It's in 1.2 rolling too, but the iso has to rebuild. You can alternatively download and manually install http://dev.packages.vyos.net/repositories/current/vyos/pool/main/v/vyos-1x/vyos-1x_1.3.0-16_all.deb.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Sep 23 2019
Has this been merged into 1.2, or just 1.3? Because all of the 1.2-rolling images currently available from downloads.vyos.io right now have this bug in them :-(
MikroTik RouterOS supports something like this:
Why does this BGP neighbor need to be configred in the VyOS CLI? Wouldn't it be added automatically as a side-effect of wanting netflow data to have ASNs? Maybe add a flag to netflow, for those of us who are carrying full tables.
Having had bgpd peg a core to 100% (for no discernible reason), I'd welcome the ability to give quag^WFRR a kick, rather than rebooting the entire VyOS box.
We run ntop on a separate device, and export netflow data to the ntop/nprobe box from our routers (VyOS included). Would that work in your scenario too?
Symptoms which cause no configuration of the device after booting into 1.2:
PR to fix this: https://github.com/vyos/vyos-1x/pull/136
Also exist additional issue, if we add system static host-mapping all dhcp records will be erased.
To elaborate on what was written above, in the case of amd64 packages, a package more recent than 3.8.2 is not available from the debian.org repository as there are no more recent releases. The official SourceForge project has been marked as unmaintained by its owner wimpunk, and 3.8.2 was the last release.
Sep 22 2019
Hello @kroy I trying test your issue in lab and some question about rfc4957, Does LLDP should see more one neighbour? In my Lab all directly connected devices filter ethertype LLDP (0x88cc) for passthrough. Can you explain, how exactly connected R1,R2,R3,R4? In one switch?
Sep 21 2019
[edit firewall name local-outside-v4] hard@vyos# show +rule 3 { + action drop + source { + mac-address !11:22:33:44:55:66 + } +} [edit firewall name local-outside-v4] hard@vyos# commit
Created pull request
Just some feedback here, but this has been working flawlessly in all my environments so far for BGP, OSPF, and OSPFv3 ... you guys are awesome!
Almost done, also implemented 'random' flag, looks ok? or change name? for example - flag, or flags
Using 1.2-rolling-201909210810, it has happened to me.
Thanks for the contribution, Please use VyOS 1.3 tag as this won't be backported to crux easily
Sep 20 2019
Pull request created: https://github.com/vyos/vyos-1x/pull/133
Please add the config here as text so it can be easily extracted. Image hosting services tend to not store information forever.
PR132 fixes this problem
Sep 19 2019
Would be very nice, I tested with an old one already, but want to make sure I haven't uncovered side effects.
Already fixed manually, but I can test on yesterday's vm backup if needed.
Not sure what you mean by pre and post-commit config blocks.
PR merged https://github.com/vyos/vyos-1x/pull/131
https://github.com/vyos/vyos-1x/commit/eb9c6ff745fc5d4e23c224a441874ae6fcf97ac5
@mb300sd Tomorrows rolling will have the fix applied.
Please share a pre and post-commit config block for me for testing.
The loading error is caused by bridging a l2tpv3 interface, didn't see the cause at first because of the other errors. Since the bridge is now created at priority 470, and l2tpv3 is 800, when before an interface would be added to the bridge as it is created.
Pull request added: https://github.com/vyos/vyos-1x/pull/131
After adding the vif to bridge member interfaces, I get a config load error on boot. Running config, load, commit, works. Something to do with the order the configs get applied?
Just noticed bridge has a member interface parameter now. The vif bridge-group config was not migrated.
@thinkl33t you can run your own DNS server with dynamic update functionality, vyos's dhcp server will write the hostnames to it. Doing that is outside the scope of vyos though, and you'd have to think of security, e.g. can a rogue dhcp client DNS spoof your hostnames to do a MITM attack. Systems that do do dyn-dns updates, for example FreeIPA, usually use some sort of pre-shared keys/certificates on the clients (for authentication) and limit the scope to IP updates on preexisting hostnames only, they don't allow adding arbitrary hostnames. At least I'd limit the scope to add all dynamic dns updates to a single zone predefined expressly for that purpose, and not use that zone for any security-critical applications, like logging in to services or doing unauthenticated connections, where a MITM may scrape your sensitive data. I'd only do dyn-dns hostnames from dhcp on a DHCP network where I'm absolutely sure no rogue client could gain access to it, via the network or physically, and that is almost never useful.
Thanks for testing.
In T1416#40429, @zsdc wrote:@thinkl33t, recommended way is using dynamic-dns-update, all other ways are not recommended to use at this moment.
@hagbard
In VyOS 1.2-rolling-201909190545 all work. Fixed. Thank's.
Sep 18 2019
Seems that upstream did not backport the fixes to the stable version's. So it is only included in frr 7.2.
I asked them for backport.
@sever I see that the new package hasn't been autobuild in our CI, I see to get that fixed. If you are in urgent need of the change, please build and install vyos-1x manually.
In release VyOS 1.2-rolling-201909180118 I dont see this command
Okay, the old vyatta-bonding.pl executed the following code when a bond member has been removed: