conntrack implementation changed form 1.3 -> 1.4 by a rewrite. Can you please tell us which version of VyOS you are using?

Looks good on 1.4-rolling-202107010537 and 1.3-beta-202106301443:

Should be addresses using the new vyos smoketest shim from 1.4 branch.

Please share your configuration.

Hi ruben

All of my neighbors are connected with me via wireguard interfaces (a different interface for every peering). I have no physical direct link with any peer.
All neighbors using IPv4 or ULA IPv6 addresses are working properly.

Please share your entire setup then somwe are able to help out.

i was referring to the FRR command as deprecated, not the corresponding VyOS command. The VyOS command is not even available in the last version of VyOS... I was able to try it only via vtysh...

please stop the idea of "deprecated" command. VyOS commands are in no relation to FRR commands.
If (and when) the FRR syntax changes, we will ensure it will still work by either migrating the VyOS CLI configuration dynamically on upgrade or by adjusting to the FRR configuration "under the hood" with our Jinja2 template.

PR https://github.com/vyos/vyos-1x/pull/902
PR https://github.com/vyos/vyos-documentation/pull/561

It seems that what I thought is true:

could this help https://patchwork.ozlabs.org/project/netfilter-devel/patch/776b8819c85c83088478b933a35691133055347a.1430733932.git.daniel@iogearbox.net ?

as I wrote on slack, from my point of view it is a kernel problem. It seems that the conntrack in the kernel detects the packets eben if they come in on an input interface in default and so
the nat code won'T match cause for conntrack the outgoing interface is still eth0 which is in vrf OOBM instead pppoe0.

Hi ruben,

upgraded to 1.4-rolling-202106290839 but still not working for my setup...

Is it worked in 1.3/1.2?

Hello @joeudes , it looks like without enabled ppp-option ipv6 it should not work

set service pppoe-server ppp-options ipv6 allow

the new build is already available. I am unsure if this works or is even supported by FRR.
Please consult FRR manual and try configuring this manually from vtysh.

@Viacheslav it is reproducible in 1.2.7

vyos@vyos:~$ touch file1
vyos@vyos:~$ touch file2
vyos@vyos:~$ touch file3
vyos@vyos:~$ ls
file1  file2  file3
vyos@vyos:~$ reset vpn remote-access user 
Possible completions:
  file1         Terminate specified user's current remote access VPN session(s)
  file2
  file3

looking at your configuration I see you set the neighbor using the interface name.
But in that case how does FFR know which IP address to connect to initiate a BGP session? Works in passive mode only?

PR is in: https://github.com/vyos/vyos-1x/pull/901

Bug confirmed and fixed,

I haven't access to the Cisco one because that is configured by another provider:

Should I hold out any hope for this to be implemented? Still willing to help test and do whatever I can to get this in.

I should soon have a PR ready for this, including an update to IPSec config to show how to port existing configs to use PKI.

I like the design!

In T3657#97243, @c-po wrote:

I wonder why you use ebgp multihop wirh link local addresses?

I used it only for testing (but this command increment ttl in two).

even if FRR manual states the deprecation notice, we have our own layer of abstraction and will deal with it once it is required.
For the time beeing, I just checked the commands (using tab completion).

In T3657#97243, @c-po wrote:

Also FRR manual states:

When you connect to a BGP peer over an IPv6 link-local address, you have to specify the IFNAME of the interface used for the connection. T

Please try set protocols bgp neighbor <addr> interface eth1

For 1.2.7 it adds unexpected multicast group per "save"
Configs for reproduce:

I wonder why you use ebgp multihop wirh link local addresses?

To reproduce (VyOS 1.3-beta-202106271614):

Verified working in GNS3 on 1.3.0-rc4. Note that /var/lib/dhcpv6/dhcp6c_duid is not used if send client-id is configured.

Parent Task: https://phabricator.vyos.net/T2816

I add an extra commentary , it is config on FRR:

As requested the config{F1499926}

I have tried one more scenario:

Hi, any updates on this?

Doesn't work, VyOS 1.4-rolling-202106271939

What would be the "full set" up supported characters? If I remember correctly this regex is inherited from VyOS 1.1

Please share your Cisco and VyOS config, and also the Cisco router Model/Version