It's in 1.2 rolling too, but the iso has to rebuild. You can alternatively download and manually install http://dev.packages.vyos.net/repositories/current/vyos/pool/main/v/vyos-1x/vyos-1x_1.3.0-16_all.deb.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Sep 23 2019
Sep 23 2019
Has this been merged into 1.2, or just 1.3? Because all of the 1.2-rolling images currently available from downloads.vyos.io right now have this bug in them :-(
MikroTik RouterOS supports something like this:
Why does this BGP neighbor need to be configred in the VyOS CLI? Wouldn't it be added automatically as a side-effect of wanting netflow data to have ASNs? Maybe add a flag to netflow, for those of us who are carrying full tables.
Having had bgpd peg a core to 100% (for no discernible reason), I'd welcome the ability to give quag^WFRR a kick, rather than rebooting the entire VyOS box.
We run ntop on a separate device, and export netflow data to the ntop/nprobe box from our routers (VyOS included). Would that work in your scenario too?
hagbard edited projects for T1679: during bootup: invalid literal for int() with base 10, added: VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.
Symptoms which cause no configuration of the device after booting into 1.2:
PR to fix this: https://github.com/vyos/vyos-1x/pull/136
Unknown Object (User) changed Difficulty level from easy to normal on T1678: hostfile-update missing line feed.
Unknown Object (User) added a comment to T1678: hostfile-update missing line feed.
Also exist additional issue, if we add system static host-mapping all dhcp records will be erased.
Unknown Object (User) created T1678: hostfile-update missing line feed.
To elaborate on what was written above, in the case of amd64 packages, a package more recent than 3.8.2 is not available from the debian.org repository as there are no more recent releases. The official SourceForge project has been marked as unmaintained by its owner wimpunk, and 3.8.2 was the last release.
Sep 22 2019
Sep 22 2019
Unknown Object (User) added a comment to T1169: LLDP potentially broken.
Hello @kroy I trying test your issue in lab and some question about rfc4957, Does LLDP should see more one neighbour? In my Lab all directly connected devices filter ethertype LLDP (0x88cc) for passthrough. Can you explain, how exactly connected R1,R2,R3,R4? In one switch?
Sep 21 2019
Sep 21 2019
[edit firewall name local-outside-v4]
hard@vyos# show
+rule 3 {
+ action drop
+ source {
+ mac-address !11:22:33:44:55:66
+ }
+}
[edit firewall name local-outside-v4]
hard@vyos# commithard added a comment to T1083: Implement persistent/random address and port mapping options for NAT rules.
Created pull request
Just some feedback here, but this has been working flawlessly in all my environments so far for BGP, OSPF, and OSPFv3 ... you guys are awesome!
hard added a comment to T1083: Implement persistent/random address and port mapping options for NAT rules.
Almost done, also implemented 'random' flag, looks ok? or change name? for example - flag, or flags
vindenesen added a comment to T1630: OpenVPN after changing it from root to nobody (unprivileged user) cant add routes.
Using 1.2-rolling-201909210810, it has happened to me.
c-po edited projects for T1675: OpenVPN - Specify minimum TLS version, added: VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.
Thanks for the contribution, Please use VyOS 1.3 tag as this won't be backported to crux easily
c-po closed T1637: Rewrite ethernet interface in new style XML syntax, a subtask of T1579: Rewrite all interface types in new XML/Python style, as Resolved.
jestabro closed T1676: [equuleus] buster: update GRUB boot parameters during upgrade, a subtask of T476: Update the base system to Debian 10 (Buster), as Resolved.
Sep 20 2019
Sep 20 2019
jestabro changed the status of T1676: [equuleus] buster: update GRUB boot parameters during upgrade from Open to In progress.
jestabro closed T1602: equuleus: buster: add live build apt options for choosing vyos packages, a subtask of T476: Update the base system to Debian 10 (Buster), as Resolved.
Pull request created: https://github.com/vyos/vyos-1x/pull/133
vindenesen changed the status of T1675: OpenVPN - Specify minimum TLS version from Open to In progress.
Please add the config here as text so it can be easily extracted. Image hosting services tend to not store information forever.
kroy closed T1638: vyos-hostsd not setting system domain name , a subtask of T1598: New implementation of the resolv.conf and hosts update mechanism, as Resolved.
PR132 fixes this problem
Sep 19 2019
Sep 19 2019
kroy edited projects for T1638: vyos-hostsd not setting system domain name , added: VyOS 1.2 Crux (VyOS 1.2.3); removed VyOS 1.2 Crux.
Would be very nice, I tested with an old one already, but want to make sure I haven't uncovered side effects.
Already fixed manually, but I can test on yesterday's vm backup if needed.
Not sure what you mean by pre and post-commit config blocks.
PR merged https://github.com/vyos/vyos-1x/pull/131
c-po changed Difficulty level from unknown to easy on T1666: Deleting a bond will place member interfaces into A/D state.
c-po closed T1666: Deleting a bond will place member interfaces into A/D state, a subtask of T1614: Rewrite bonding interface in new style XML syntax, as Resolved.
hagbard changed the status of T1672: Wireguard keys not automatically moved from In progress to Needs testing.
https://github.com/vyos/vyos-1x/commit/eb9c6ff745fc5d4e23c224a441874ae6fcf97ac5
@mb300sd Tomorrows rolling will have the fix applied.
Please share a pre and post-commit config block for me for testing.
hagbard changed the status of T1672: Wireguard keys not automatically moved from Confirmed to In progress.
The loading error is caused by bridging a l2tpv3 interface, didn't see the cause at first because of the other errors. Since the bridge is now created at priority 470, and l2tpv3 is 800, when before an interface would be added to the bridge as it is created.
Pull request added: https://github.com/vyos/vyos-1x/pull/131
hagbard edited projects for T1672: Wireguard keys not automatically moved, added: VyOS 1.3 Equuleus; removed VyOS 1.2 Crux.
After adding the vif to bridge member interfaces, I get a config load error on boot. Running config, load, commit, works. Something to do with the order the configs get applied?
mb300sd renamed T1673: vif bridge-group not migrated to bridge member interface from bridge-group missing from vif to vif bridge-group not migrated to bridge member interface.
mb300sd changed Is it a breaking change? from behavior to syntax on T1673: vif bridge-group not migrated to bridge member interface.
Just noticed bridge has a member interface parameter now. The vif bridge-group config was not migrated.
jjakob added a comment to T1416: 2 dhcp server run in failover mode can't sync hostname with each other.
@thinkl33t you can run your own DNS server with dynamic update functionality, vyos's dhcp server will write the hostnames to it. Doing that is outside the scope of vyos though, and you'd have to think of security, e.g. can a rogue dhcp client DNS spoof your hostnames to do a MITM attack. Systems that do do dyn-dns updates, for example FreeIPA, usually use some sort of pre-shared keys/certificates on the clients (for authentication) and limit the scope to IP updates on preexisting hostnames only, they don't allow adding arbitrary hostnames. At least I'd limit the scope to add all dynamic dns updates to a single zone predefined expressly for that purpose, and not use that zone for any security-critical applications, like logging in to services or doing unauthenticated connections, where a MITM may scrape your sensitive data. I'd only do dyn-dns hostnames from dhcp on a DHCP network where I'm absolutely sure no rogue client could gain access to it, via the network or physically, and that is almost never useful.
hagbard changed the status of T1635: Rewrite interface pseudo-ethernet in new XML/Python style, a subtask of T1579: Rewrite all interface types in new XML/Python style, from Open to In progress.
hagbard changed the status of T1635: Rewrite interface pseudo-ethernet in new XML/Python style from Open to In progress.
hagbard moved T1664: Ipoe with bond per vlan don't work from Need Triage to Finished on the VyOS 1.3 Equuleus board.
hagbard moved T1664: Ipoe with bond per vlan don't work from Finished to Backlog on the VyOS 1.2 Crux board.
Thanks for testing.
thinkl33t added a comment to T1416: 2 dhcp server run in failover mode can't sync hostname with each other.
In T1416#40429, @zsdc wrote:@thinkl33t, recommended way is using dynamic-dns-update, all other ways are not recommended to use at this moment.
@hagbard
In VyOS 1.2-rolling-201909190545 all work. Fixed. Thank's.
Sep 18 2019
Sep 18 2019
Seems that upstream did not backport the fixes to the stable version's. So it is only included in frr 7.2.
I asked them for backport.
hagbard changed the status of T1597: /usr/sbin/rsyslogd after deleting "system syslog" from Needs testing to Backport candidate.
@sever I see that the new package hasn't been autobuild in our CI, I see to get that fixed. If you are in urgent need of the change, please build and install vyos-1x manually.
In release VyOS 1.2-rolling-201909180118 I dont see this command
Okay, the old vyatta-bonding.pl executed the following code when a bond member has been removed: