@NikolayP , Looks like MTU and MPPE issue. Stoping daemon does not related to this I think.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Jun 5 2022
Feb 16 2022
Tested on 1.4-rolling-202202150317 and 1.3.0, all works
Feb 15 2022
PR for equuleus https://github.com/vyos/vyos-1x/pull/1222
Sorry, it works properly only for not PD. Looks like is not backported to equuleus
Client-side configuration to reproduce
set interfaces ethernet eth0 address 'dhcpv6' set interfaces ethernet eth0 dhcpv6-options pd 0 interface eth1 address '1' set interfaces ethernet eth0 dhcpv6-options pd 0 interface eth1 sla-id '0' set interfaces ethernet eth0 dhcpv6-options pd 0 length '64'
On server-side we get the same backtrace
vyos@vyos# run show dhcpv6 server leases Traceback (most recent call last): File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 209, in <module> leases = get_leases(conf, lease_file, args.state, args.pool, args.sort) File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 142, in get_leases leases = sorted(leases, key = lambda k: int(ip_address(k['ip']))) File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 142, in <lambda> leases = sorted(leases, key = lambda k: int(ip_address(k['ip']))) File "/usr/lib/python3.7/ipaddress.py", line 54, in ip_address address) ValueError: '2001:db8:290::/64' does not appear to be an IPv4 or IPv6 address
Tested on VyOS version 1.3.0, works properly
vyos@vyos# run show version | match Version Version: VyOS 1.3.0 [edit] vyos@vyos# run show dhcpv6 server leases IPv6 address State Last communication Lease expiration Remaining Type Pool IAID_DUID ------------------ ------- -------------------- ------------------- ----------- ------------- ----------- ----------------------------------------------------------------- 2001:db8:3456::187 active 2022/02/15 09:28:10 2022/02/15 21:28:10 11:58:28 non-temporary VyOS-DHCPv6 00:00:00:00:00:04:79:76:62:99:23:ad:43:fb:9c:5b:1c:1e:59:4b:58:01
Hi @hensur , I'm sure that this code should be moved to python implementation, patches for the legacy vyatta-cfg-qos will be rejected.
First of all, need to create CLI XML definition
https://docs.vyos.io/en/equuleus/contributing/development.html?xml-used-for-cli-definitions#xml-used-for-cli-definitions
and then create backend in python to process CLI commands
https://docs.vyos.io/en/equuleus/contributing/development.html?xml-used-for-cli-definitions#configuration-script-structure-and-behaviour
Feb 14 2022
@n.fort it is possible with conntrackd logging option syslog
sudo rm /etc/systemd/system/conntrackd.service.d/override.conf
edit nano /etc/conntrackd/conntrackd.conf and add Syslog on in General section, then restart conntrackd service.
After that you will get messages
conntrack-tools[5097]: udp 17 src=100.64.0.3 dst=1.1.1.1 sport=41900 dport=53 src=1.1.1.1 dst=198.51.100.1 sport=53 dport=41900
Feb 4 2022
@jestabro you are right. Adding no_tag_node_value_mangle=True will fix this issue.
https://github.com/vyos/vyos-1x/blob/ec13cac66ba612ecc36053158c7517c8fe993547/src/system/keepalived-fifo.py#L73-L74
self.vrrp_config_dict = conf.get_config_dict(base, key_mangling=('-', '_'), get_first_key=True, no_tag_node_value_mangle=True)
Feb 2 2022
Jan 24 2022
PR current - https://github.com/vyos/vyos-build/pull/214
PR equuleus - https://github.com/vyos/vyos-build/pull/215
Jan 18 2022
Looks like I see the same issue for 1.3.0. Reproducing steps:
set interfaces ethernet eth1 address 'dhcp' set protocols static table 1 route 0.0.0.0/0 dhcp-interface eth1
Jan 12 2022
Jan 11 2022
Jan 6 2022
Jan 4 2022
Dec 30 2021
Dec 29 2021
Related task https://phabricator.vyos.net/T4119
Dec 21 2021
I think this is the limitation with the Linux interface name, it should not be higher than 16 characters. In you config I see, as an example (bond0.995.130 = 13 chars and additional part .100 = 4) = 17
I know how we can fix it manually, but I'm not sure that it is a good idea.
Accel-PPP supports name changing for created interface by vlan_mon module
[pppoe] vlan-name=e0.%P.%N interface=re:^e0\.\d+\.\d+
you can try to change this manually (edit /run/accel-ppp/pppoe.conf) and restart pppoe-server
Dec 19 2021
Dec 17 2021
Yes, but sync-groups dont have health-check scripts.
The best solution, in this case, is to implement health-check features for sync-group and do migration script.
We should not use health-check configured for a group if this group belongs to a sync-group
Dec 16 2021
When sync group configure the keepalived report to log, looks like we need to use this script on sync_group
Dec 16 15:22:53 vyos Keepalived_vrrp[4766]: Warning - script healthcheck_XXX is not used
Dec 15 2021
@GallySoft could you please share your configuration commands?
Is S-VLAN 995 and C-VLAN 2092 as an example configured on the bond0 interface?
Hi @GallySoft, this fix is still not in 1.3. Try to test it on 1.4 fresh rollings.
Dec 9 2021
Dec 7 2021
Dec 6 2021
I believe that CLI should protect a user and deny him to shoot in his leg. In any case, we cannot guarantee a successful update if the script will not be migrated
We definitely have to delete enable_script_security from https://github.com/vyos/vyos-1x/blob/current/data/templates/vrrp/keepalived.conf.tmpl#L10
Dec 4 2021
Also, I propose to add missing 'space' to header
vyos@VyOS-BNG:~$ show pppoe-server sessions ifname | username | ip | ip6 | ip6-dp | calling-sid | rate-limit | state | uptime | rx-bytes | tx-bytes ---------+----------+---------------+-----+--------+-------------------+------------+--------+----------+-----------+----------
Easy to fix here https://github.com/vyos/vyos-1x/blob/current/src/op_mode/ppp-server-ctrl.py#L63
replace to print(f' {output}')
Dec 3 2021
Related task https://phabricator.vyos.net/T3546
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1094
Dec 2 2021
Dec 1 2021
Nov 29 2021
Nov 26 2021
23:05:52 DEBUG - Running Testcase: /usr/libexec/vyos/tests/smoke/cli/test_vpn_openconnect.py 23:06:04 DEBUG - test_vpn (__main__.TestVpnOpenconnect) ... ok 23:06:07 DEBUG - 23:06:07 DEBUG - ---------------------------------------------------------------------- 23:06:07 DEBUG - Ran 1 test in 11.396s 23:06:07 DEBUG - 23:06:07 DEBUG - OK 23:06:07 DEBUG - Running Testcase: /usr/libexec/vyos/tests/smoke/cli/test_vpn_sstp.py 23:06:22 DEBUG - test_accel_local_authentication (__main__.TestVPNSSTPServer) ... ok 23:06:28 DEBUG - test_accel_name_servers (__main__.TestVPNSSTPServer) ... ok 23:06:38 DEBUG - test_accel_radius_authentication (__main__.TestVPNSSTPServer) ... ok 23:06:40 DEBUG - 23:06:41 DEBUG - ---------------------------------------------------------------------- 23:06:41 DEBUG - Ran 3 tests in 32.454s 23:06:41 DEBUG - 23:06:41 DEBUG - OK
Nov 24 2021
Now certificate files existing should be checked via validator name="file-exists" which was fixed T3695
PR https://github.com/vyos/vyos-1x/pull/1082
Also, fixed certificate files check. PR https://github.com/vyos/vyos-1x/pull/1081
Nov 23 2021
PR fo equuleus https://github.com/vyos/vyos-build/pull/205
PR for current https://github.com/vyos/vyos-build/pull/204
Nov 22 2021
PR ready for current https://github.com/vyos/vyos-1x/pull/1076
Nov 20 2021
Nov 15 2021
Nov 11 2021
This issue should be fixed after these changes https://phabricator.vyos.net/T1970 (udevadm settle)
Tested on EdgeCore SAF51015I with generic ISOs.
Does not possible to reproduce this behavior on 1.3-epa3.
Nov 5 2021
Nov 4 2021
Nov 3 2021
Oct 28 2021
Oct 25 2021
Oct 3 2021
Sep 2 2021
PR for current https://github.com/vyos/vyos-1x/pull/988
Sep 1 2021
PR https://github.com/vyos/vyos-1x/pull/987
Can we cherry-pick this patch to the current branch?
Aug 18 2021
Aug 12 2021
Aug 9 2021
PR for Equuleus https://github.com/vyos/vyos-1x/pull/959