Addressed in T2568.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Aug 8 2020
This was an early experiment which contributed some ideas towards T2582; closed as superseded by that task.
I am giving up with HFSC. I have been studying it for a long time, I have tested it in many different ways, without VyOS too. The only thing I have found is that this is is not a problem of VyOS.
Aug 7 2020
Route Distinguisher & Route Targets are, in general, configured under VRF proccess. Below a sample of how this configurations would looks like:
Bellow a sample of how BGP VPNv4 and VPNv6 AF configuration looks like:
Sure thing. Note my configuration contains some table maps that I have set up to route VPN traffic, and certain source IPs through specific interfaces. But there is no effect on the load-balancer when these sections are removed. Thank you.
Could you please provide full configuration or at least protocol section configuration?
GNS3 virtualization network verification passed
I will have a look as this was not supported by vyatta and therefore not added to the code when converted to python
Coming with a syntax which is not ultimately going to be as complex as the cli may be an impossible challenge. Changing the API to include in the XML what is path vs payload may indeed lead to indeed a better API tho. The example given use the word create in the path when REST would use POST.
Aug 6 2020
The commit fails when the local-ip option is included only with the 6RD prefix options (without 6RD option, 6in4 tunnel is created). In the tunnel.py script, local value is not defined as result stack trace is received
PR Merged
Container fixed, closing this ticket
The CI is now extended to build arm containers by default. they are also exported to dockerhub. closing this ticket
Discussion updated in PR 513.
https://github.com/vyos/vyos-1x/pull/513
This will be a oneliner in the new XML implementation. Just send PR
Reading the UBNT source code I see:
I find the above mentioned syntax to clumsy:
@srgabrieltelecon create please Pull Request.
Aug 5 2020
I´ve used the version of the software: VyOS 1.3-rolling-202007300117.
As I´ve used GRE tunnels it does not simulates the same scenario reported, which uses pure IPsec. I will configure IPsec tunnels over physical interfaces and log the results here again.
I suspect this could be related to displaying a peer with a hostname that contains a dash, such as, "abc-peer12.dyndns.org." Or, possibly a string matching error getting thrown off by "AES_GCM_16_128/MODP_2048"
The IKE SA appears down in your second example?
vyos@HUB-2# sh vpn
ipsec {
esp-group MyESPGroup { proposal 1 { encryption aes256 hash md5 } } ike-group MyIKEGroup { proposal 1 { dh-group 2 encryption aes256 hash md5 } } ipsec-interfaces { interface eth0.100 } site-to-site { peer 169.254.100.1 { authentication { mode pre-shared-secret pre-shared-secret MYSECRETKEY } default-esp-group MyESPGroup ike-group MyIKEGroup local-address 169.254.100.6 tunnel 20 { protocol gre } } }
}
[edit]
I´ve configured a simple P-2P IPsec/GRE Tunnel and the command shows IKE and IPsec SAs UP:
Dependency and VRF support for tcptraceroute6 will be submitted in the next few days
I would have expected the output generated to be an OR of the validators or regexes and allow the output if any would have passed it
Aug 4 2020
Before adding "<defaultValue>" it was working but not now.
Fixed, VyOS 1.3-rolling-202008040823
I wasn't trying to solve any specific issue. I was working on some other project, trying to use GCC as a preprocessor, the same way as it's used here, and ran into those obstacles I listed in the original description, which are present here too. I was made aware m4 is much more suitable to template processing than GCC as it was actually designed and made for it.
As for using any self-made code to do this, I have no problem with that as long as it's well known this is what is now used, is documented, and then an effort made to port all preprocessing to it. I see no sense using two or three different preprocessors.
Update document
Thank you for writing some testing code using the smoketest repository. It may take a few working days for anyone to come back to you.
SSH only supports "source-address" via its BindAddress option
smoketest for nptv6
Welcome! Thanks for beeing an early adopter / tester.
I am very happy to report that the issue id resolved. The router now boots up fully without intervention once again.
Completed!
Awesome! That's really quick turnaround! I'll give it a try when the newer build appears.
Unfortunately this is not possible with WIDE DHCPv6 client
I just started a new ISO build - should be done in 40 minutes!
I have consulted some documents of vyos about DNAT of IPv4, and I don't understand why there seems to be SNAT content in the DNAT IPv4 syntax of vyos, and what is the meaning of supporting the prefix format address setting of dsddr in DNAT syntax? Is there something wrong with me?
Use cases for sNPT testing