The new design introduced with https://phabricator.vyos.net/T2653 does not show any pitfalls and infact increased the code maintenance in an unimaginable way.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
Feed All Stories
All Stories
All Stories
Nov 23 2020
Nov 23 2020
c-po moved T3016: dhcp-server: use better constraint error message on invalid subnet from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3038: Supporting AZERTY keyboards from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3046: openvpn directory is not auto-created from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3041: Intel QAT: vyos-1.3-rolling-202011020217-amd64 kernel panic during configure from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3043: Wireless: Refactor CLI from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3066: reboot in - Invalid time from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3063: Add support for Huawei LTE Module ME909s-120 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3049: Update Linux Kernel to v4.19.155 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3051: OpenVPN: multiple client routes do not work in server mode from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3050: Broken address/subnet validation on NAT configuration from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3060: OpenVPN virtual interface not coming up after upgrade from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T3052: Update Linux firmware files to 20201022 version from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2984: (igb, ixgbe) HW queues applied only for the first 2 interfaces from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2914: OpenVPN: Fix for IPv4 remote-host hostname in client mode: from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2906: OpenVPN: tls-auth missing key direction from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2905: Sync CLI nodes between PPPoE and WWAN interface from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2907: OpenVPN: Option to disable encryption from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2915: Lost "proxy-arp-pvlan" option for vlan from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2918: Accounting interim jitter for pppoe, l2tp, pptp, ipoe from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2919: PPPoE server: Called-Station-Id attribute from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2917: PPPoE server: Preallocate NAS-Port-Id from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2976: Client IP pool does not work for PPPoE local users from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2930: Support configuration of MAC address for VXLAN and GENEVE tunnel from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2925: Update Linux Kernel to v4.19.147 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2928: MTU less then 1280 bytes and IPv6 will raise FileNotFoundError from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2938: Adding remote Syslog RFC5424 compatibility from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2936: Migrate PPPoE server to get_config_dict() do reduce boilerplate code from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2978: IPoE service does not work on shared mode from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2955: Update Linux Kernel to v4.19.149 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2956: Add support for list of defaultValues from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2960: sstp: migrate to get_config_dict() from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2967: Duplicate IPv6 BFD peers created from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2972: PPPoE server rate limiter allows max 65535 kbps to be set from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2973: tftp-server cannot listen on IPv6 address from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2980: FRR bfdd crash due to invalid length from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2981: MPLS LDP neighbor session clear capability from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2985: Add glue code to create bridge interface on demand from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2953: Accel-PPP services CLI config cleanup (SSTP, L2TP, PPPoE, IPoE) from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2945: Interface removed from bridge on setting change from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2937: Update Linux Kernel to v4.19.148 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2939: Wireguard Remove Peer Fails from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2948: NAT: OSError when configuring translation address range from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po moved T2951: Cannot enable logging for monitor nat from Need Triage to Finished on the VyOS 1.3 Equuleus board.
c-po added a comment to T2650: interfaces bridge, bonding: revert back to per-interface membership syntax.
Confirmed working
This is actually a "wontfix" b/c it depends on the users hardware
Proper handle OS exceptions for the user:
c-po changed the status of T3084: wifi: TypeError on "show interfaces wireless info" from Open to In progress.
jestabro updated the task description for T3082: multi_to_list must distinguish between values and defaults.
c-po closed T3074: OpenVPN site-to-site creates wrong peer address, a subtask of T3060: OpenVPN virtual interface not coming up after upgrade, as Resolved.
c-po changed the status of T3074: OpenVPN site-to-site creates wrong peer address, a subtask of T3060: OpenVPN virtual interface not coming up after upgrade, from Open to Needs testing.
c-po changed the status of T3074: OpenVPN site-to-site creates wrong peer address from Open to Needs testing.
Try to port NDP Proxy to the NAT66 code of T2518 and automatically generate it
jack9603301 closed T2898: Support NDP proxy, a subtask of T2518: Support NAT for ipv6(NPT), as Invalid.
Note that because the test requirements are not met for the time being (vyos does not use the linux kernel with a kernel version of 5.8+ for the time being), it cannot be tested well. The merged code has not undergone any testing. Please upgrade the vyos linux kernel to 5.8+ , Let me know that I can perform related tests, and merge after testing
It looks like this issue is already present in 1.3-rolling-202010270217, before the OpenVPN rewrite to get_config_dict():
c-po added a comment to T3081: get_config_dict() does not honor whitespaces in the CLI values field.
[ interfaces openvpn vtun0 ]
{'auth_user_pass_file': '/run/openvpn/vtun0.pw',
'daemon_group': 'openvpn',
'daemon_user': 'openvpn',
'device_type': 'tun',
'encryption': {'cipher': 'aes256gcm'},
'ifname': 'vtun0',
'keep_alive': {'failure_count': '3', 'interval': '10'},
'mode': 'server',
'openvpn_option': ['tls-auth /config/auth/ovpn_test_site2site.key 0'],
'protocol': 'udp',
'server': {'name_server': ['10.53.53.53', '10.53.53.54'],
'push_route': ['0.0.0.0/0'],
'subnet': ['10.7.178.0/24'],
'topology': 'net30'},
'tls': {'ca_cert_file': '/config/auth/ovpn_test_ca.pem',
'cert_file': '/config/auth/ovpn_test_server.pem',
'dh_file': '/config/auth/ovpn_test_dh.pem',
'key_file': '/config/auth/ovpn_test_server.key'},
'use_lzo_compression': {}}c-po added a comment to T3080: OpenVPN failing silently for a number of reasons in rolling post Nov/02.
We will deal with the compat-names warning once starting on VyOS 1.4 ;)
c-po closed T3080: OpenVPN failing silently for a number of reasons in rolling post Nov/02, a subtask of T3060: OpenVPN virtual interface not coming up after upgrade, as Resolved.
c-po closed T3080: OpenVPN failing silently for a number of reasons in rolling post Nov/02 as Resolved.
Work with latest rolling release:
Put in a PR for refactor of LDP template, MPLS python handler, addition of global MPLS parameters (via Linux kernel config changes), and separation of MPLS interfaces from LDP interfaces. *PLEASE* know I did do testing but I want more people to test as well. I have uploaded the package file for this PR here so that people can test my work.
jestabro changed the status of T3082: multi_to_list must distinguish between values and defaults, a subtask of T2956: Add support for list of defaultValues, from Open to Confirmed.
jestabro changed the status of T3082: multi_to_list must distinguish between values and defaults, a subtask of T3081: get_config_dict() does not honor whitespaces in the CLI values field, from Open to Confirmed.
jestabro changed the status of T3082: multi_to_list must distinguish between values and defaults from Open to Confirmed.
jestabro closed T3081: get_config_dict() does not honor whitespaces in the CLI values field as Resolved.
See subtask T3082 for origin and details of this issue.
jestabro updated the task description for T3082: multi_to_list must distinguish between values and defaults.
Nov 22 2020
Nov 22 2020
@Viacheslav Thanks a lot, I'll give it a go, hopefully sometime next week.
@bbs2web, oh don't you worry. I've had my eyes on it after I get LDP done. I'm almost done with it too.
Layer 2 mpls functions were merged in to the kernel on the 3rd of October, this should hopefully allow BGP signalled VPLS and static LDP pseudowire tunnels. Support still appears to be missing in FRR and it will probably be a while until VyOS is based on this newer kernel, but hoorray!
Device-type tap option works incorrectly
set interfaces openvpn vtun20 device-type 'tap' set interfaces openvpn vtun20 local-address 10.0.0.0 set interfaces openvpn vtun20 local-host '100.64.0.1' set interfaces openvpn vtun20 local-port '22222' set interfaces openvpn vtun20 mode 'site-to-site' set interfaces openvpn vtun20 remote-address '10.0.0.1' set interfaces openvpn vtun20 remote-host '100.64.0.2' set interfaces openvpn vtun20 remote-port '22222' set interfaces openvpn vtun20 shared-secret-key-file '/config/auth/foo.key'
@Dataforce @fetzerms
ip rule "from" already in CLI T439
Okay, then I can merge this service into NAT66
That we can deal with later on when it‘s needed
@pasik Can you check if it solves your expectation?
I can consider migrating to the implementation of nat66, but I'm not sure if there is a case where the nat66 feature does not need to be enabled, but NDP proxy needs to be enabled
I still have the opinion that NDP proxy should be automatically configured when configuring nat66 as by then all interfaces and directions of the translation are known and the user must not configure any additional daemon.