comment to T2851: Invalid passthrough routes installing by strongSwan into table 220.

It is not critical, please test without this package "libstrongswan-standard-plugins"
All necessary data is already installed.

Aug 5 2021, 1:36 PM · VyOS 1.3 Equuleus (1.3.7), test
Unknown Object (User) added a comment to T2851: Invalid passthrough routes installing by strongSwan into table 220.


I have patched packages for 1.2.8. It works on my routers in the virtual environment.
Instruction:

  1. Upload package to the router
  2. Unarchiv it
sudo tar -xvf strongswan.tar
  1. Install packages
sudo dpkg -i *.deb
  1. Reboot router or reconfigure IPSec
Aug 5 2021, 10:14 AM · VyOS 1.3 Equuleus (1.3.7), test

Aug 3 2021

Unknown Object (User) changed the status of T2432: dhcpd: Can't create new lease file: Permission denied from In progress to Backport pending.
Aug 3 2021, 8:13 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T2661: SSTP wrong certificates check.

@Viacheslav I believe it is still actual for 1.3 https://github.com/vyos/vyos-1x/blob/equuleus/src/conf_mode/vpn_sstp.py#L60-L78
I saw we changed the PKI model only for 1.4. Implement PKI model for 1.3-epa1 a risky

Aug 3 2021, 6:42 AM · VyOS 1.3 Equuleus (1.3.0)

Jul 29 2021

Unknown Object (User) changed the status of T2432: dhcpd: Can't create new lease file: Permission denied from Open to In progress.
Jul 29 2021, 11:01 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T2432: dhcpd: Can't create new lease file: Permission denied.

PR https://github.com/vyos/vyos-1x/pull/945
Also, need to cherry-pick it to Equuleus

Jul 29 2021, 11:01 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
Unknown Object (User) added a project to T2432: dhcpd: Can't create new lease file: Permission denied: VyOS 1.4 Sagitta.
Jul 29 2021, 10:53 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Jul 26 2021

Unknown Object (User) reopened T2432: dhcpd: Can't create new lease file: Permission denied as "Open".

I think we need to reopen this task. Sometimes (one per hour) some users and I got similar messages on version 1.3-rc4/rc5

Jul 26 2021, 10:08 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Jun 29 2021

Unknown Object (User) closed T3593: PPPoE server called-sid format does not work as Resolved.
Jun 29 2021, 6:42 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T3408: vyos 1.4 not delivering ipv6 to devices via PPPOE.

Hello @joeudes , it looks like without enabled ppp-option ipv6 it should not work

set service pppoe-server ppp-options ipv6 allow
Jun 29 2021, 6:29 PM · VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T2883: op-mode reset vpn command shows wrong completion.

@Viacheslav it is reproducible in 1.2.7

vyos@vyos:~$ touch file1
vyos@vyos:~$ touch file2
vyos@vyos:~$ touch file3
vyos@vyos:~$ ls
file1  file2  file3
vyos@vyos:~$ reset vpn remote-access user 
Possible completions:
  file1         Terminate specified user's current remote access VPN session(s)
  file2
  file3
Jun 29 2021, 6:17 PM · VyOS 1.2 Crux
Unknown Object (User) added projects to T3405: PPPoE server unit-cache: VyOS 1.3 Equuleus, Restricted Project.
Jun 29 2021, 6:13 PM · VyOS 1.3 Equuleus (1.3.0), Restricted Project, VyOS 1.4 Sagitta
Unknown Object (User) changed the status of T3405: PPPoE server unit-cache from Open to Needs testing.
Jun 29 2021, 6:12 PM · VyOS 1.3 Equuleus (1.3.0), Restricted Project, VyOS 1.4 Sagitta

Jun 25 2021

Unknown Object (User) added a comment to T3649: Add bonding additional hash-policy.

PR https://github.com/vyos/vyos-1x/pull/898

Jun 25 2021, 3:35 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) changed the status of T3649: Add bonding additional hash-policy from Open to In progress.
Jun 25 2021, 8:49 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) created T3649: Add bonding additional hash-policy.
Jun 25 2021, 8:48 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Jun 16 2021

Unknown Object (User) changed the status of T3629: IPoE server shifting address in the range from Open to In progress.

PR https://github.com/vyos/vyos-build/pull/172

Jun 16 2021, 10:11 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) created T3629: IPoE server shifting address in the range.
Jun 16 2021, 9:46 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Jun 3 2021

Unknown Object (User) changed the status of T3593: PPPoE server called-sid format does not work from In progress to Backport candidate.

Please, backport it to 1.3 rolling https://phabricator.vyos.net/rVYOSONEX4b646c1fb31a1a9f9c9d1658734d478fed5f19f1

Jun 3 2021, 12:36 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Jun 2 2021

Unknown Object (User) added a comment to T3546: Add support for running scripts on PPPoE server session events.

Extended scripts receive from PPPoE daemon the following variables:

$1 - Interface name
$4 - Tunnel GW IP address
$5 - Delegated IP address to the client
$6 - Calling Station ID (MAC)

For example, how to get received RADIUS attributes
note: In this case, Filter-Id attribute used as an indicator for block user adding to ipset

configure
set firewall group address-group blocked 
commit
Jun 2 2021, 8:44 AM · VyOS 1.3 Equuleus (1.3.4)

Jun 1 2021

Unknown Object (User) added a comment to T3546: Add support for running scripts on PPPoE server session events.

PR https://github.com/vyos/vyos-1x/pull/860
To provide the possibility to read RADIUS attribute by script, also need to define radattr=/run/radattr param

Jun 1 2021, 11:30 AM · VyOS 1.3 Equuleus (1.3.4)
Unknown Object (User) changed the status of T3593: PPPoE server called-sid format does not work from Open to In progress.
Jun 1 2021, 10:55 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) created T3593: PPPoE server called-sid format does not work.
Jun 1 2021, 10:55 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) changed the status of T3546: Add support for running scripts on PPPoE server session events from Open to In progress.
Jun 1 2021, 9:02 AM · VyOS 1.3 Equuleus (1.3.4)

May 28 2021

Unknown Object (User) changed the status of T3250: PPPoE server: wrong local usernames from In progress to Backport pending.

Properly works on the latest 1.4 rolling. Is it possible to backport changes to 1.3?

May 28 2021, 9:28 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

May 27 2021

Unknown Object (User) added a comment to T2123: Configure 3 NTP servers.

PR https://github.com/vyos/vyos-build/pull/166

server "time1.vyos.net"
server "time2.vyos.net"
server "time3.vyos.net"
May 27 2021, 9:54 AM · VyOS 1.3 Equuleus (1.3.4)

May 26 2021

Unknown Object (User) added a comment to T3546: Add support for running scripts on PPPoE server session events.

I propose something like

set service pppoe-server extended-scripts on-pre-up <path>
set service pppoe-server extended-scripts on-up <path>
set service pppoe-server extended-scripts on-down <path>
set service pppoe-server extended-scripts on-change <path>
May 26 2021, 7:11 PM · VyOS 1.3 Equuleus (1.3.4)

May 18 2021

Unknown Object (User) added a comment to T3559: Add restart op-command for OpenConnect Server.

PR https://github.com/vyos/vyos-1x/pull/848

May 18 2021, 8:11 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) changed the status of T3559: Add restart op-command for OpenConnect Server from Open to In progress.
May 18 2021, 7:53 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) created T3559: Add restart op-command for OpenConnect Server.
May 18 2021, 7:53 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) changed the status of T3461: OpenConnect Server redundancy check from In progress to Backport candidate.

Tested on 1.4-rolling-202105170417 works correct. Propose to backport this to 1.3

May 18 2021, 7:50 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) changed the status of T3461: OpenConnect Server redundancy check from Open to In progress.
May 18 2021, 7:40 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

May 14 2021

Unknown Object (User) renamed T3546: Add support for running scripts on PPPoE server session events from Add pppoe CLI custom script feature to Add pppoe-server CLI custom script feature .
May 14 2021, 6:40 PM · VyOS 1.3 Equuleus (1.3.4)
Unknown Object (User) created T3546: Add support for running scripts on PPPoE server session events.
May 14 2021, 6:40 PM · VyOS 1.3 Equuleus (1.3.4)

May 13 2021

Unknown Object (User) assigned T3545: Does not possible to update VyOS from 1.1.8 to dmbaturin.
May 13 2021, 6:15 PM · VyOS 1.2 Crux
Unknown Object (User) created T3545: Does not possible to update VyOS from 1.1.8.
May 13 2021, 6:15 PM · VyOS 1.2 Crux

May 2 2021

Unknown Object (User) added a comment to T3480: Does not possible to change console baud-rate.

Hi @hard, I think behavior should be another for VM. Did you try to change speed when you connected via serial?

May 2 2021, 5:37 PM · VyOS 1.4 Sagitta

Apr 27 2021

Unknown Object (User) added a project to T3494: DHCPv6 leases traceback when PD using: VyOS 1.3 Equuleus.

Work as expected on 1.4-rolling-202104260417

vyos@R1:~$ show dhcpv6 server leases 
IPv6 address        State    Last communication    Lease expiration     Remaining    Type               Pool         IAID_DUID
------------------  -------  --------------------  -------------------  -----------  -----------------  -----------  -----------------------------------------------------
2001:db8:290::/64   active   2021/04/23 14:52:48                                     prefix delegation  VyOS-DHCPv6  00:00:00:00:00:01:00:01:28:15:9b:bd:50:00:00:06:00:00
2001:db8:3456::15b  active   2021/04/27 05:07:51   2021/04/27 17:07:51  10:28:27     non-temporary      VyOS-DHCPv6  00:00:00:00:00:01:00:01:28:15:9b:bd:50:00:00:06:00:00
Apr 27 2021, 6:46 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Apr 26 2021

Unknown Object (User) changed the status of T3494: DHCPv6 leases traceback when PD using from Open to Needs testing.

PR https://github.com/vyos/vyos-1x/pull/819

Apr 26 2021, 9:45 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Apr 23 2021

Unknown Object (User) created T3494: DHCPv6 leases traceback when PD using.
Apr 23 2021, 2:25 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) created T3493: DHCPv6 does not have prefix range validation.
Apr 23 2021, 1:55 PM · VyOS 1.4 Sagitta

Apr 18 2021

Unknown Object (User) updated the task description for T3484: Kernel panic when QAT uses.
Apr 18 2021, 8:13 PM · VyOS 1.4 Sagitta
Unknown Object (User) created T3484: Kernel panic when QAT uses.
Apr 18 2021, 8:09 PM · VyOS 1.4 Sagitta

Apr 16 2021

Unknown Object (User) created T3480: Does not possible to change console baud-rate.
Apr 16 2021, 5:45 PM · VyOS 1.4 Sagitta

Apr 9 2021

Unknown Object (User) added a comment to T3465: PPPoE server: dual-stack IPv4/IPv6 provisioning with Prefix Delegation not working.

Add PR with improvements to documentation https://github.com/vyos/vyos-documentation/pull/503

Apr 9 2021, 10:43 AM · VyOS 1.3 Equuleus (1.3.0)
Unknown Object (User) added a comment to T3465: PPPoE server: dual-stack IPv4/IPv6 provisioning with Prefix Delegation not working.

Thanks. I think the main issue is missing required modules in the generated pppoe server config file

 sudo cat /run/accel-pppd/pppoe.conf 
### generated by accel_pppoe.py ###
[modules]
log_syslog
pppoe
shaper
chap-secrets
ippool
auth_pap
auth_chap_md5
auth_mschap_v1
auth_mschap_v2

Required

ipv6pool
ipv6_nd
ipv6_dhcp

These option enables by the foloowing CLI command::

set service pppoe-server ppp-options ipv6 allow
Apr 9 2021, 10:23 AM · VyOS 1.3 Equuleus (1.3.0)

Apr 8 2021

Unknown Object (User) added a comment to T3465: PPPoE server: dual-stack IPv4/IPv6 provisioning with Prefix Delegation not working.

It looks like the same nature of this issue https://phabricator.vyos.net/T3393
@c-po , could you try to test fast solution

configure
set system sysctl custom net.ipv6.conf.default.addr_gen_mode value 0
commit
Apr 8 2021, 10:02 PM · VyOS 1.3 Equuleus (1.3.0)

Apr 7 2021

Unknown Object (User) created T3461: OpenConnect Server redundancy check.
Apr 7 2021, 7:56 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Mar 17 2021

Unknown Object (User) added a comment to T3403: Error on interrupting list of pppoe sessions.

Works correct for q, but still show backtrace by Ctrl+C

:Traceback (most recent call last):
  File "/usr/libexec/vyos/op_mode/ppp-server-ctrl.py", line 74, in <module>
    main()
  File "/usr/libexec/vyos/op_mode/ppp-server-ctrl.py", line 63, in main
    print(output)
KeyboardInterrupt

Lets change except BrokenPipeError: to except:

Mar 17 2021, 10:40 PM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta

Mar 16 2021

Unknown Object (User) added a comment to T3353: PPPoE server wrong vlan-range generating config.

@Viacheslav . Ok this is not a problem, because we have a workaround with pseudo ethernet interfaces

set interfaces pseudo-ethernet peth1 source-interface 'eth1'
set service pppoe-server interface peth1 
set service pppoe-server interface eth1 vlan-id '50'
set service pppoe-server interface eth1 svlan 1000 vlan-range '1-4095'

Now all looks good and works properly, but need to add better help value

vyos@vyos# set service pppoe-server interface eth3 vlan-id 
Possible completions:
   <text>       VLAN monitor for the automatic creation of vlans (user per vlan)
Mar 16 2021, 8:37 PM · VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T3242: PPPoE Server overhead on virtual interfaces creation.

To disable udev link_config redundancy call we need to delete /usr/lib/systemd/network/99-default.link

Mar 16 2021, 8:05 PM · VyOS 1.3 Equuleus

Mar 15 2021

Unknown Object (User) added a comment to T3329: "system conntrack ignore" rules can no longer be created due to an iptables syntax change.

@dmbaturin please cherry-pick this to equuleus. Successfully tested on VyOS-1.3-RC1

Mar 15 2021, 3:49 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Mar 13 2021

Unknown Object (User) added a comment to T3405: PPPoE server unit-cache.

Yes, some time ago, it could produce kernel issues https://www.mail-archive.com/[email protected]/msg218964.html
And I think it will be good to add the possibility to control unit-cache to have the opportunity to influence this.

Mar 13 2021, 6:57 AM · VyOS 1.3 Equuleus (1.3.0), Restricted Project, VyOS 1.4 Sagitta

Mar 12 2021

Unknown Object (User) updated the task description for T3405: PPPoE server unit-cache.
Mar 12 2021, 6:50 PM · VyOS 1.3 Equuleus (1.3.0), Restricted Project, VyOS 1.4 Sagitta
Unknown Object (User) claimed T3405: PPPoE server unit-cache.
Mar 12 2021, 6:50 PM · VyOS 1.3 Equuleus (1.3.0), Restricted Project, VyOS 1.4 Sagitta
Unknown Object (User) created T3405: PPPoE server unit-cache.
Mar 12 2021, 6:49 PM · VyOS 1.3 Equuleus (1.3.0), Restricted Project, VyOS 1.4 Sagitta
Unknown Object (User) created T3403: Error on interrupting list of pppoe sessions.
Mar 12 2021, 4:07 PM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta

Mar 11 2021

Unknown Object (User) changed Difficulty level from unknown to normal on T486: Static IPv6 default route via OSPFv3-learned loopback is not activated.
Mar 11 2021, 8:02 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
Unknown Object (User) changed the subtype of T486: Static IPv6 default route via OSPFv3-learned loopback is not activated from "Task" to "Bug".
Mar 11 2021, 8:01 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, test
Unknown Object (User) added a comment to T3242: PPPoE Server overhead on virtual interfaces creation.

Fresh SNMP Daemon has some option which might be helpful
https://manpages.debian.org/unstable/snmpd/snmpd.conf.5.en.html

ifmib_max_num_ifaces NUM
Mar 11 2021, 7:05 PM · VyOS 1.3 Equuleus
Unknown Object (User) added a comment to T3242: PPPoE Server overhead on virtual interfaces creation.

Configured SNMP also add impact

top - 12:51:59 up  3:25,  2 users,  load average: 1.35, 0.70, 0.28
Tasks: 214 total,   2 running, 210 sleeping,   2 stopped,   0 zombie
%Cpu0  :  0.0 us,  0.0 sy,  0.0 ni, 99.7 id,  0.0 wa,  0.0 hi,  0.3 si,  0.0 st
%Cpu1  : 22.6 us, 77.4 sy,  0.0 ni,  0.0 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
%Cpu2  :  0.0 us,  0.3 sy,  0.0 ni, 99.7 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
%Cpu3  :  0.0 us,  0.0 sy,  0.0 ni,100.0 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
MiB Mem :   9972.9 total,   6710.1 free,   2044.5 used,   1218.3 buff/cache
MiB Swap:      0.0 total,      0.0 free,      0.0 used.   7195.8 avail Mem
Mar 11 2021, 12:52 PM · VyOS 1.3 Equuleus

Mar 10 2021

Unknown Object (User) updated subscribers of T3305: Ingress qdisc does not work anymore in 1.3-rolling-202101 snapshot.

@jack9603301 it looks like this issue related to your patch https://github.com/vyos/vyatta-cfg-qos/commit/6391325271be489d29f0b7aa2982952068c6a53c
T3089

Mar 10 2021, 9:42 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta, vyatta-cfg-qos

Mar 9 2021

Unknown Object (User) added a comment to T3242: PPPoE Server overhead on virtual interfaces creation.

Also, add some overhead netplug

top - 19:14:34 up 26 min,  1 user,  load average: 10.29, 13.17, 8.57
Tasks: 568 total,   5 running, 228 sleeping,   0 stopped, 335 zombie
%Cpu0  :  5.0 us, 10.6 sy,  0.0 ni, 84.4 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
%Cpu1  :  9.8 us, 15.2 sy,  0.0 ni, 75.0 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
%Cpu2  : 40.7 us,  3.0 sy,  0.0 ni, 56.2 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
%Cpu3  :  9.6 us, 86.4 sy,  0.0 ni,  4.0 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
MiB Mem :   3870.9 total,   1375.2 free,   1499.9 used,    995.8 buff/cache
MiB Swap:      0.0 total,      0.0 free,      0.0 used.   1716.8 avail Mem
Mar 9 2021, 7:18 PM · VyOS 1.3 Equuleus

Mar 8 2021

Unknown Object (User) added a comment to T3393: IPoE does not assign IPv6 PD or WAN address.

Related task https://phabricator.vyos.net/T2362
A maybe better solution in this case to create interfaces like bridge and interfaces with an option which block adding link-local address.

Mar 8 2021, 7:08 PM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta
Unknown Object (User) created T3394: Error on removing dhcpv6 address from interface.
Mar 8 2021, 4:26 PM · VyOS 1.2 Crux (VyOS 1.2.9)
Unknown Object (User) added a comment to T3393: IPoE does not assign IPv6 PD or WAN address.

@marcomuskus as a temporary solution try to use CLI sysctl param

configure
set system sysctl custom net.ipv6.conf.default.addr_gen_mode value 0
commit
Mar 8 2021, 4:20 PM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta

Mar 7 2021

Unknown Object (User) added a comment to T3353: PPPoE server wrong vlan-range generating config.

@Viacheslav , thanks for improving, now it works properly. I found one interesting moment, it looks like we cant configure via CLI listen to PPPoE clients on interfaces eth1 and eth1.50 or eth1.something at the same time.

vyos@vyos# run show configuration commands | match "pppoe-server interface"
set service pppoe-server interface eth1 vlan-id '50'
set service pppoe-server interface eth1.1000 vlan-range '1-4095'
[edit]
vyos@vyos# set service pppoe-server interface eth1
Mar 7 2021, 7:17 PM · VyOS 1.4 Sagitta
Unknown Object (User) assigned T3388: show interfaces doesn't display pppoeX to c-po.

Also does not display other interfaces under the end node

vyos@RTR1# run show interfaces 
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
eth0             xxx.xxx.36.246/24                 u/u  
lo               127.0.0.1/8                       u/u  
                 ::1/128                                
tun0             2001:470:xxxx:xxx::2/64           u/u  HE.NET IPv6 Tunnel
[edit]
vyos@RTR1# run show interfaces tunnel 
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
[edit]
vyos@RTR1# run show interfaces ethernet 
Codes: S - State, L - Link, u - Up, D - Down, A - Admin Down
Interface        IP Address                        S/L  Description
---------        ----------                        ---  -----------
[edit]
vyos@RTR1#
Mar 7 2021, 8:31 AM · VyOS 1.4 Sagitta

Mar 6 2021

Unknown Object (User) added a comment to T3319: VXLAN uses ttl 1 (auto) by default.

For VXLAN multicast this is a real bug.

Mar 6 2021, 6:37 PM · VyOS 1.3 Equuleus (1.3.0)

Mar 5 2021

Unknown Object (User) added a comment to T3319: VXLAN uses ttl 1 (auto) by default.

@c-po , yes now it works. Maybe we need to define ttl=16 as the default value?

Mar 5 2021, 6:40 AM · VyOS 1.3 Equuleus (1.3.0)

Mar 4 2021

Unknown Object (User) added a comment to T3319: VXLAN uses ttl 1 (auto) by default.

@c-po does not work on 1.4-rolling-202103040218

vyos@vyos# sudo ip -d link show dev vxlan241
7: vxlan241: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue master br241 state UNKNOWN mode DEFAULT group default qlen 1000
    link/ether fe:08:e3:3c:d4:ab brd ff:ff:ff:ff:ff:ff promiscuity 1 minmtu 68 maxmtu 65535 
    vxlan id 241 group 239.0.0.241 dev eth0 srcport 0 0 dstport 8472 tos inherit ttl auto ageing 300 udpcsum noudp6zerocsumtx noudp6zerocsumrx

On the middle router in traffic dump I see TTL=1

18:59:29.029090 IP (tos 0x0, ttl 1, id 24806, offset 0, flags [none], proto UDP (17), length 100)
    10.1.2.2.52948 > 239.0.0.241.8472: OTV, flags [I] (0x08), overlay 0, instance 241
Mar 4 2021, 7:00 PM · VyOS 1.3 Equuleus (1.3.0)
Unknown Object (User) added a comment to T3386: PPPoE-server don't start with local authentication.

There is a bug exactly with client-ip-pool range, config generated with the mistake

[ip-pool]
gw-ip-address=10.1.1.1
10.1.1.100-10.1.1.111

but expected

10.1.1.100-111
Mar 4 2021, 5:51 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Mar 1 2021

Unknown Object (User) added a comment to T3353: PPPoE server wrong vlan-range generating config.

Yes, sure. It will work only if one vlan-id defined, e.g. if you configure a couple vlan-id you will get wrong syntax"

set service pppoe-server interface eth1 vlan-id '50'
set service pppoe-server interface eth1 vlan-id '60'

In generated config

vlan-mon=eth1,50,60
interface=eth1.50,60

Expected:

vlan-mon=eth1,50,60
interface=eth1.50
interface=eth1.60
Mar 1 2021, 8:44 AM · VyOS 1.4 Sagitta

Feb 28 2021

Unknown Object (User) added a comment to T3353: PPPoE server wrong vlan-range generating config.

Good job! I think there exists one remark. If we set set service pppoe-server interface eth1 vlan-id '50' that means you want to listen to pppoe client on eth1.50, but in config you have

vlan-mon=eth1,50
interface=re:eth1\.\d+

e.g. eth1\.\d+ mean all vlans in eth1, even eth1.50.50.50 will fit for this regular expression
I propose do not to use a regular expression for vlan-id, as an example:

  1. set service pppoe-server interface eth1 vlan-id '50'
vlan-mon=eth1,50
interface=eth1.50
Feb 28 2021, 8:16 PM · VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T3360: Op command 'show interfaces' does not display VRRP VIP.

Yes, agree it works by show interfaces vrrp, but behavior in 1.2.x also displayed VIP by command show interfaces
I think this is a bug and need to fix it.

Feb 28 2021, 8:02 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Feb 26 2021

Unknown Object (User) added a comment to T1297: Add GARP settings to VRRP/keepalived.

Tested in the lab the following simple topology on 1.2.6-S1 and 1.3-beta, behavior the same and GARP works by default.

Screenshot 2021-02-26 at 17.04.44.png (472×545 px, 45 KB)

VyOS1 config

set high-availability vrrp group eth1 hello-source-address '100.64.0.1'
set high-availability vrrp group eth1 interface 'eth1'
set high-availability vrrp group eth1 peer-address '100.64.0.2'
set high-availability vrrp group eth1 rfc3768-compatibility
set high-availability vrrp group eth1 virtual-address '100.64.0.50/24'
set high-availability vrrp group eth1 vrid '1'
set interfaces ethernet eth0 address 'dhcp'
set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 hw-id '50:00:00:01:00:00'
set interfaces ethernet eth0 speed 'auto'
set interfaces ethernet eth1 address '100.64.0.1/24'
set interfaces ethernet eth1 duplex 'auto'
set interfaces ethernet eth1 hw-id '50:00:00:01:00:01'
set interfaces ethernet eth1 speed 'auto'

VyOS2 config

set high-availability vrrp group eth1 hello-source-address '100.64.0.2'
set high-availability vrrp group eth1 interface 'eth1'
set high-availability vrrp group eth1 peer-address '100.64.0.1'
set high-availability vrrp group eth1 virtual-address '100.64.0.50/24'
set high-availability vrrp group eth1 vrid '1'
set interfaces ethernet eth0 address 'dhcp'
set interfaces ethernet eth0 duplex 'auto'
set interfaces ethernet eth0 hw-id '50:00:00:02:00:00'
set interfaces ethernet eth0 speed 'auto'
set interfaces ethernet eth1 address '100.64.0.2/24'
set interfaces ethernet eth1 duplex 'auto'
set interfaces ethernet eth1 hw-id '50:00:00:02:00:01'
set interfaces ethernet eth1 speed 'auto'

In traffic dump on VyOS3 we can see traffic when BACKUP node switched to MASTER state

14:02:34.152959 50:00:00:02:00:01 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 100.64.0.50 (ff:ff:ff:ff:ff:ff) tell 100.64.0.50, length 28
14:02:34.153042 50:00:00:02:00:01 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 100.64.0.50 (ff:ff:ff:ff:ff:ff) tell 100.64.0.50, length 28
14:02:34.153086 50:00:00:02:00:01 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 100.64.0.50 (ff:ff:ff:ff:ff:ff) tell 100.64.0.50, length 28
14:02:34.153090 50:00:00:02:00:01 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 100.64.0.50 (ff:ff:ff:ff:ff:ff) tell 100.64.0.50, length 28
14:02:34.153092 50:00:00:02:00:01 > ff:ff:ff:ff:ff:ff, ethertype ARP (0x0806), length 42: Request who-has 100.64.0.50 (ff:ff:ff:ff:ff:ff) tell 100.64.0.50, length 28
14:02:34.153467 50:00:00:02:00:01 > 50:00:00:01:00:01, ethertype IPv4 (0x0800), length 54: 100.64.0.2 > 100.64.0.1: VRRPv2, Advertisement, vrid 1, prio 100, authtype none, intvl 1s, length 20
14:02:35.153544 50:00:00:02:00:01 > 50:00:00:01:00:01, ethertype IPv4 (0x0800), length 54: 100.64.0.2 > 100.64.0.1: VRRPv2, Advertisement, vrid 1, prio 100, authtype none, intvl 1s, length 20
14:02:36.154117 50:00:00:02:00:01 > 50:00:00:01:00:01, ethertype IPv4 (0x0800), length 54: 100.64.0.2 > 100.64.0.1: VRRPv2, Advertisement, vrid 1, prio 100, authtype none, intvl 1s, length 20
14:02:37.154233 50:00:00:02:00:01 > 50:00:00:01:00:01, ethertype IPv4 (0x0800), length 54: 100.64.0.2 > 100.64.0.1: VRRPv2, Advertisement, vrid 1, prio 100, authtype none, intvl 1s, length 20
14:02:38.154470 50:00:00:02:00:01 > 50:00:00:01:00:01, ethertype IPv4 (0x0800), length 54: 100.64.0.2 > 100.64.0.1: VRRPv2, Advertisement, vrid 1, prio 100, authtype none, intvl 1s, length 20

The same behavior with rfc3768-compatibility option.
I think we don't need to change behavior because it should be suitable for all cases.

Feb 26 2021, 2:11 PM · VyOS 1.3 Equuleus (1.3.6), VyOS 1.4 Sagitta
Unknown Object (User) created T3360: Op command 'show interfaces' does not display VRRP VIP.
Feb 26 2021, 11:02 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Feb 25 2021

Unknown Object (User) changed the status of T3353: PPPoE server wrong vlan-range generating config from Open to Confirmed.
Feb 25 2021, 1:53 PM · VyOS 1.4 Sagitta
Unknown Object (User) created T3353: PPPoE server wrong vlan-range generating config.
Feb 25 2021, 1:53 PM · VyOS 1.4 Sagitta

Feb 24 2021

Unknown Object (User) added a comment to T3303: Change welcome message on boot.

@c-po , it works properly

Welcome to VyOS 1.4-rolling-202102240218 (sagitta)!
Feb 24 2021, 5:27 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Feb 23 2021

Unknown Object (User) added a comment to T3303: Change welcome message on boot.

PR https://github.com/vyos/vyos-build/pull/147
Output on the local stand

Welcome to VyOS 1.4 (sagitta)!
Feb 23 2021, 7:00 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T2927: isc-dhcpd release and expiry events never execute.

PR https://github.com/vyos/vyos-1x/pull/740

Feb 23 2021, 5:40 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.2 Crux (VyOS 1.2.7), VyOS 1.4 Sagitta