User Details
User Details
- User Since
- Oct 2 2019, 6:00 PM (107 w, 6 d)
Today
Today
Viacheslav changed the status of T3945: Add route-map for bgp aggregate-address from Open to Needs testing.
Viacheslav moved T3942: Generate IPSec debug archive from op-mode from Need Triage to Finished on the VyOS 1.4 Sagitta board.
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1046
Viacheslav added a comment to T3945: Add route-map for bgp aggregate-address.
Viacheslav renamed T3945: Add route-map for bgp aggregate-address from Add route-map for aggregate-address to Add route-map for bgp aggregate-address.
Viacheslav added a comment to T3944: VRRP fails over when adding new group to master.
It seems in some cases we need just "reload" to re-read configuration
Viacheslav added a comment to T3945: Add route-map for bgp aggregate-address.
PR for 1.4 https://github.com/vyos/vyos-1x/pull/1045
Viacheslav changed the status of T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command from In progress to Needs testing.
Yesterday
Yesterday
Viacheslav added a comment to T3942: Generate IPSec debug archive from op-mode.
Viacheslav changed the status of T3916: Add additional Linux capabilities to container configuration, a subtask of T3676: Container option to add Linux capabilities, from In progress to Needs testing.
Viacheslav changed the status of T3916: Add additional Linux capabilities to container configuration from In progress to Needs testing.
WIll be added in the next rolling release, @johannrichard could you test it?
Viacheslav changed the status of T2627: 'system static-host-mapping' only allows one IP address per hostname, it should allow one IPv4 and one IPv6 simultaneously, a subtask of T2464: DNS bugs (parent task), from Open to Needs testing.
Viacheslav changed the status of T2627: 'system static-host-mapping' only allows one IP address per hostname, it should allow one IPv4 and one IPv6 simultaneously from Open to Needs testing.
Viacheslav changed the status of T2683: no dual stack in system static-host-mapping host-name from In progress to Needs testing.
Viacheslav changed the status of T2763: New SNMP resource request - SNMP over TCP from In progress to Needs testing.
Viacheslav renamed T3942: Generate IPSec debug archive from op-mode from Generate IPSec debug archive form op-mode to Generate IPSec debug archive from op-mode.
Viacheslav changed the status of T3942: Generate IPSec debug archive from op-mode from Open to In progress.
Viacheslav changed the status of T2763: New SNMP resource request - SNMP over TCP from Open to In progress.
Viacheslav added a comment to T2763: New SNMP resource request - SNMP over TCP.
Viacheslav edited projects for T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command, added: VyOS 1.2 Crux (VyOS 1.2.9); removed VyOS 1.4 Sagitta.
Viacheslav changed the status of T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command from Open to In progress.
Viacheslav added a comment to T3341: Wrong behavior of the "reset vpn ipsec-peer XXX tunnel XXX" command.
Viacheslav changed the status of T3939: When xdp is enabled on ethernet interface, interface crashes on reboot and is not started from Open to Confirmed.
Fri, Oct 22
Fri, Oct 22
Viacheslav changed the status of T3931: SSTP doesn't work after rewriting to PKI from Open to Confirmed.
Viacheslav changed the status of T2566: sstp not able to run tunnels ipv6 only from In progress to Needs testing.
Viacheslav added a comment to T2566: sstp not able to run tunnels ipv6 only.
Viacheslav changed the status of T2566: sstp not able to run tunnels ipv6 only from Open to In progress.
Viacheslav added a comment to T2566: sstp not able to run tunnels ipv6 only.
To reproduce:
[edit vpn sstp]
vyos@r4-epa1# compare
[edit vpn sstp]
+authentication {
+ local-users {
+ username foo {
+ password bar
+ }
+ }
+ mode local
+}
+client-ipv6-pool {
+ prefix 2001:db8::/48 {
+ }
+}
+gateway-address 192.168.122.14
+ssl {
+ ca-cert-file /config/user-data/sstp/ca.crt
+ cert-file /config/user-data/sstp/server.crt
+ key-file /config/user-data/sstp/server.key
+}
[edit vpn sstp]
vyos@r4-epa1# commit
[ vpn ]
Note: the IPsec process will not start until you configure some tunnels, profiles, or L2TP/IPsec settingsIt uses PKI.
Viacheslav added a comment to T3929: No option "key-file" for vpn sstp ssl.
Viacheslav changed the status of T3929: No option "key-file" for vpn sstp ssl from Open to In progress.
Viacheslav changed the status of T2683: no dual stack in system static-host-mapping host-name from Open to In progress.
Viacheslav added a comment to T2683: no dual stack in system static-host-mapping host-name .
Thu, Oct 21
Thu, Oct 21
Viacheslav changed the status of T3610: DHCP-Server creation for not primary IP address fails from Open to In progress.
Viacheslav added a comment to T3897: Dynamic DNS doesn't work with IPv6 addresses.
Smoketest can't read configuration file /run/ddclient/ddclient.conf
https://github.com/vyos/vyos-1x/blob/1d89e5196611f06bc1d0f925fc2ac1cb4a5536ec/src/conf_mode/dynamic_dns.py#L134-L135
Viacheslav changed the status of T3897: Dynamic DNS doesn't work with IPv6 addresses from Open to In progress.
Viacheslav changed the status of T3626: Configuring and disabling DHCP Server from Open to In progress.
Viacheslav added a comment to T3626: Configuring and disabling DHCP Server.
Viacheslav changed the subtype of T3924: VRRP stops working with VRF from "Task" to "Bug".
Viacheslav added a comment to T3924: VRRP stops working with VRF.
May be an upstream bug, possible fixed in https://github.com/acassen/keepalived/commit/2f1024d382783742df0e5c3dd705596f958b77b5
and https://github.com/acassen/keepalived/commit/5681838ac21de25b935632c5ec41569f79b48c19
Wed, Oct 20
Wed, Oct 20
Viacheslav moved T3918: DHCPv6 prefix delegation incorrect verify error from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a comment to T3918: DHCPv6 prefix delegation incorrect verify error.
Viacheslav added a comment to T3626: Configuring and disabling DHCP Server.
To disable shared-network at least one shared network should be working. The second can be disabled without issues.
Viacheslav changed the status of T3918: DHCPv6 prefix delegation incorrect verify error from Open to In progress.
Tue, Oct 19
Tue, Oct 19
Viacheslav changed the status of T3916: Add additional Linux capabilities to container configuration, a subtask of T3676: Container option to add Linux capabilities, from Open to In progress.
Viacheslav changed the status of T3916: Add additional Linux capabilities to container configuration from Open to In progress.
Viacheslav added a comment to T3916: Add additional Linux capabilities to container configuration.
Viacheslav added a comment to T3494: DHCPv6 leases traceback when PD using.
An interesting thing that I get the error with that configuration:
Viacheslav updated the task description for T3914: vrrp rfc3768-compatibility doesn't work with unicast peers.
Viacheslav updated the task description for T3914: vrrp rfc3768-compatibility doesn't work with unicast peers.
Viacheslav added a comment to T3771: DHCPv6 server prefix delegation - dynamically add route to delegated prefix via requesting router.
As an option it is possible this workaround:
Install tshark and use this script https://george.mibloving.net/nivex/d6rm/raw/commit/701d49cce3a308aed0c3d89d47be7601178ea4c4/d6rm.py
Viacheslav added a comment to T3886: DHCP server can not start.
All subnets that share the same physical network should be declared within a shared-network declaration
Oct 18 22:24:01 r1-roll dhcpd[4985]: Interface eth2 matches multiple shared networks
Mon, Oct 18
Mon, Oct 18
Viacheslav added a comment to T418: Add html entities encoding for options field.
@mickvav You can use ". Can you checkt it?
Sun, Oct 17
Sun, Oct 17
Viacheslav added a comment to T3895: VYOS firewall rules do not adhere to time schedule unless placed in UTC mode..
As I know, iptables works only in UTC time. And any workaround with recalculate Datetime will be affected incorrect behavior.
Viacheslav added a comment to T3459: Inform the user when unable to install outdated image.
As for me we shouldn’t allow to downgrade images. So there are no “downgrade migration scripts”. Each downgrade - good point to get a brick.
At least we should generate a warning.
Viacheslav added a comment to T3396: syslog can't be configured with an ipv6 literal destination in 1.2.x.
PR for "crux": https://github.com/vyos/vyos-1x/pull/1029
Fri, Oct 15
Fri, Oct 15
Viacheslav closed T3613: Selectors for route-based IPsec tunnel (vti), a subtask of T2816: Rewrite IPsec scripts with the new XML/Python approach, as Resolved.
Viacheslav changed the status of T3832: Allow to set DHCP client-id in hexadecimal format from In progress to Needs testing.
Viacheslav moved T3676: Container option to add Linux capabilities from Need Triage to Finished on the VyOS 1.4 Sagitta board.
@artooro Will be available in the next rolling release
Let us know, if you want some other capabilities
Viacheslav added a comment to T3676: Container option to add Linux capabilities.
Viacheslav changed the status of T3676: Container option to add Linux capabilities from Open to In progress.
Viacheslav moved T3692: VyOS build failing due to repo.saltstack.com from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav moved T3693: ISIS Route redistribution ipv6 support missing from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a comment to T876: L2TP/IPSEC Client.
Maybe be added to gether with T1229
Viacheslav moved T3702: Policy: Allow routing by fwmark from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Viacheslav added a comment to T3724: Allow setting host-name in l2tp section of accel-ppp.
@maznu Can you create a PR?
Initial bug was Fixed, VyOS 1.4-rolling-202110130217
vyos@r1-roll# compare
[edit container]
+name dns02 {
+ image ubuntu:focal
+ network dnsnet {
+ address 10.0.72.253
+ }
+}
+network dnsnet {
+ prefix 10.0.72.0/24
+}
-network net01 {
- prefix 10.0.72.0/24
-}Thu, Oct 14
Thu, Oct 14
Viacheslav added a comment to T3801: containers: do not use podman CLI to create container networks.
@c-po Is it already implemented with commit https://github.com/vyos/vyos-1x/commit/ae2dc55aa68679e828d4bb133fc515172c081d0f ?
Fixed, VyOS 1.4-rolling-202110130217
vyos@r1-roll:~$ show nat source rules Rule Source Translation Outbound Interface ---- ------ ----------- ------------------ 3 192.168.0.0/24 masquerade eth0
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav updated the task description for T3810: webproxy squidguard rules don't work properly after rewriting to python. .
Viacheslav added a comment to T3907: Firewall - Set log levels.
As for me, it should be configured in the global firewall log level, not per rule.
set firewall log-level x
Viacheslav added a comment to T3832: Allow to set DHCP client-id in hexadecimal format.
Viacheslav changed the status of T3832: Allow to set DHCP client-id in hexadecimal format from Open to In progress.
Viacheslav reassigned T3865: loadkey command help text missing escape sequence from Viacheslav to chaya2z.
Viacheslav changed the status of T3865: loadkey command help text missing escape sequence from Open to In progress.