Page MenuHomeVyOS Platform
Feed All Stories

All Stories
Use Results
Edit Query

May 26 2022

dmbaturin created T4446: Unified CLI for displaying neithbors (ARP, IP, and NDP).
May 26 2022, 1:28 PM · VyOS 1.4 Sagitta
fmayo added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

@panachoi , for me moving to 1.4 rolling release did the trick. Boot times went from > 10 mins in 1.2 to 2-3 minutes in 1.4. Hope that helps

May 26 2022, 10:55 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav added a comment to T4362: Wan Load Balancing - Can't create routing tables.

Some debug info:

May 26 2022, 10:29 AM · VyOS 1.4 Sagitta
sarthurdev added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

@panachoi If you can share the anonymized config that works in 1.2.8 that would be useful. I'd expect migrating to 1.4 to see a decent improvement in firewall load times.

May 26 2022, 10:07 AM · VyOS 1.3 Equuleus (1.3.6)
panachoi added a comment to T1230: Improving Boot Time for Large Firewall Configurations.

I'm still having issues moving past anything higher than 1.2.8. Booting 1.2.8 looks thusly:

May 26 2022, 9:47 AM · VyOS 1.3 Equuleus (1.3.6)
Viacheslav added a comment to T4442: HTTP API add action "reset".

PR for 1.3 https://github.com/vyos/vyos-1x/pull/1335

May 26 2022, 9:12 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Unknown Object (User) added a comment to T4444: sstp: Feature request. Port number changing support.

PR:
https://github.com/vyos/vyos-1x/pull/1334

May 26 2022, 6:46 AM · VyOS 1.4 Sagitta
showipintbri added a comment to T4445: [EDIT] Service Restored: Outage: Interface stops forwarding, IPv4 martian seen in the logs.

I'm trying to think what could have a 110 minute timer and the only think I can think of is the DHCP lease time:

May 26 05:58:49 rtr dhclient-script-vyos[7261]: No changes to apply via vyos-hostsd-client
May 26 05:58:49 rtr dhclient[7216]: bound to 72.81.238.169 -- renewal in 3075 seconds.
May 26 2022, 6:14 AM
Unknown Object (User) renamed T4444: sstp: Feature request. Port number changing support from sstp: Feature request. Add support to change port number to sstp: Feature request. Port number changing support.
May 26 2022, 6:09 AM · VyOS 1.4 Sagitta
showipintbri added a comment to T4445: [EDIT] Service Restored: Outage: Interface stops forwarding, IPv4 martian seen in the logs.

I just caught it again. Same logs line up with my continuous ping.

May 26 2022, 6:06 AM
Unknown Object (User) added a project to T4444: sstp: Feature request. Port number changing support: VyOS 1.4 Sagitta.
May 26 2022, 5:40 AM · VyOS 1.4 Sagitta
showipintbri created T4445: [EDIT] Service Restored: Outage: Interface stops forwarding, IPv4 martian seen in the logs.
May 26 2022, 4:26 AM
Unknown Object (User) created T4444: sstp: Feature request. Port number changing support.
May 26 2022, 1:31 AM · VyOS 1.4 Sagitta

May 25 2022

masterit updated the task description for T4443: Wan Load Balancing Multiple Regressions.
May 25 2022, 11:36 PM · VyOS 1.3 Equuleus (1.3.7)
masterit updated the task description for T4443: Wan Load Balancing Multiple Regressions.
May 25 2022, 11:30 PM · VyOS 1.3 Equuleus (1.3.7)
masterit triaged T4443: Wan Load Balancing Multiple Regressions as High priority.
May 25 2022, 11:27 PM · VyOS 1.3 Equuleus (1.3.7)
Viacheslav added a project to T4442: HTTP API add action "reset": VyOS 1.3 Equuleus (1.3.2).
May 25 2022, 11:17 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
masterit changed the status of T305: loadbalancing does not work with one pppoe connection and another connection of either dhcp or static from On hold to Open.
May 25 2022, 10:57 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta, test
Viacheslav moved T2763: New SNMP resource request - SNMP over TCP from Need Triage to Finished on the VyOS 1.4 Sagitta board.
May 25 2022, 9:58 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav added a comment to T4442: HTTP API add action "reset".

PR https://github.com/vyos/vyos-1x/pull/1333

May 25 2022, 8:50 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav claimed T4442: HTTP API add action "reset".
May 25 2022, 8:39 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav created T4442: HTTP API add action "reset".
May 25 2022, 8:39 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
jestabro closed T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors, a subtask of T4295: Use config_tree instead of legacy loadFile in vyos-load-config.py, as Resolved.
May 25 2022, 8:34 PM · VyOS 1.4 Sagitta
jestabro closed T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors as Resolved.
May 25 2022, 8:34 PM · VyOS 1.4 Sagitta
c-po moved T4441: wwan: connection not possible after a change added after 1.3.1-S1 release from Need Triage to In Progress on the VyOS 1.3 Equuleus (1.3.2) board.
May 25 2022, 8:19 PM · VyOS 1.3 Equuleus (1.3.2)
c-po added a comment to T4441: wwan: connection not possible after a change added after 1.3.1-S1 release.

PR pending approval https://github.com/vyos/vyos-1x/pull/1332

May 25 2022, 8:19 PM · VyOS 1.3 Equuleus (1.3.2)
c-po claimed T4441: wwan: connection not possible after a change added after 1.3.1-S1 release.
May 25 2022, 7:47 PM · VyOS 1.3 Equuleus (1.3.2)
c-po created T4441: wwan: connection not possible after a change added after 1.3.1-S1 release.
May 25 2022, 7:46 PM · VyOS 1.3 Equuleus (1.3.2)
jestabro added a comment to T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors.

PR fixing exposed errors:
https://github.com/vyos/vyos-1x/pull/1331

May 25 2022, 5:01 PM · VyOS 1.4 Sagitta
jestabro renamed T4382: Replacing legacy loadFile exposes missing steps in migration scripts and other errors from Replacing legacy loadFile exposes missing steps in migration scripts to Replacing legacy loadFile exposes missing steps in migration scripts and other errors.
May 25 2022, 4:46 PM · VyOS 1.4 Sagitta
Unknown Object (User) awarded T751: IDS and IPS a 100 token.
May 25 2022, 1:52 PM · VyOS 1.5 Circinus
Viacheslav closed T4410: Telegraf - Output to Splunk as Resolved.
May 25 2022, 1:11 PM · VyOS 1.4 Sagitta
Viacheslav closed T2194: "show firewall" garbled output, a subtask of T2199: Rewrite firewall in new XML/Python style, as Resolved.
May 25 2022, 1:08 PM · VyOS 1.4 Sagitta
Viacheslav closed T2194: "show firewall" garbled output as Resolved.
May 25 2022, 1:08 PM · VyOS 1.3 Equuleus (1.3.2), test

May 24 2022

jtcarnes changed the status of T4440: Add OCI compliant image labels to vyos-build and vyos containers from Open to In progress.
May 24 2022, 9:05 PM · VyOS 1.4 Sagitta (1.4.0-epa3)
dmbaturin created T4439: Operational command handling daemon.
May 24 2022, 2:27 PM · VyOS 1.5 Circinus
showipintbri added a comment to T4374: ipv6 address drops from interface, but network still active.

I removed my comment as my issue was not a bug AFAIK, but rather a miss-configuration and operation.

May 24 2022, 10:11 AM · VyOS 1.4 Sagitta
showipintbri added a comment to T4374: ipv6 address drops from interface, but network still active.
May 24 2022, 2:27 AM · VyOS 1.4 Sagitta

May 23 2022

jestabro claimed T4438: vyos-http-api doesn't start after router reboot if vrf is defined.
May 23 2022, 1:30 PM · VyOS 1.4 Sagitta
daniil created T4438: vyos-http-api doesn't start after router reboot if vrf is defined.
May 23 2022, 12:27 PM · VyOS 1.4 Sagitta
cgb added a comment to T4147: New Firewall Implementation - proposed changes on group implementation.

Yeah I discovered the same in forums:

May 23 2022, 7:37 AM · VyOS 1.4 Sagitta
adestis added a comment to T4147: New Firewall Implementation - proposed changes on group implementation.

I was not aware that the nft implementation changes the kind of how groups are used.
We have implemented a blacklisting approach which heavily relates on using ipset because no one wants to have hundred thousand of addresses in the config file.
So I think this is essential, at least for us.

May 23 2022, 7:17 AM · VyOS 1.4 Sagitta

May 21 2022

c-po closed T4437: flow-accounting: support IPv6 flow collectors as Resolved.
May 21 2022, 5:14 PM · VyOS 1.4 Sagitta
c-po changed the status of T4437: flow-accounting: support IPv6 flow collectors from Open to In progress.
May 21 2022, 4:53 PM · VyOS 1.4 Sagitta
c-po created T4437: flow-accounting: support IPv6 flow collectors.
May 21 2022, 4:53 PM · VyOS 1.4 Sagitta

May 20 2022

c-po changed the status of T4350: DMVPN opennhrp spokes dont work behind NAT from Open to Needs testing.
May 20 2022, 7:57 PM · VyOS 1.3 Equuleus (1.3.2)
fernando closed T4436: BGP/VRF - not enable peer on address-family as Resolved N/A.
May 20 2022, 7:05 PM · VyOS 1.4 Sagitta
fernando created T4436: BGP/VRF - not enable peer on address-family .
May 20 2022, 6:40 PM · VyOS 1.4 Sagitta
Viacheslav renamed T4435: Policy route and firewall - error when using undefined group from Policy route without definded port-group erros to Policy route without defined port-group error.
May 20 2022, 4:16 PM · VyOS 1.4 Sagitta
Viacheslav created T4435: Policy route and firewall - error when using undefined group.
May 20 2022, 4:16 PM · VyOS 1.4 Sagitta
Viacheslav reopened T3522: policy based routing not working, a subtask of T3505: Commits do not respect changes in FRR that are not stored in a config, as Open.
May 20 2022, 3:58 PM · VyOS 1.4 Sagitta
Viacheslav reopened T3522: policy based routing not working as "Open".
May 20 2022, 3:58 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
Viacheslav closed T3522: policy based routing not working, a subtask of T3505: Commits do not respect changes in FRR that are not stored in a config, as Resolved.
May 20 2022, 3:56 PM · VyOS 1.4 Sagitta
Viacheslav closed T3522: policy based routing not working as Resolved.
May 20 2022, 3:56 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
Viacheslav closed T4418: Telegraf - output Plugin azure-data-explorer as Resolved.
May 20 2022, 3:34 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4431: route-map with match ip + ipv6 in same rule results in no advertisement of either.

FRR match always mean logical AND

May 20 2022, 2:06 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4350: DMVPN opennhrp spokes dont work behind NAT.
In T4350#123620, @c-po wrote:

Is the fix for DMVPN hub or spoke?

May 20 2022, 10:26 AM · VyOS 1.3 Equuleus (1.3.2)

May 19 2022

Viacheslav added a comment to T3933: The firewall does not filter incoming traffic on the interface with vrf..

There is an issue with vrf device for LOCAL direction
Imagine if you have 50 interfaces in one VRF and you want to drop all traffic from one interface for example - eth2 and don't touch other interfaces
You set firewall on eth2 Local - drop all traffic for device vrf and it will be affected to another 49 interfaces as iifname VRF_DEVICE the same

May 19 2022, 9:49 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, VyOS 1.3 Equuleus (1.3.7)
c-po closed T4434: DMVPN: cisco-authentication password length is 8 characters as Resolved.
May 19 2022, 7:43 PM · VyOS 1.4 Sagitta
c-po added a comment to T4350: DMVPN opennhrp spokes dont work behind NAT.

Is the fix for DMVPN hub or spoke?

May 19 2022, 7:02 PM · VyOS 1.3 Equuleus (1.3.2)
c-po claimed T4434: DMVPN: cisco-authentication password length is 8 characters.
May 19 2022, 6:52 PM · VyOS 1.4 Sagitta
c-po created T4434: DMVPN: cisco-authentication password length is 8 characters.
May 19 2022, 6:49 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T3933: The firewall does not filter incoming traffic on the interface with vrf..

PR https://github.com/vyos/vyos-1x/pull/1330

set firewall name FOO default-action 'accept'
set firewall name FOO description 'desc'
set firewall name FOO rule 10 action 'drop'
set firewall name FOO rule 10 source address '8.8.8.8'
set interfaces ethernet eth0 firewall local name 'FOO'
set interfaces ethernet eth0 vrf 'ONE'
set vrf name ONE table '150'

Check:

table ip filter {
	chain VYOS_FW_LOCAL {
		type filter hook input priority filter; policy accept;
		iifname "ONE" counter packets 63 bytes 6024 jump NAME_FOO
		jump VYOS_POST_FW
	}
...
	chain NAME_FOO {
		ip saddr 8.8.8.8 counter packets 79 bytes 6636 drop comment "FOO-10"
		counter packets 3 bytes 984 return comment "FOO default-action accept"
	}
}
May 19 2022, 6:33 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project, VyOS 1.3 Equuleus (1.3.7)
c-po assigned T4433: XML: make node validator mandatory to dmbaturin.
May 19 2022, 6:04 PM · VyOS 1.5 Circinus
c-po created T4433: XML: make node validator mandatory.
May 19 2022, 6:04 PM · VyOS 1.5 Circinus
dmbaturin added a comment to T4421: Add support for floating point numbers in the numeric validator.

https://github.com/vyos/vyos-utils/commit/5bbda46493d0c11c8a90e50a68c9788a7488345e
https://github.com/vyos/vyos-utils/commit/4aa302a05fad95f3d13eb2ff20bbfee88c32e7ff

May 19 2022, 1:18 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
dmbaturin closed T4334: Make the config lexer reentrant as Resolved.
May 19 2022, 1:17 PM · VyOS 1.4 Sagitta
dmbaturin created T4432: Display load average normalized according to the number of CPU cores.
May 19 2022, 10:46 AM · VyOS 1.4 Sagitta
dmbaturin closed T3938: Rewrite the uptime script in Python to allow using it as a library as Resolved.
May 19 2022, 10:01 AM · VyOS 1.4 Sagitta
Viacheslav changed the status of T2194: "show firewall" garbled output, a subtask of T2199: Rewrite firewall in new XML/Python style, from Open to Needs testing.
May 19 2022, 2:28 AM · VyOS 1.4 Sagitta
Viacheslav changed the status of T2194: "show firewall" garbled output from Open to Needs testing.

@jjakob could you re-check it with new fix?

May 19 2022, 2:28 AM · VyOS 1.3 Equuleus (1.3.2), test
Viacheslav closed T4430: Show firewall output with visual shift default rule as Resolved.
May 19 2022, 2:25 AM · VyOS 1.3 Equuleus (1.3.2)

May 18 2022

jestabro added a comment to T4316: Update save-config/load-config.

Draft PR here:
https://github.com/vyos/vyos-1x/pull/1328

May 18 2022, 8:51 PM · VyOS 1.4 Sagitta
Viacheslav added a comment to T4430: Show firewall output with visual shift default rule.

PR https://github.com/vyos/vyatta-op-firewall/pull/3

May 18 2022, 2:53 PM · VyOS 1.3 Equuleus (1.3.2)
Viacheslav added a comment to T2194: "show firewall" garbled output.

PR https://github.com/vyos/vyatta-op-firewall/pull/3

May 18 2022, 2:52 PM · VyOS 1.3 Equuleus (1.3.2), test
Viacheslav changed the status of T4430: Show firewall output with visual shift default rule from Open to In progress.
May 18 2022, 1:53 PM · VyOS 1.3 Equuleus (1.3.2)
bbabich created T4431: route-map with match ip + ipv6 in same rule results in no advertisement of either.
May 18 2022, 8:12 AM · VyOS 1.4 Sagitta
Viacheslav created T4430: Show firewall output with visual shift default rule.
May 18 2022, 7:11 AM · VyOS 1.3 Equuleus (1.3.2)

May 17 2022

Viacheslav added a comment to T970: Hostname Support in NAT and Firewall Rules.

PR https://github.com/vyos/vyos-1x/pull/1327

May 17 2022, 10:04 PM · VyOS 1.4 Sagitta
jestabro added a comment to T4413: Add an API endpoint with basic system stats.

Details of adding a query such as this (20 lines of meaningful code/50 of boilerplate):
https://github.com/vyos/vyos-1x/commit/b62f5df2c796d0567b370e27fcec2005a02a4cd3

May 17 2022, 9:04 PM · VyOS 1.4 Sagitta
jestabro added a comment to T4413: Add an API endpoint with basic system stats.

An initial implementation has been provided to Andrew Moshensky for testing with the local UI.

May 17 2022, 6:52 PM · VyOS 1.4 Sagitta
Viacheslav closed T4424: policy local-route6 shows ipv4 format as Resolved.
May 17 2022, 11:49 AM · VyOS 1.4 Sagitta
Viacheslav updated the task description for T4429: Ability to detect external IP address from op-mode.
May 17 2022, 11:43 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav changed the status of T4429: Ability to detect external IP address from op-mode from Open to In progress.
May 17 2022, 11:34 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav added a comment to T4429: Ability to detect external IP address from op-mode.

PR https://github.com/vyos/vyos-1x/pull/1326

May 17 2022, 11:27 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav created T4429: Ability to detect external IP address from op-mode.
May 17 2022, 10:24 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
shaferstockton created T4428: Update ddclient to newer version.
May 17 2022, 3:09 AM · VyOS 1.4 Sagitta

May 16 2022

Cheeze_It added a comment to T4257: Discussion on changing BGP autonomous system number syntax.

@c-po, lets run with "system-as"

May 16 2022, 11:14 PM · VyOS 1.4 Sagitta
jestabro added a comment to T4396: HTTP API no response after several days restarted.

The current discussion has taken place in the vyos-api-discussion channel; results will be summarized here.

May 16 2022, 5:36 PM · VyOS 1.4 Sagitta
Viacheslav changed the status of T4373: PPPoE-server add multiplier option for shaper from In progress to Needs testing.

Need testing:

set service pppoe-server authentication mode 'radius'
set service pppoe-server authentication radius rate-limit attribute 'Mikrotik-Rate-Limit'
set service pppoe-server authentication radius rate-limit enable
set service pppoe-server authentication radius rate-limit multiplier '0.001'
set service pppoe-server authentication radius rate-limit vendor 'Mikrotik'
set service pppoe-server authentication radius server 192.0.2.1 key 'foo'
set service pppoe-server client-ip-pool start '192.0.2.5'
set service pppoe-server client-ip-pool stop '192.0.2.254'
set service pppoe-server gateway-address '192.0.2.1'
set service pppoe-server interface eth3

Or any live example

May 16 2022, 5:26 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
Viacheslav added a project to T4421: Add support for floating point numbers in the numeric validator: VyOS 1.3 Equuleus (1.3.2).
May 16 2022, 3:13 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
SrividyaA claimed T3989: Firewall - Can't delete rule in firewall entry and leave just default-action when firewall entry is in used.
May 16 2022, 1:39 PM · VyOS 1.3 Equuleus (1.3.7), Known issue
jestabro added a comment to T4396: HTTP API no response after several days restarted.

Firstly, is there any info in the logs ?

May 16 2022, 12:40 PM · VyOS 1.4 Sagitta
jestabro added a comment to T4396: HTTP API no response after several days restarted.

As discussed in the slack channel today, let us follow up here, as I'd like to run through some analysis, and set up a reproducer if possible.

May 16 2022, 12:32 PM · VyOS 1.4 Sagitta
dmbaturin renamed T4427: Remove the vyos-utils package list from vyos-build from Remove the vyos-utils package list to Remove the vyos-utils package list from vyos-build.
May 16 2022, 7:42 AM · VyOS 1.4 Sagitta
dmbaturin created T4427: Remove the vyos-utils package list from vyos-build.
May 16 2022, 7:41 AM · VyOS 1.4 Sagitta
dmbaturin created T4426: Add arpwatch to the image.
May 16 2022, 7:28 AM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
m.korobeinikov closed T4377: generate tech-support archive includes previous archives as Resolved.

The command works well.

May 16 2022, 1:29 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)
m.korobeinikov added a comment to T4377: generate tech-support archive includes previous archives.
vyos@vyos:~$ show version
May 16 2022, 1:28 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus ( 1.3.1)

May 15 2022

n.fort added a comment to T4387: Create additional smoketests for multiwan PBR & load-balanced configurations .

I agree that having a smoketest for WLB will be great. But, there are certain limitations/considerations:

May 15 2022, 3:01 PM · VyOS 1.4 Sagitta
First
Prev
Next