Page MenuHomeVyOS Platform
Feed All Stories

Jul 11 2021

c-po added a comment to T2773: EIGRP support for VRF.

@Viacheslav but that sounds more of a decent FRR bug. We could still consider adding EIGRP support for 1.4

Jul 11 2021, 1:13 PM · VyOS 1.4 Sagitta
c-po moved T3659: Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors from Need Triage to In Progress on the VyOS 1.4 Sagitta board.
Jul 11 2021, 1:12 PM · VyOS 1.4 Sagitta
c-po moved T3663: Use inotify file watching where applicable from Need Triage to In Progress on the VyOS 1.4 Sagitta board.
Jul 11 2021, 1:12 PM · VyOS 1.4 Sagitta
c-po moved T1210: About IKEv2 IPSec VPN remote access from Need Triage to In Progress on the VyOS 1.4 Sagitta board.
Jul 11 2021, 1:12 PM · VyOS 1.4 Sagitta
c-po changed the status of T1210: About IKEv2 IPSec VPN remote access, a subtask of T2816: Rewrite IPsec scripts with the new XML/Python approach, from Open to Needs testing.
Jul 11 2021, 1:12 PM · VyOS 1.4 Sagitta
c-po changed the status of T1210: About IKEv2 IPSec VPN remote access from Open to Needs testing.
Jul 11 2021, 1:12 PM · VyOS 1.4 Sagitta
c-po closed T3665: Missing VRF support for VxLAN but already documented as Resolved.
Jul 11 2021, 1:09 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po claimed T3665: Missing VRF support for VxLAN but already documented.
Jul 11 2021, 1:06 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po added a project to T3637: vrf: bind-to-all didn't work properly: VyOS 1.3 Equuleus.
Jul 11 2021, 12:33 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po added a comment to T3666: VRF bind-to-all - it doesn't apply the settings ..

Backported fix from T3637

Jul 11 2021, 12:31 PM · VyOS 1.3 Equuleus (1.3.0)
c-po merged T3666: VRF bind-to-all - it doesn't apply the settings . into T3637: vrf: bind-to-all didn't work properly.
Jul 11 2021, 12:31 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po merged task T3666: VRF bind-to-all - it doesn't apply the settings . into T3637: vrf: bind-to-all didn't work properly.
Jul 11 2021, 12:31 PM · VyOS 1.3 Equuleus (1.3.0)
c-po claimed T3661: [vrf} route-leaking missing command.
Jul 11 2021, 11:39 AM · VyOS 1.3 Equuleus (1.3.0)
c-po changed the status of T3666: VRF bind-to-all - it doesn't apply the settings . from Open to In progress.
Jul 11 2021, 11:36 AM · VyOS 1.3 Equuleus (1.3.0)

Jul 10 2021

joelc added a comment to T3672: DHCP-FO with multiple subnets results in invalid/non-functioning dhcpd.conf configuration file output .

oh good grief this is an old problem.. Just found a reference here while researching: https://community.ui.com/questions/DHCP-Failover-Configuration-Multiple-VLAN-interfaces/da7a0f03-2c4e-4d9f-9924-c2297db177db

Jul 10 2021, 6:58 PM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta
c-po added a comment to T3675: L2TP over IPSEC broken.

I can confirm this on the latest rolling versions, seems to be a problem with the IPSec rewrite/move to swanctl.conf.

Jul 10 2021, 9:00 AM
c-po changed the status of T3675: L2TP over IPSEC broken from Open to Confirmed.
Jul 10 2021, 9:00 AM
Viacheslav closed T3636: SSTP / L2TP ipv6 support broken as Resolved.
Jul 10 2021, 8:38 AM · VyOS 1.4 Sagitta
primoz created T3675: L2TP over IPSEC broken.
Jul 10 2021, 8:18 AM
primoz added a comment to T3636: SSTP / L2TP ipv6 support broken.

This seems to work now.

Jul 10 2021, 8:14 AM · VyOS 1.4 Sagitta

Jul 9 2021

jack9603301 closed T3667: brctl is damaged as Resolved.
Jul 9 2021, 3:38 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3674: Webproxy squid is stared by default without any configuration.

PR https://github.com/vyos/vyos-build/pull/176

Jul 9 2021, 3:21 PM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav claimed T3674: Webproxy squid is stared by default without any configuration.
Jul 9 2021, 3:15 PM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav created T3674: Webproxy squid is stared by default without any configuration.
Jul 9 2021, 2:23 PM · VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T3673: BGP large-community del operation missing.

PR https://github.com/vyos/vyos-1x/pull/914

Jul 9 2021, 2:06 PM · VyOS 1.4 Sagitta
Viacheslav claimed T3673: BGP large-community del operation missing.
Jul 9 2021, 1:58 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3673: BGP large-community del operation missing.

It is a feature request.
So we don't have a "large-comm-list" for set in our CLI. It is incorrect to compare "large-community" with "large-comm-list"
The option "delete" is preset only for the "lists"

Jul 9 2021, 12:40 PM · VyOS 1.4 Sagitta
Viacheslav triaged T3673: BGP large-community del operation missing as Normal priority.
Jul 9 2021, 12:01 PM · VyOS 1.4 Sagitta
Viacheslav changed the subtype of T3673: BGP large-community del operation missing from "Bug" to "Feature Request".
Jul 9 2021, 12:00 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3537: Unable to override the default OSPFv3 link cost for wireguard interface.

I can't reproduce it in 1.3-rc5

set interfaces wireguard wg0 address '10.1.0.3/24'
set interfaces wireguard wg0 address 'cafe:c01d:c01a::2/64'
set interfaces wireguard wg0 description 'VPN-to-wg-PEER01-192.0.2.1'
set interfaces wireguard wg0 ipv6 ospfv3 cost '24'
set interfaces wireguard wg0 ipv6 ospfv3 dead-interval '40'
set interfaces wireguard wg0 ipv6 ospfv3 hello-interval '10'
set interfaces wireguard wg0 ipv6 ospfv3 instance-id '0'
set interfaces wireguard wg0 ipv6 ospfv3 priority '1'
set interfaces wireguard wg0 ipv6 ospfv3 retransmit-interval '5'
set interfaces wireguard wg0 ipv6 ospfv3 transmit-delay '1'
set interfaces wireguard wg0 peer PEER01 address '192.0.2.1'
set interfaces wireguard wg0 peer PEER01 allowed-ips '0.0.0.0/0'
set interfaces wireguard wg0 peer PEER01 allowed-ips '10.0.3.0/24'
set interfaces wireguard wg0 peer PEER01 allowed-ips '::/0'
set interfaces wireguard wg0 peer PEER01 port '12345'
set interfaces wireguard wg0 peer PEER01 pubkey 'Cpqy8='
set interfaces wireguard wg0 port '54321'
set protocols ospf area 0 network '10.1.0.0/24'
set protocols ospf passive-interface 'default'
set protocols ospf passive-interface-exclude 'wg0'
set protocols ospfv3 area 0 interface 'wg0'
Jul 9 2021, 9:31 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
ernstjo created T3673: BGP large-community del operation missing.
Jul 9 2021, 9:00 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3662: Container configuration upgrade destroys system.

In the latest rolling release all works fine without any changes

vyos@r1-roll:~$ show version
Jul 9 2021, 8:39 AM · VyOS 1.4 Sagitta
jack9603301 updated the task description for T3667: brctl is damaged.
Jul 9 2021, 7:16 AM · VyOS 1.4 Sagitta
jack9603301 updated the task description for T3667: brctl is damaged.
Jul 9 2021, 7:15 AM · VyOS 1.4 Sagitta
dtoux changed Version from VyOS 1.3-rolling-202105011026 to VyOS 1.3-rolling-202105011026, VyOS 1.3.0-rc5 on T3537: Unable to override the default OSPFv3 link cost for wireguard interface.
Jul 9 2021, 4:47 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
dtoux added a comment to T3537: Unable to override the default OSPFv3 link cost for wireguard interface.

The issue seems still present in Vyos 1.3.0-rc5

Jul 9 2021, 4:46 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
joelc created T3672: DHCP-FO with multiple subnets results in invalid/non-functioning dhcpd.conf configuration file output .
Jul 9 2021, 12:58 AM · VyOS 1.3 Equuleus (1.3.0-epa1), VyOS 1.4 Sagitta

Jul 8 2021

Viacheslav changed the status of T3671: Webproxy not functional in 1.2.8 update from Open to Confirmed.

It seems there were changes in squid , but not in our code.

Jul 8 2021, 10:52 PM · VyOS 1.2 Crux (VyOS 1.2.9)
trystan created T3671: Webproxy not functional in 1.2.8 update.
Jul 8 2021, 8:51 PM · VyOS 1.2 Crux (VyOS 1.2.9)
artooro created T3670: Option to disable HTTP port 80 redirect.
Jul 8 2021, 5:22 PM · VyOS 1.4 Sagitta
Viacheslav closed T3669: frr.log file missing from /var/log/frr/ as Invalid.

It is not used /var/log/frr anymore T2061

Jul 8 2021, 5:09 PM
RyVolodya added a comment to T3494: DHCPv6 leases traceback when PD using.

Please backport this to 1.3. Thanks.

Jul 8 2021, 11:40 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
hitesh.happani created T3669: frr.log file missing from /var/log/frr/.
Jul 8 2021, 10:59 AM
trae32566 added a comment to T3628: commit-archive source-address Interface Broken.
trae@cr01a-vyos# show system config-management 
 commit-archive {
     location sftp://cr01a-vyos.int:<somePassword>@stor01z-rh8.int.trae32566.org:/int/cr01a-vyos
     source-address lo
 }
 commit-revisions 10000
Jul 8 2021, 5:20 AM · VyOS 1.4 Sagitta

Jul 7 2021

jack9603301 added a comment to T3667: brctl is damaged.

PR: https://github.com/vyos/vyos-1x/pull/913

Jul 7 2021, 4:51 PM · VyOS 1.4 Sagitta
jack9603301 changed the status of T3667: brctl is damaged from Open to In progress.
Jul 7 2021, 4:45 PM · VyOS 1.4 Sagitta
jack9603301 created T3667: brctl is damaged.
Jul 7 2021, 4:45 PM · VyOS 1.4 Sagitta
fernando created T3666: VRF bind-to-all - it doesn't apply the settings ..
Jul 7 2021, 4:24 PM · VyOS 1.3 Equuleus (1.3.0)
tom.siewert renamed T3665: Missing VRF support for VxLAN but already documented from Missing `vrf` support for VxLAN to Missing VRF support for VxLAN but already documented.
Jul 7 2021, 1:57 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
tom.siewert created T3665: Missing VRF support for VxLAN but already documented.
Jul 7 2021, 1:57 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
sarthurdev updated the task description for T3642: PKI configuration.
Jul 7 2021, 11:59 AM · VyOS 1.4 Sagitta
sarthurdev added a comment to T3642: PKI configuration.

vpn rsa-keys migrated: https://github.com/vyos/vyos-1x/pull/912

Jul 7 2021, 11:57 AM · VyOS 1.4 Sagitta
erkin added a comment to T3628: commit-archive source-address Interface Broken.

@trae32566 I can't replicate this. Can you post your config?

Jul 7 2021, 9:04 AM · VyOS 1.4 Sagitta
erkin changed the status of T3628: commit-archive source-address Interface Broken, a subtask of T3356: Script for remote file transfers, from Open to In progress.
Jul 7 2021, 9:03 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
erkin changed the status of T3628: commit-archive source-address Interface Broken from Open to In progress.
Jul 7 2021, 9:03 AM · VyOS 1.4 Sagitta
trae32566 reopened T3628: commit-archive source-address Interface Broken, a subtask of T3356: Script for remote file transfers, as Open.
Jul 7 2021, 5:51 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
trae32566 reopened T3628: commit-archive source-address Interface Broken as "Open".

This is still broken on the most recent rolling release:

trae@cr01a-vyos# commit
Using source address lo
Archiving config...
  sftp://stor01z-rh8.int.trae32566.org:/int/cr01a-vyos Traceback (most recent call last):
  File "<string>", line 1, in <module>
  File "/usr/lib/python3/dist-packages/vyos/remote.py", line 315, in upload
    upload_sftp(local_path, url.hostname, url.path, username, password, port, source, progressbar)
  File "/usr/lib/python3/dist-packages/vyos/remote.py", line 190, in upload_sftp
    transfer_sftp('upload', *args, **kwargs)
  File "/usr/lib/python3/dist-packages/vyos/remote.py", line 162, in transfer_sftp
    sock.connect((hostname, port))
OSError: [Errno 22] Invalid argument
[edit protocols bgp]
Jul 7 2021, 5:51 AM · VyOS 1.4 Sagitta

Jul 6 2021

SrividyaA added a comment to T3656: IPSec 1.4 : "show vpn ike sa" does not show the correct default ike version.

@sdev , Thank you. I will test and confirm, once the new rolling version is released.

Jul 6 2021, 4:34 PM · VyOS 1.4 Sagitta
dmbaturin created T3664: Build flavor system redesign.
Jul 6 2021, 1:47 PM · VyOS 1.4 Sagitta
c-po closed T3660: Conntrack-Sync configuration command to specify destination udp port for peer as Resolved.
Jul 6 2021, 5:33 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po added a comment to T3660: Conntrack-Sync configuration command to specify destination udp port for peer.

Thanks for the confirmation

Jul 6 2021, 5:33 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Jul 5 2021

m1nus added a comment to T3660: Conntrack-Sync configuration command to specify destination udp port for peer.

Hi @c-po i've been testing the added command.

Jul 5 2021, 2:23 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
fernando added a comment to T3661: [vrf} route-leaking missing command.

yes , but when you use 'set protocols static route 10.0.0.0/8 next-hop 1.1.1.1 next-hop-vrf red' it doesn't install the prefix in the default table :

Jul 5 2021, 1:25 PM · VyOS 1.3 Equuleus (1.3.0)
Viacheslav added a comment to T3076: Router reboot adds unwanted 'conntrack-sync mcast-group '225.0.0.50'' line to configuration.

@tjh If you have a test lab, can you check conntrack-sync in the latest 1.3?

Jul 5 2021, 10:48 AM · VyOS 1.3 Equuleus (1.3.0-epa1)

Jul 4 2021

dmbaturin created T3663: Use inotify file watching where applicable.
Jul 4 2021, 7:15 PM · VyOS 1.4 Sagitta
Viacheslav added a subtask for T2216: Containerized third-party applications for VyOS: T3499: Podman is not compatible with nat rules.
Jul 4 2021, 3:08 PM · VyOS 1.4 Sagitta
Viacheslav added a parent task for T3499: Podman is not compatible with nat rules: T2216: Containerized third-party applications for VyOS.
Jul 4 2021, 3:08 PM · VyOS 1.4 Sagitta
Viacheslav added a subtask for T2216: Containerized third-party applications for VyOS: T3662: Container configuration upgrade destroys system.
Jul 4 2021, 3:07 PM · VyOS 1.4 Sagitta
Viacheslav added a parent task for T3662: Container configuration upgrade destroys system: T2216: Containerized third-party applications for VyOS.
Jul 4 2021, 3:07 PM · VyOS 1.4 Sagitta
jack9603301 added a comment to T3662: Container configuration upgrade destroys system.

PR: https://github.com/vyos/vyos-1x/pull/909

Jul 4 2021, 1:27 PM · VyOS 1.4 Sagitta
c-po added a comment to T1251: IKEv2 Agile VPN Support.

@dongjunbo this is a very very basic PR for VyOS 1.4 with the goal to implement this into the main VyOS release.

Jul 4 2021, 10:03 AM · VyOS 1.3 Equuleus (1.3.0)
c-po added a comment to T1210: About IKEv2 IPSec VPN remote access.

https://github.com/vyos/vyos-1x/pull/908

Jul 4 2021, 10:00 AM · VyOS 1.4 Sagitta
c-po added a comment to T1251: IKEv2 Agile VPN Support.

https://github.com/vyos/vyos-1x/pull/908

Jul 4 2021, 10:00 AM · VyOS 1.3 Equuleus (1.3.0)
jack9603301 claimed T3662: Container configuration upgrade destroys system.
Jul 4 2021, 6:40 AM · VyOS 1.4 Sagitta

Jul 3 2021

c-po claimed T1210: About IKEv2 IPSec VPN remote access.
Jul 3 2021, 5:22 PM · VyOS 1.4 Sagitta
c-po closed T57: Make it possible to disable the entire IPsec peer, a subtask of T2816: Rewrite IPsec scripts with the new XML/Python approach, as Resolved.
Jul 3 2021, 5:22 PM · VyOS 1.4 Sagitta
c-po closed T57: Make it possible to disable the entire IPsec peer as Resolved.
Jul 3 2021, 5:22 PM · VyOS 1.4 Sagitta
c-po edited projects for T1210: About IKEv2 IPSec VPN remote access, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus.
Jul 3 2021, 5:20 PM · VyOS 1.4 Sagitta
c-po merged task T1251: IKEv2 Agile VPN Support into T1210: About IKEv2 IPSec VPN remote access.
Jul 3 2021, 5:20 PM · VyOS 1.3 Equuleus (1.3.0)
c-po merged T1251: IKEv2 Agile VPN Support into T1210: About IKEv2 IPSec VPN remote access.
Jul 3 2021, 5:20 PM · VyOS 1.4 Sagitta
jack9603301 triaged T3662: Container configuration upgrade destroys system as High priority.
Jul 3 2021, 2:09 PM · VyOS 1.4 Sagitta
jack9603301 created T3662: Container configuration upgrade destroys system.
Jul 3 2021, 2:00 PM · VyOS 1.4 Sagitta
c-po added a comment to T3661: [vrf} route-leaking missing command.

Commands are implemented.

Jul 3 2021, 12:07 PM · VyOS 1.3 Equuleus (1.3.0)

Jul 2 2021

fernando created T3661: [vrf} route-leaking missing command.
Jul 2 2021, 10:57 PM · VyOS 1.3 Equuleus (1.3.0)
m1nus added a comment to T3660: Conntrack-Sync configuration command to specify destination udp port for peer.

Thanks Chris I'll test it once available and let you know!!

Jul 2 2021, 8:31 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po added a comment to T3660: Conntrack-Sync configuration command to specify destination udp port for peer.

Added command set service conntrack-sync interface <intrerface> port <port>

Jul 2 2021, 8:26 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
c-po changed the status of T3660: Conntrack-Sync configuration command to specify destination udp port for peer from Confirmed to Needs testing.
Jul 2 2021, 8:23 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav moved T3535: Rewrite vyatta-conntrack-sync in new XML and Python flavor from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Jul 2 2021, 5:45 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a project to T3535: Rewrite vyatta-conntrack-sync in new XML and Python flavor: VyOS 1.3 Equuleus.
Jul 2 2021, 5:45 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
Viacheslav added a comment to T3045: Changes to Conntrack-Sync don't apply correctly (Mutlicast->UDP).

Fixed for 1.3 in commit https://github.com/vyos/vyos-1x/commit/21527ef4551613fe9b7eed9e4b2ce33ad46fe540

Jul 2 2021, 5:37 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav added a comment to T3076: Router reboot adds unwanted 'conntrack-sync mcast-group '225.0.0.50'' line to configuration.

Fixed for 1.3 in commit https://github.com/vyos/vyos-1x/commit/21527ef4551613fe9b7eed9e4b2ce33ad46fe540 and T3535

Jul 2 2021, 5:37 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
Viacheslav moved T3045: Changes to Conntrack-Sync don't apply correctly (Mutlicast->UDP) from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Jul 2 2021, 5:35 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.2 Crux (VyOS 1.2.9)
Viacheslav moved T3076: Router reboot adds unwanted 'conntrack-sync mcast-group '225.0.0.50'' line to configuration from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Jul 2 2021, 5:35 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
cohn added a comment to T109: VyOS Can Lose Parts Of Its Config On Reboot - In Certain Situations.

I'm seeing the same behavior for the OSPF v2 configuration on the 1.4 train for an image built on April 26th 2021. Just a heads up.

Jul 2 2021, 3:19 PM · VyOS 1.3 Equuleus (1.3.3)
Viacheslav added a comment to T3535: Rewrite vyatta-conntrack-sync in new XML and Python flavor.

PR for 1.3
https://github.com/vyos/vyos-1x/pull/904
https://github.com/vyos/vyos-world/pull/4

Jul 2 2021, 1:55 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
raphielscape added a comment to T3648: op-mode: nat rules broken.

Source NAT Rules went Out of Range in VyOS 1.4-rolling-202107010320

Jul 2 2021, 1:11 PM · VyOS 1.4 Sagitta
m1nus added a comment to T3660: Conntrack-Sync configuration command to specify destination udp port for peer.

Hi @c-po I hope you're doing great!

Jul 2 2021, 12:04 PM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta
sarthurdev changed the status of T3659: Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors from In progress to Needs testing.
Jul 2 2021, 10:38 AM · VyOS 1.4 Sagitta
sarthurdev added a comment to T3656: IPSec 1.4 : "show vpn ike sa" does not show the correct default ike version.

Should be resolved in PR: https://github.com/vyos/vyos-1x/pull/903

Jul 2 2021, 10:38 AM · VyOS 1.4 Sagitta
sarthurdev added a comment to T3659: Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors.

Fixed in PR: https://github.com/vyos/vyos-1x/pull/903

Jul 2 2021, 10:37 AM · VyOS 1.4 Sagitta