Page MenuHomeVyOS Platform
Feed All Stories

May 31 2022

egoistdream added a comment to T3976: Missing prefix-list and access-list option from ipv6 route-map.

Yes on this version it is available the requested options for ipv6:

May 31 2022, 11:27 PM
fernando added a comment to T3976: Missing prefix-list and access-list option from ipv6 route-map.

yes, it was added on this version vyos-1.4-rolling-202205311706, please check again

May 31 2022, 11:13 PM
sarthurdev closed T3659: Configuration won't accept IPv6 addresses for site-to-site VPN tunnel prefixes/traffic selectors as Resolved.
May 31 2022, 6:13 PM · VyOS 1.4 Sagitta
sarthurdev closed T4148: Firewall - Error messages not that clear as it were in old firewall as Resolved.
May 31 2022, 6:11 PM · VyOS 1.4 Sagitta
sarthurdev closed T4199: Commit failed when setting icmpv6 type any as Resolved.
May 31 2022, 6:09 PM · VyOS 1.4 Sagitta
sarthurdev closed T4212: PermissionError when generating/installing server Certificate (generate pki certificate sign ...) as Resolved.
May 31 2022, 6:05 PM · VyOS 1.4 Sagitta
egoistdream added a comment to T3976: Missing prefix-list and access-list option from ipv6 route-map.

I just check and on version: vyos-1.4-rolling-202205310217 is still missing :(

May 31 2022, 2:17 PM
fernando added a comment to T3976: Missing prefix-list and access-list option from ipv6 route-map.

We've added this feature in our latest nightly building release, could you check it ?

May 31 2022, 1:50 PM
fernando changed the status of T3976: Missing prefix-list and access-list option from ipv6 route-map from Open to Needs testing.
May 31 2022, 1:40 PM
zsdc created T4452: WAN load-balancing exclude rules break PBR.
May 31 2022, 11:01 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.4 Sagitta
gabrieltackitt added a comment to T2044: RPKI doesn't boot properly.

Has any progress on this been made? I am still having this issue on 1.4-rolling-202205250217.

May 31 2022, 1:45 AM · VyOS 1.3 Equuleus (1.3.7), VyOS 1.5 Circinus, VyOS 1.4 Sagitta

May 30 2022

sarthurdev added a comment to T3642: PKI configuration.

PR for op-mode importing existing PKI files into config: https://github.com/vyos/vyos-1x/pull/1343

May 30 2022, 10:59 PM · VyOS 1.4 Sagitta
RyVolodya created T4451: The DHCPv6 server leases function the display of the hostname.
May 30 2022, 8:13 PM · VyOS 1.5 Circinus
Viacheslav closed T4315: Telegraf - Output to prometheus as Resolved.
May 30 2022, 1:30 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

May 29 2022

n.fort added a comment to T4450: Route-map - Extend options for ip|ipv6 address match.

PR: https://github.com/vyos/vyos-1x/pull/1342

May 29 2022, 4:51 PM · VyOS 1.4 Sagitta
n.fort claimed T4450: Route-map - Extend options for ip|ipv6 address match.
May 29 2022, 3:05 PM · VyOS 1.4 Sagitta
n.fort created T4450: Route-map - Extend options for ip|ipv6 address match.
May 29 2022, 3:05 PM · VyOS 1.4 Sagitta
panachoi added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

This vm started out with 4G of memory and 2CPUs; I doubled quickly everything when I hit the out of memory error the first time, but that didn't help. I can quickly install the latest rolling and test

May 29 2022, 12:18 PM · VyOS 1.3 Equuleus (1.3.6)
n.fort changed the status of T4449: Route-map - Extend options for ip next-hop match from Open to Needs testing.

PR: https://github.com/vyos/vyos-1x/pull/1339

May 29 2022, 11:04 AM · VyOS 1.4 Sagitta
n.fort added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

Yes, you error with "root" user is a known issue: T4281.

May 29 2022, 10:52 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav added a comment to T2597: Add more options to API.

Reset added in T4442

May 29 2022, 10:00 AM
c-po added a comment to T2472: Ability to configure EIGRP protocol.

Currently dealing with some minor FRR issues:

May 29 2022, 9:45 AM · VyOS 1.5 Circinus
c-po updated the task description for T2472: Ability to configure EIGRP protocol.
May 29 2022, 9:45 AM · VyOS 1.5 Circinus
c-po changed the status of T2773: EIGRP support for VRF from Open to In progress.
May 29 2022, 9:45 AM · VyOS 1.4 Sagitta
c-po edited projects for T2472: Ability to configure EIGRP protocol, added: VyOS 1.4 Sagitta; removed VyOS 1.3 Equuleus (1.3.0).
May 29 2022, 9:44 AM · VyOS 1.5 Circinus
c-po changed the status of T2472: Ability to configure EIGRP protocol from Open to In progress.
May 29 2022, 8:13 AM · VyOS 1.5 Circinus
panachoi added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

I've debugged this further, by breaking up my configuration into various sections (system, interfaces, firewall,nat,service,vpn etc) and running them on a new VM.

May 29 2022, 8:09 AM · VyOS 1.3 Equuleus (1.3.6)
c-po claimed T2773: EIGRP support for VRF.
May 29 2022, 8:01 AM · VyOS 1.4 Sagitta
c-po closed T2473: Xml for EIGRP [conf_mode], a subtask of T2472: Ability to configure EIGRP protocol, as Resolved.
May 29 2022, 8:01 AM · VyOS 1.5 Circinus
c-po closed T2473: Xml for EIGRP [conf_mode] as Resolved.
May 29 2022, 8:01 AM · VyOS 1.4 Sagitta
panachoi added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

Still not much luck here. But I've let the boot run a bit longer, and notice the following:

May 29 2022, 5:48 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav moved T2580: Support for ip pools for ippoe from Backport Candidates to Finished on the VyOS 1.4 Sagitta board.
May 29 2022, 12:19 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav edited projects for T2580: Support for ip pools for ippoe, added: VyOS 1.3 Equuleus (1.3.2); removed VyOS 1.3 Equuleus (1.3.0).
May 29 2022, 12:18 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

May 28 2022

Viacheslav added a comment to T4352: wan-load balance - priority traffic rule doesn't work .

@fernando Could you try to set sysctl mark?

sysctl -w net.ipv4.conf.eth0.src_valid_mark=1
sysctl -w net.ipv4.conf.eth1.src_valid_mark=1
May 28 2022, 7:40 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3083: Add feature event-handler.

PR https://github.com/vyos/vyos-1x/pull/1340

set service event-handler event first filter pattern '.*ssh2.*'
set service event-handler event first script arguments '192.0.2.5'
set service event-handler event first script environment interface value 'eth0'
set service event-handler event first script path '/config/scripts/hello.sh'
May 28 2022, 6:49 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
Viacheslav added a comment to T2218: Add support for the peeringdb module in salt (upgrade salt-minion to 2019.2).

The current salt-minion version 3003.4+ds-1
@maznu Do we need anything else for it?

May 28 2022, 1:51 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
n.fort claimed T4449: Route-map - Extend options for ip next-hop match.
May 28 2022, 11:15 AM · VyOS 1.4 Sagitta
n.fort created T4449: Route-map - Extend options for ip next-hop match.
May 28 2022, 11:15 AM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4387: Create additional smoketests for multiwan PBR & load-balanced configurations .

PR https://github.com/vyos/vyos-1x/pull/1338

May 28 2022, 11:05 AM · VyOS 1.4 Sagitta
c-po closed T4448: rip: add support for explicit version selection as Resolved.
May 28 2022, 6:18 AM · VyOS 1.4 Sagitta
c-po changed the status of T4448: rip: add support for explicit version selection from Open to In progress.
May 28 2022, 6:07 AM · VyOS 1.4 Sagitta
c-po created T4448: rip: add support for explicit version selection.
May 28 2022, 6:07 AM · VyOS 1.4 Sagitta
panachoi added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

Okay, thats the only rule where I was using a port-group combined with protocol all; the others that use protocol all dont have a port or port group in the rule, so they are okay?

May 28 2022, 5:50 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav added a project to T4387: Create additional smoketests for multiwan PBR & load-balanced configurations : VyOS 1.3 Equuleus (1.3.0).
May 28 2022, 5:14 AM · VyOS 1.4 Sagitta

May 27 2022

fernando added a comment to T3976: Missing prefix-list and access-list option from ipv6 route-map.

PR for 1.4 Sagitta branch https://github.com/vyos/vyos-1x/pull/1337

May 27 2022, 9:27 PM
c-po added a comment to T4350: DMVPN opennhrp spokes dont work behind NAT.

Works on my setup

May 27 2022, 8:04 PM · VyOS 1.3 Equuleus (1.3.2)
sarthurdev added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

1.4 rolling does not help me, so there must be something "wrong" with my configuration. I've attached the private config, it would be awesome if someone might find what's broken.

May 27 2022, 6:20 PM · VyOS 1.3 Equuleus (1.3.6)
fernando claimed T3976: Missing prefix-list and access-list option from ipv6 route-map.
May 27 2022, 5:59 PM
n.fort added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

For a better analysis, can you share your firewall and nat config without hidden data? You can send it to my email: [email protected]

May 27 2022, 4:36 PM · VyOS 1.3 Equuleus (1.3.6)
c-po closed T4441: wwan: connection not possible after a change added after 1.3.1-S1 release as Resolved.
May 27 2022, 6:44 AM · VyOS 1.3 Equuleus (1.3.2)
c-po moved T4447: DHCPv6 prefix delegation `sla-id` limited to 128 from Need Triage to In Progress on the VyOS 1.3 Equuleus (1.3.2) board.
May 27 2022, 6:43 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
c-po moved T4447: DHCPv6 prefix delegation `sla-id` limited to 128 from Need Triage to Finished on the VyOS 1.4 Sagitta board.
May 27 2022, 6:43 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
c-po added a comment to T4447: DHCPv6 prefix delegation `sla-id` limited to 128 .

PR for 1.3 equuleus branch https://github.com/vyos/vyos-1x/pull/1336

May 27 2022, 6:38 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
c-po changed the status of T4447: DHCPv6 prefix delegation `sla-id` limited to 128 from Open to In progress.
May 27 2022, 6:34 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
c-po created T4447: DHCPv6 prefix delegation `sla-id` limited to 128 .
May 27 2022, 6:34 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.2)
panachoi added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

1.4 rolling does not help me, so there must be something "wrong" with my configuration. I've attached the private config, it would be awesome if someone might find what's broken.

May 27 2022, 4:52 AM · VyOS 1.3 Equuleus (1.3.6)

May 26 2022

Viacheslav moved T4442: HTTP API add action "reset" from Need Triage to Finished on the VyOS 1.3 Equuleus (1.3.2) board.
May 26 2022, 2:53 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav closed T4442: HTTP API add action "reset" as Resolved.
May 26 2022, 2:53 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
dmbaturin created T4446: Unified CLI for displaying neithbors (ARP, IP, and NDP).
May 26 2022, 1:28 PM · VyOS 1.4 Sagitta
fmayo added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

@panachoi , for me moving to 1.4 rolling release did the trick. Boot times went from > 10 mins in 1.2 to 2-3 minutes in 1.4. Hope that helps

May 26 2022, 10:55 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav added a comment to T4362: Wan Load Balancing - Can't create routing tables.

Some debug info:

May 26 2022, 10:29 AM · VyOS 1.4 Sagitta
sarthurdev added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

@panachoi If you can share the anonymized config that works in 1.2.8 that would be useful. I'd expect migrating to 1.4 to see a decent improvement in firewall load times.

May 26 2022, 10:07 AM · VyOS 1.3 Equuleus (1.3.6)
panachoi added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

I'm still having issues moving past anything higher than 1.2.8. Booting 1.2.8 looks thusly:

May 26 2022, 9:47 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav added a comment to T4442: HTTP API add action "reset".

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1335

May 26 2022, 9:12 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T4444: sstp: Feature request. Port number changing support.

PR:
https://github.com/vyos/vyos-1x/pull/1334

May 26 2022, 6:46 AM · VyOS 1.4 Sagitta
showipintbri added a comment to T4445: [EDIT] Service Restored: Outage: Interface stops forwarding, IPv4 martian seen in the logs.

I'm trying to think what could have a 110 minute timer and the only think I can think of is the DHCP lease time:

May 26 05:58:49 rtr dhclient-script-vyos[7261]: No changes to apply via vyos-hostsd-client
May 26 05:58:49 rtr dhclient[7216]: bound to 72.81.238.169 -- renewal in 3075 seconds.
May 26 2022, 6:14 AM
Unknown Object (User) renamed T4444: sstp: Feature request. Port number changing support from sstp: Feature request. Add support to change port number to sstp: Feature request. Port number changing support.
May 26 2022, 6:09 AM · VyOS 1.4 Sagitta
showipintbri added a comment to T4445: [EDIT] Service Restored: Outage: Interface stops forwarding, IPv4 martian seen in the logs.

I just caught it again. Same logs line up with my continuous ping.

May 26 2022, 6:06 AM
Unknown Object (User) added a project to T4444: sstp: Feature request. Port number changing support: VyOS 1.4 Sagitta.
May 26 2022, 5:40 AM · VyOS 1.4 Sagitta
showipintbri created T4445: [EDIT] Service Restored: Outage: Interface stops forwarding, IPv4 martian seen in the logs.
May 26 2022, 4:26 AM
Unknown Object (User) created T4444: sstp: Feature request. Port number changing support.
May 26 2022, 1:31 AM · VyOS 1.4 Sagitta

May 25 2022

masterit updated the task description for T4443: Wan Load Balancing Multiple Regressions.
May 25 2022, 11:36 PM · VyOS 1.3 Equuleus (1.3.7)
masterit updated the task description for T4443: Wan Load Balancing Multiple Regressions.
May 25 2022, 11:30 PM · VyOS 1.3 Equuleus (1.3.7)
masterit triaged T4443: Wan Load Balancing Multiple Regressions as High priority.
May 25 2022, 11:27 PM · VyOS 1.3 Equuleus (1.3.7)
Viacheslav added a project to T4442: HTTP API add action "reset": VyOS 1.3 Equuleus (1.3.2).
May 25 2022, 11:17 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
masterit changed the status of T305: loadbalancing does not work with one pppoe connection and another connection of either dhcp or static from On hold to Open.
May 25 2022, 10:57 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta, test
Viacheslav moved T2763: New SNMP resource request - SNMP over TCP from Need Triage to Finished on the VyOS 1.4 Sagitta board.
May 25 2022, 9:58 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav added a comment to T4442: HTTP API add action "reset".

PR https://github.com/vyos/vyos-1x/pull/1333

May 25 2022, 8:50 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav claimed T4442: HTTP API add action "reset".
May 25 2022, 8:39 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav created T4442: HTTP API add action "reset".
May 25 2022, 8:39 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
jestabro closed T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors, a subtask of T4295: Use config_tree instead of legacy loadFile in vyos-load-config.py, as Resolved.
May 25 2022, 8:34 PM · VyOS 1.4 Sagitta
jestabro closed T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors as Resolved.
May 25 2022, 8:34 PM · VyOS 1.4 Sagitta
c-po moved T4441: wwan: connection not possible after a change added after 1.3.1-S1 release from Need Triage to In Progress on the VyOS 1.3 Equuleus (1.3.2) board.
May 25 2022, 8:19 PM · VyOS 1.3 Equuleus (1.3.2)
c-po added a comment to T4441: wwan: connection not possible after a change added after 1.3.1-S1 release.

PR pending approval https://github.com/vyos/vyos-1x/pull/1332

May 25 2022, 8:19 PM · VyOS 1.3 Equuleus (1.3.2)
c-po claimed T4441: wwan: connection not possible after a change added after 1.3.1-S1 release.
May 25 2022, 7:47 PM · VyOS 1.3 Equuleus (1.3.2)
c-po created T4441: wwan: connection not possible after a change added after 1.3.1-S1 release.
May 25 2022, 7:46 PM · VyOS 1.3 Equuleus (1.3.2)
jestabro added a comment to T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors.

PR fixing exposed errors:
https://github.com/vyos/vyos-1x/pull/1331

May 25 2022, 5:01 PM · VyOS 1.4 Sagitta
jestabro renamed T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors from Replacing legacy loadFile exposes missing steps in migration scripts to Replacing legacy loadFile exposes missing steps in migration scripts and other errors.
May 25 2022, 4:46 PM · VyOS 1.4 Sagitta
Unknown Object (User) awarded T751: IDS and IPS a 100 token.
May 25 2022, 1:52 PM · VyOS 1.4 Sagitta
Viacheslav closed T4410: Telegraf - Output to Splunk as Resolved.
May 25 2022, 1:11 PM · VyOS 1.4 Sagitta
Viacheslav closed T2194: "show firewall" garbled output, a subtask of T2199: Rewrite firewall in new XML/Python style, as Resolved.
May 25 2022, 1:08 PM · VyOS 1.4 Sagitta
Viacheslav closed T2194: "show firewall" garbled output as Resolved.
May 25 2022, 1:08 PM · VyOS 1.3 Equuleus (1.3.2), test

May 24 2022

jtcarnes changed the status of T4440: Add OCI compliant image labels to vyos-build and vyos containers from Open to In progress.
May 24 2022, 9:05 PM · vyos-build
dmbaturin created T4439: Operational command handling daemon.
May 24 2022, 2:27 PM · VyOS 1.5 Circinus
showipintbri added a comment to T4374: ipv6 address drops from interface, but network still active.

I removed my comment as my issue was not a bug AFAIK, but rather a miss-configuration and operation.

May 24 2022, 10:11 AM · VyOS 1.4 Sagitta
showipintbri added a comment to T4374: ipv6 address drops from interface, but network still active.
May 24 2022, 2:27 AM · VyOS 1.4 Sagitta

May 23 2022

jestabro claimed T4438: vyos-http-api doesn't start after router reboot if vrf is defined.
May 23 2022, 1:30 PM · VyOS 1.4 Sagitta
daniil created T4438: vyos-http-api doesn't start after router reboot if vrf is defined.
May 23 2022, 12:27 PM · VyOS 1.4 Sagitta
cgb added a comment to T4147: New Firewall Implementation - proposed changes on group implementation.

Yeah I discovered the same in forums:

May 23 2022, 7:37 AM · VyOS 1.4 Sagitta
adestis added a comment to T4147: New Firewall Implementation - proposed changes on group implementation.

I was not aware that the nft implementation changes the kind of how groups are used.
We have implemented a blacklisting approach which heavily relates on using ipset because no one wants to have hundred thousand of addresses in the config file.
So I think this is essential, at least for us.

May 23 2022, 7:17 AM · VyOS 1.4 Sagitta