@UnicronNL also likes constellations, so let's go with it.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Advanced Search
Sep 2 2018
Sep 1 2018
Aug 27 2018
Aug 26 2018
Aug 25 2018
Hi @Merijn,
FRR changed quite a few commands here and there, most are easy fixes indeed.
Aug 23 2018
Aug 11 2018
Aug 9 2018
if the interface gets delete from the config, the wg device gets deleted from the OS and all its routes
This is exactly the reason why "set protocols static ..." commands use zebra instead of pushing routes directly to the kernel with iproute2. Zebra takes care of interfaces going up and down and reinstalls the routes when needed.
Now, is that suppose to happen automatically ( i can include it in the wireguard.py script), or is it supposed to be setup via 'set static proto ...'? What would be the better way?
If wireguard cannot create routes on its own, I believe we should leave route setup to the user. Doing it automatically when it's not actually supported is a very leaky abstraction.
Aug 6 2018
Aug 4 2018
Works now, though I need to discuss the pull requests with PPP maintainers.
Should be working now.
I believe I've fixed it, though feedback won't harm.
Closing for now then, let's reopen if needed, or make a separate task for bridging openvpn with new interface types.
@mb300sd The reason we do not allo arbitrary names is that there's no easy way to find out exact interface type, so we forced them to begin with eth, br, tun etc. so that scripts can find out what it is and filter only compatible interfaces.
Relaxing the requirements to "starts with keyword" like eth-lan or tun-office would be an interesting idea, but I'm afraid only in the long run, since a number of scripts have regexes like eth\d+ hardcoded in them and it will take time to clean up.
The renderer works now (for a long time already, even), so it's time to close this task finally. ;)
Aug 2 2018
Jul 31 2018
@UnicronNL @hagbard Please do not use that package! I've inspected it, and it's below any reasonable standards!
Jul 28 2018
Jul 26 2018
Jul 24 2018
One note: I'm removing the "firewall" option. First, it's only relevant for RFC-compliant VRRP, and there's no checking for it. Second, it has no advantages over assigning the firewall directly to the parent interface in any case.
Third, it was implemented inconsistently: ethernet VIFs and non-ethernet interfaces (e.g. bond) lack it.
Jul 23 2018
Jul 21 2018
For the reference: https://github.com/acassen/keepalived/blob/master/doc/NOTE_vrrp_vmac.txt
Does the problem also exist with the other kind of VRRP?
I'd need to check.
Jul 20 2018
There was one or two 1.2.0 images that did have a hostname problem due to a problem in the new implementation of the system host-name command, but I fixed it. I wonder if your problem might be carried over from one of those images.
Could you try updating some test machine from 1.1.8?
You get this when you upgrade from a previous rolling release, or from 1.1.8? If the former, which one?
Jul 17 2018
Jul 11 2018
Should we delete user home dirs when deleting a user then?
Jul 10 2018
I think new version should still be able to sync with the old versions, since people will be upgrading routers in their HA pairs one by one, and loss of functionality during upgrades isn't a very nice situation.
@hagbard Migration scripts are no longer that much of a problem (though they still need to be carefully written). See http://blog.vyos.net/writing-migration-scripts-and-manipulating-vyos-config-files-outside-vyos-just-got-easier
https://github.com/vyos/vyos-1x/blob/new-vrrp/interface-definitions/vrrp.xml The new syntax draft.
Jul 5 2018
That's my punishment for the sin of only testing op mode commands from conf mode.
Jul 3 2018
Jun 29 2018
Jun 26 2018
Jun 24 2018
The pull request was merged.
Jun 23 2018
Jun 22 2018
@runar Found an issue: show-raid.xml refers to ${vyos_op_scripts_dir}/show_raid.sh file, but that file does not exist.
Yes, it's been fixed a while ago.
Jun 21 2018
@c-po I've rebuilt those newer packages from source (typically by using apt-get source). Due to different libc and all they indeed cannot be installed directly.
Jun 20 2018
Appears to work fine now.
@hagbard If rewrite can be done in a reasonable time (days to a couple of weeks), I think trying to clean up old code is more trouble than it's worth.
With big stuff that cannot be easily rewritten, it may be worthwhile.
Jun 19 2018
@hagbard If you are working on it, by all means, assign it to yourself. We do not have a formal assignment policy, it's more like "I'm working on it" flag for coordination.
@runar The sudo wrapper is mostly due to the fact that the op mode convertor is largely a clone of the conf mode convertor. This also interfers with operator level users' ability to run anything at all, so this is a good point.
We likely need to switch to adding sudo where needed instead, but we need to test which commands break from it when run by non-admin users.
Jun 14 2018
Jun 8 2018
Seems to work fine now, reopen if necessary.
Jun 7 2018
Jun 6 2018
Jun 5 2018
Jun 4 2018
It was just an error in the help. Someone probably copied it from somewhere else (e.g. the address option of firewall rules) and forgot to edit.
Interesting. Perhaps the config format has changed in newer versions? What do the docs say?
Jun 3 2018
After installing pppd from T677, it seems to work again.
Found the issue. First, renaming is hadled in a pre-up script that was in the ppp package rather than vyatta-ravpn, so it is not included in 1.2.0.