Good shout, fixed in following PR: https://github.com/vyos/vyos-1x/pull/1005
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Sep 15 2021
Sep 14 2021
This line doesn't match ipv6 addresses https://github.com/vyos/vyos-1x/blob/f86b7314d025fd0cf11c2d91638ed3cc7c4fa507/src/helpers/strip-private.py#L66
Booted my host with 1.4-rolling-202109140217 and confirmed pfs enabled is now generating the expected swanctl.conf file to match the old behavior. If I don't report back in exactly an hour from now that my tunnels died, we can assume the fix works.
Sep 13 2021
Please take a look at the commit 9213ce6672582bc12f02c1530726fe97030d2cfe for kernel 5.13.
To start the proposed CLI:
Needs to be discussed.
1.3-beta-202109120646 doesn't have any commits from T3821:
Migration scripts are meant for adjusting old configs for a new configuration syntax version. I feel that using that mechanism for fresh installs is wrong and we should move that logic to a different place, ideally to the script that inserts MAC addresses in the config—I forgot which script it is.
FRR behaviour without "interface" in route - it replaced metric with value without metric
r12-lts(config)# ip route 0.0.0.0/0 192.168.122.1 r12-lts(config)# r12-lts(config)# do sho run | include 0.0.0.0 ip route 0.0.0.0/0 192.168.122.1 r12-lts(config)# r12-lts(config)# ip route 0.0.0.0/0 192.168.122.1 210 r12-lts(config)# r12-lts(config)# do sho run | include 0.0.0.0 ip route 0.0.0.0/0 192.168.122.1 210 r12-lts(config)# r12-lts(config)# ip route 0.0.0.0/0 192.168.122.1 r12-lts(config)# r12-lts(config)# do sho run | include 0.0.0.0 ip route 0.0.0.0/0 192.168.122.1 r12-lts(config)# r12-lts(config)# ip route 0.0.0.0/0 192.168.122.1 eth0 210 r12-lts(config)# r12-lts(config)# do sho run | include 0.0.0.0 ip route 0.0.0.0/0 192.168.122.1 ip route 0.0.0.0/0 192.168.122.1 eth0 210 r12-lts(config)#
To reproduce:
set interfaces ethernet eth0 address 'dhcp' set protocols static route 0.0.0.0/0 next-hop 192.168.122.1
Ot feels thos change broke more then it fixed. Can we revert it?
This is because of T3821
Note: config versions were added to the default configs here https://github.com/vyos/vyos-build/commit/23639568a945f19471af88547dab45b87bbd642d, but the current vyos-build-ami replaces the default file with its own that hasn't been modified to add the versioning comment yet. That can probably be fixed whenever that repo is updated for equuleus (I have my own patched local branch that I could publish if desired).
cc: @c-po maybe this was a side effect of unifying the two parsers
Sep 12 2021
Note the version string should be different in 1.3:
Sep 11 2021
Backport to 1.3 is complete. See T3821 for further discussion.
FYI, if your OpenVPN config relies on cert files or anything you uploaded into the config directory, you may need to change the owner to the openvpn user or widen file permissions. Oddly this only seems to affect equuleus, not sagitta (OpenVPN seems fine reading files owned by "root" out of "/config/auth").
Sorry for the noise.
No, I saw no other errors that looked related to the DHCPv6 WAN client.
Sep 10 2021
Okay, trying to reproduce this. In the meantime, can you please check the behavior with vtysh as restarting bgpd is actually a bad idea.
My gut tells me this might be an FRR issue.
in vyos 1.2.x is this NAT mode working fine. We uset it at six routers with 12Gbps of real traffic without crash and reboot over one a half year. Please keep this option in future versions.