I verified that with the new CLI (run monitor traffic interface ... filter ...) it works.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
May 24 2018
The basic commands are working now, I suppose subsequent additions need their own tasks.
May 23 2018
We can make a script that checks if service is configured and reload it if it's not then.
May 22 2018
I've updated pdns to 4.0, enabled non-local bind, and added a "listen-address" option that takes address rather than interface. I've also added a huge warning about listen-on to encourage people to migrate to the new listen-address option.
Seems to work now.
I think we should implement a package persistence mechanism at some point. Frankly, APT is notorious for offering conflict resolutions that equal self-destruct, for a network admin who is not an experienced Debian user, installing third-party packages the normal way will create more problems than it solves.
I think it is. In any case, it's irrelevant by now since there's no dnsmasq anymore, and pdns doesn't have this problem.
The dnsmasq equivalent is already in place I suppose.
Seems to be fine now.
Tested and appears to work.
Yes, since we let quagga manage static routes (and for a good reason — the kernel does not even try to restore routes if the interface they use flaps), we can only do what quagga allow now, or add something to quagga.
Already in use by now.
ALready packaged and actively used.
The AMI builds and boots now.
May 21 2018
@aopdal I agree VRRPv3 supports both IPv4 and IPv6 at the protocols level, but keepalived wants groups to use either IPv4 or IPv6 addresses, but not both at the same time, so you need different groups for them in the config.
May 20 2018
Works and already in use.
@syncer Sort of. Root doesn't get the full vyos environment so using vyos commands is inconvenient, though not impossible.
@Asteroza Our tcpdump comes straight from Debian, so the update should be picked automatically when they update theirs.
Seems to work.
Appears to work as expected now.
May 17 2018
Seems to be working now.
May 16 2018
@higebu and @UnicronNL agreed to the change, so I'm going to proceed with it.
I'm pretty sure there is a commit error when you try to use that no longer existing option. It only works because we (sadly) allow partial commits and our commits at this time are not real, transactional commits.
@c-po I think the spirit of it is to keep programs that are not useful for end users separate from programs that are, out of their $PATH, which would only pollute the completion and enable accidental execution of programs that may have strange effect when used in an unintended way outside of their normal workflow.
Turns out updating the hosts entry is more important than I thought: if it's missing, sudo constantly complains that it cannot resolve the hostname. While it appears to have no ill effect, it's still quite a nuisance.
Those commands are now "monitor bandwidth interface $intf".
This task is decidedly *not* complete until we have a migration script for it.
May 15 2018
Should be working now.
They are now vyos.version.get_version*
It gets worse: there are also handwritten bmon command templates for some interfaces (those before VC6.6 it seems).
May 14 2018
Sorry it took me so long to react to!
Looks like pdns doesn't have a working command to reset all cache, but it has a command for clearing cache for individual domains.
May 11 2018
May 10 2018
May 8 2018
May 3 2018
Just tested it on hvinfo and it seems to work as expected. The change is in the jenkins script,
The peer-address option doesn't work quite well in keepalived 1.2.x from jessie. VRRP transition works, but then it goes into an endless loop of sending an ARP who-has request for checking availability of the virtual address.
May 2 2018
Apr 30 2018
I've added the Mellanox OFED drivers to the image. Need to check the userspace packages.
Apr 27 2018
@c-po Looks like Debian has it for all platforms that support KVM, including ARM (though, oddly, not Aarch64). Perhaps we should move it from the x86 package list to vyos-world or another platform-independent place at some later point.
Apr 5 2018
Mar 3 2018
Please make sure to read the guideline: http://blog.vyos.net/vyos-2-dot-0-development-digest-number-5-doing-1-dot-2-x-and-2-dot-0-development-in-parallel
You can use the cron script as an example, too.
Mar 2 2018
Closing the task then.
Feb 28 2018
@alainlamar @c-po Multi-nodes should indeed be used whenever possible instead of making the user enter comma-separated values and the like.
Feb 20 2018
Done for all practical purposes. Everything else will deserve its own task.
It's done for OpenVPN. We can later add IPsec as a sub-task.
Feb 19 2018
Feb 7 2018
It will have to be refactored for the new vyos-1x approach, but then the entire package will, so we'll better have the .ac support now, and refactor later.
- A nicer version of os.system('iw reg get')
This makes me think we should make a shared nicer version that returns a tuple of exit code and combined stdout/stderr and put it somewhere in a utility module.
Feb 6 2018
@tic226 If we continue the chemical theme, since 1.1.x is helium, 1.2.x will be lithium, and 1.3.x will be beryllium.
Jan 12 2018
Jan 11 2018
The downloads.vyos.io is now using mandatory HTTPS. On the dev.packages.vyos.net, HTTPS is optional. To declare this closed, we need someone to independently verify that ISO build works with HTTPS for them.