Closing in favor of T2994 - please try tomorrows rolling release. If there are new bugs (which might always happen on rewrites) please file a new Bug report and I try to fix them ASAP.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Oct 30 2020
Oct 30 2020
c-po added a comment to T2969: OpenVPN: command_set on interface is not applied, if interface doesn't come up in commit.
c-po renamed T3005: Intel: update out-of-tree drivers, i40e driver warning from i40e driver warning to Intel: update out-of-tree drivers, i40e driver warning.
In T1289#78883, @Viacheslav wrote:Like this?
vyos@r4-roll# set policy route-map FJFFJJF rule 10 set ip-next-hop Possible completions: <x.x.x.x> IP addresswhere x.x.x.x route to blackhole?
Like this?
In T1289#35636, @dmbaturin wrote:The usual procedure is to create a route-map that sets the nexthop to a blackholed address if the advertisment has a specific community string set.
So when a customer advertises an address (rather a /32 network) to you with that string set, it automatically ends up blackholed.Do you just want a shortcut for that, or you are having issues with community string-based approach?
This logic does not allow for the complete removal of the protocol.
https://github.com/vyos/vyatta-cfg-quagga/blob/32cbb1e5059c6c27449b7013f790aff1c50a9831/templates/protocols/ospf/passive-interface/node.def#L29-L35
@rizkidtn Update, please your request. Is the community works for you for blackholing?
I found some interesting information, it seems that inbound/outbound port mirroring can be achieved
Viacheslav changed the status of T3032: Ability to "set table" in the policy route-map from Open to Needs testing.
Can you please share the entire configuration and version of the VyOS to reproduce the issue in the lab.
Oct 29 2020
Oct 29 2020
Unknown Object (User) created T3031: Error in Equuleus' help for IPv6 ECMP.
set interfaces ethernet eth1 ipv6 address no-default-link-local is the right command, yes
Bug ;) will be fixed soon
Yes, but iptables tee seems to support packet copy of various rules
Do you mean that?
set interfaces ethernet eth1 mirror
- Not all interfaces can be used as "update-source"
Missed "vti | dum | lo" etc.
https://github.com/vyos/vyos-1x/blob/current/interface-definitions/protocols-bgp.xml.in#L639
PR https://github.com/vyos/vyos-1x/pull/587
Fix the FRR template for new bgp implementation.
cjeanneret added a comment to T3029: Generated NGINX configuration is wrong for the redirection (http -> https).
Pull request is up: https://github.com/vyos/vyos-1x/pull/586
Viacheslav added a comment to T2587: Cannot enable the interface when the MTU is set to less than 1280.
How to do it?
Oct 28 2020
Oct 28 2020
zsdc changed the status of T3028: Create a default user when metadata is not available (for Cloud-init builds) from In progress to Needs testing.
You actually can when setting ipv6 disable-link-local addressing on the particular interface.
vyos@vyos# set interfaces ethernet eth2 mtu 16000 [edit] vyos@vyos# commit [ interfaces ethernet eth2 ] Interface MTU too high, maximum supported MTU is 9000!
The root cause for this is the sha256 checksum file itself. It contains the hash and the filename. When running sha256 --check during the upgrade it expects the "real" filename when calculating and verifying the hash. The real filename differs when using the vyos-rolling-latest.iso symlink on the webserver as it will tell the running VyOS installation a different filename and the validation fails. This is now fixed by not depending on the filename when verifying the has. We simply calculate the hash of the downloaded file and compare it to the hash we saved inside the checksum file and totally ignore the filename itself.
Unknown Object (User) closed T2631: l2tp, sstp, pptp add option to disable radius accounting as Resolved.
I have tested both SSTP and L2TP and it works as expected - thank you for this addition!
zsdc changed the status of T3028: Create a default user when metadata is not available (for Cloud-init builds) from Open to In progress.
Viacheslav changed the status of T3027: Unable to update system Signature check FAILED from Open to Confirmed.
Oct 27 2020
Oct 27 2020
Put in a PR to separate hello/hold timers for IPv4 and IPv6. Added IPv6 timers.
I will check it tomorrow and verify operation. Thank you!
Viacheslav closed T2587: Cannot enable the interface when the MTU is set to less than 1280 as Resolved.
Fixed
vyos@r4-roll# run show version
@klase Check these options in the next rolling release (after 20201027)
jestabro closed T2885: configd: print commit errors to config session terminal, a subtask of T2582: Script daemon to offload processing during commit, as Resolved.
jestabro closed T2808: Add smoketest to ensure script consistency with config daemon, a subtask of T2582: Script daemon to offload processing during commit, as Resolved.
jestabro added a comment to T3003: Extend smoketest framework to allow loading an arbitrary config file.
FRR doesn't delete isis configuration related "interfaces" with
delete protocols isis foo interface eth1
protocol "isisd" in the test was added here https://github.com/vyos/vyos-1x/pull/483/files#diff-060cdf269ea89160caa0deaebe8e323f0559aa6dfd19e5634a33634f3e38e461R72
Viacheslav added a project to T2933: VRRP add option virtual_ipaddress_excluded: Restricted Project.
Viacheslav added a comment to T3014: Clear under op mode and conf mode act differently. Uniting them.
@kroy What PR?
sounds good - would be good having some other options than just domain-name and email, but that's another story :). I'll follow the other task then!
It already fixed in the master branch.
https://github.com/hiroyuki-sato/vyos-documentation/commit/8587946d16aaae6f5495c1e591220f88005cd276
SrividyaA closed T2924: Using 'set src' in a route-map invalidates it as part of a subsequent boot-up as Resolved.
Resolved in T2985
@SrividyaA Thanks.
I have tested on this rolling release VyOS 1.3-rolling-202010231135 and created a lab setup similar to the reporter's setup.
@craterman it seems bug with your resolution.
Oct 26 2020
Oct 26 2020
set service https certificates certbot
domain-name(s) should contain the desired server-name. A rewrite is in progress in:
https://phabricator.vyos.net/T2289
@jestabro hmmm I don't see that "certbot" in the completion - running on rolling 1.3... ? In fact, nodes "certificates" and "certbot" are not shown here:
set service https
Possible completions:
> api VyOS HTTP API configuration
> api-restrict Restrict api proxy to subset of virtual hosts
> certificates TLS certificates
+> virtual-host Identifier for virtual host
I've been running chronyd for some time in a number of environments without any noticeable issues. I do think the clock on the hosts seems to be a bit more stable, but not something that is overly remarkable one way or the other. I'd have no problem with the change.
It exists:
https://phabricator.vyos.net/T1585
cjeanneret changed the status of T3020: The "scp" example is wrong in the bash-completion for "set system config-management commit-archive location" from Open to In progress.
I put a request on this up top. We'll get to it eventually, but I was hoping we could put it like this:
Can you add this commands
jestabro changed the status of T3003: Extend smoketest framework to allow loading an arbitrary config file from In progress to Needs testing.
This still needs to be integrated into check-qemu-install before PR:
https://github.com/vyos/vyos-1x/compare/current...jestabro:vyos-configtest
PR for crux https://github.com/vyos/vyos-1x/pull/582