Page MenuHomeVyOS Platform

c-po (Christian Poessinger)
User

Projects

User Details

User Since
Aug 3 2017, 1:55 PM (153 w, 5 d)

Recent Activity

Sun, Jul 12

c-po added a comment to T2696: Some bugfixes of vyatta-wanloadbalance.

https://github.com/vyos/vyatta-wanloadbalance/commit/ab841d3588c88e0e8ef86693471281badce92a9f

Sun, Jul 12, 7:18 PM · VyOS 1.3 Equuleus
c-po closed T2696: Some bugfixes of vyatta-wanloadbalance as Resolved.
Sun, Jul 12, 7:17 PM · VyOS 1.3 Equuleus
c-po added a comment to T2696: Some bugfixes of vyatta-wanloadbalance.

@jack9603301 the approach from @banditos13 is perfectly fine. Despite the fact that a PR would be the non plus ultra - a problem was identified and a fix was provided - works for me.

Sun, Jul 12, 7:13 PM · VyOS 1.3 Equuleus
c-po added a comment to T2696: Some bugfixes of vyatta-wanloadbalance.

Are you familiar with that codebase @jack9603301? As I see no real answer in your posting which does not help at all :(

Sun, Jul 12, 5:15 PM · VyOS 1.3 Equuleus
c-po claimed T2690: Add VRF support to the add system image command.
Sun, Jul 12, 4:30 PM · VyOS 1.3 Equuleus
c-po added a comment to T2696: Some bugfixes of vyatta-wanloadbalance.

I feel more like abandoning that daemon and use a python based implementation.

Sun, Jul 12, 4:29 PM · VyOS 1.3 Equuleus
c-po added a comment to T2687: SNMP: change logic on v3 password encryption.

New ISO build triggered with fix - also an MD5 smoketest was added

Sun, Jul 12, 12:55 PM · VyOS 1.3 Equuleus
c-po added a comment to T2687: SNMP: change logic on v3 password encryption.

Bug in the library is confirmed - id completely ignores MD5

Sun, Jul 12, 12:03 PM · VyOS 1.3 Equuleus
c-po added a comment to T2687: SNMP: change logic on v3 password encryption.

Problem seems to be in the 3rd party hash library - when upgrading from 1.2.5 to 1.3 rolling settings persist and work:

Sun, Jul 12, 11:46 AM · VyOS 1.3 Equuleus
c-po added a comment to T2687: SNMP: change logic on v3 password encryption.

MD5 should be supported as it works in VyOS 1.2 - let me have a look.

Sun, Jul 12, 11:25 AM · VyOS 1.3 Equuleus
c-po added a comment to T2687: SNMP: change logic on v3 password encryption.

It is stated in the documentation - that is why I passed it to you

Sun, Jul 12, 10:02 AM · VyOS 1.3 Equuleus
c-po closed T2699: NAT Regression in 1.3 as Resolved.
Sun, Jul 12, 9:54 AM
c-po added a comment to T2699: NAT Regression in 1.3.

The following rules are now installed after the fix:

Sun, Jul 12, 9:53 AM
c-po added a comment to T2699: NAT Regression in 1.3.

Your above ruleset should be tralnsated into thie NFT syntax:

Sun, Jul 12, 8:15 AM
c-po added a comment to T2687: SNMP: change logic on v3 password encryption.

There i no community in SNMPv3 - please read https://docs.vyos.io/en/latest/services/snmp.html#snmpv3

Sun, Jul 12, 8:11 AM · VyOS 1.3 Equuleus

Sat, Jul 11

c-po added a comment to T2698: Current vyos-build for crux does not include wireguard.ko.

@linuxgemini we do not support DKMS.

Sat, Jul 11, 9:03 PM · VyOS 1.2 Crux
c-po changed the status of T2698: Current vyos-build for crux does not include wireguard.ko from Open to In progress.
Sat, Jul 11, 5:59 PM · VyOS 1.2 Crux
c-po closed T2687: SNMP: change logic on v3 password encryption as Resolved.
Sat, Jul 11, 4:04 PM · VyOS 1.3 Equuleus

Fri, Jul 10

c-po added a comment to T2585: Unable to access the Internet after opening PPPoE on-demand dialing.

Well a bit more verbosity would be good. As usual:

  • provide config
  • logfiles
  • routing table
  • interface ip list
Fri, Jul 10, 4:15 PM · VyOS 1.3 Equuleus

Wed, Jul 8

c-po added a comment to T2644: Disabling Bonded Interfaces Broken.

There is a basic test for this which should be expanded.

Wed, Jul 8, 8:03 PM · VyOS 1.3 Equuleus
c-po claimed T2585: Unable to access the Internet after opening PPPoE on-demand dialing.
Wed, Jul 8, 6:28 PM · VyOS 1.3 Equuleus
c-po added a comment to T2585: Unable to access the Internet after opening PPPoE on-demand dialing.

A very fast look on the source indicated wrong dictionary kissed missed out during migration to get_config_dict() - please try next rolling.

Wed, Jul 8, 6:28 PM · VyOS 1.3 Equuleus
c-po triaged T2585: Unable to access the Internet after opening PPPoE on-demand dialing as Low priority.
Wed, Jul 8, 6:04 PM · VyOS 1.3 Equuleus
c-po added a comment to T2585: Unable to access the Internet after opening PPPoE on-demand dialing.
Wed, Jul 8, 6:04 PM · VyOS 1.3 Equuleus
c-po added a comment to T2315: Ability to have right address-family for BGP peers..

My guess is this will be resolved by the full BGP rewrite - I also do not like the current behavior.

Wed, Jul 8, 6:01 PM · VyOS 1.3 Equuleus
c-po triaged T2315: Ability to have right address-family for BGP peers. as High priority.
Wed, Jul 8, 6:01 PM · VyOS 1.3 Equuleus

Tue, Jul 7

c-po changed the status of T2687: SNMP: change logic on v3 password encryption from Open to In progress.
Tue, Jul 7, 5:50 PM · VyOS 1.3 Equuleus
c-po added a comment to T2687: SNMP: change logic on v3 password encryption.

Using the mentioned defaults in https://tools.ietf.org/html/rfc3414#appendix-A.3.2

Tue, Jul 7, 5:50 PM · VyOS 1.3 Equuleus
c-po updated the task description for T2651: Generate CLI abstraction for options passed to CURL.
Tue, Jul 7, 5:12 PM · VyOS 1.3 Equuleus
c-po added a comment to T2690: Add VRF support to the add system image command.

This somehow relates to T2651

Tue, Jul 7, 5:11 PM · VyOS 1.3 Equuleus
c-po closed T2691: Upgrade from 1.2.5 to 1.3-rolling-202007040117 results in broken config due to case mismatch as Resolved.
Tue, Jul 7, 5:10 PM · VyOS 1.3 Equuleus
c-po added a comment to T2691: Upgrade from 1.2.5 to 1.3-rolling-202007040117 results in broken config due to case mismatch.

The reason this is failing is VyOS 1.2 lacks proper input validation on the loglevel nodes.

Tue, Jul 7, 4:25 PM · VyOS 1.3 Equuleus
c-po moved T2663: SNMP does not listen to the specified address from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:11 PM · VyOS 1.3 Equuleus
c-po moved T2671: SNMP failed to start after the system was rebooted from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:11 PM · VyOS 1.3 Equuleus
c-po moved T2680: Dhcp6c service can not recover when it fails. from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:10 PM · VyOS 1.3 Equuleus
c-po moved T2682: VRF aware services - connection no longer possible after system reboot from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:10 PM · VyOS 1.3 Equuleus
c-po moved T2676: NTP: migrate to get_config_dict() implementation from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:10 PM · VyOS 1.3 Equuleus
c-po moved T2685: Update Accel-PPP to fix SSTP client issues from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:10 PM · VyOS 1.3 Equuleus
c-po moved T2684: Update Linux Kernel to v4.19.131 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:10 PM · VyOS 1.3 Equuleus
c-po moved T2681: PPPoE stops negotiating IPv6 from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:10 PM · VyOS 1.3 Equuleus
c-po moved T2686: FRR: BGP: large-community configuration is not applied properly after upgrading FRR to 7.3.x series from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:10 PM · VyOS 1.2 Crux (VyOS 1.2.6), VyOS 1.3 Equuleus
c-po moved T2599: "show interfaces" does not list VIF interfaces in ascending order from Backlog to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:10 PM · VyOS 1.3 Equuleus
c-po moved T2321: VRF support for SSH, NTP, SNMP service from Backlog to Finished on the VyOS 1.3 Equuleus board.
Tue, Jul 7, 4:10 PM · VyOS 1.3 Equuleus
c-po moved T2389: BGP community-list error from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.
Tue, Jul 7, 4:10 PM · VyOS 1.2 Crux (VyOS 1.2.6), VyOS 1.3 Equuleus
c-po closed T2389: BGP community-list error as Resolved.
Tue, Jul 7, 4:10 PM · VyOS 1.2 Crux (VyOS 1.2.6), VyOS 1.3 Equuleus
c-po moved T2686: FRR: BGP: large-community configuration is not applied properly after upgrading FRR to 7.3.x series from Needs Triage to Finished on the VyOS 1.2 Crux (VyOS 1.2.6) board.
Tue, Jul 7, 4:06 PM · VyOS 1.2 Crux (VyOS 1.2.6), VyOS 1.3 Equuleus
c-po closed T2686: FRR: BGP: large-community configuration is not applied properly after upgrading FRR to 7.3.x series as Resolved.
Tue, Jul 7, 4:06 PM · VyOS 1.2 Crux (VyOS 1.2.6), VyOS 1.3 Equuleus
c-po claimed T2691: Upgrade from 1.2.5 to 1.3-rolling-202007040117 results in broken config due to case mismatch.
Tue, Jul 7, 4:05 PM · VyOS 1.3 Equuleus

Mon, Jul 6

c-po added a comment to T2686: FRR: BGP: large-community configuration is not applied properly after upgrading FRR to 7.3.x series.

So should be cherry-pick this to 1.2.6?

Mon, Jul 6, 6:28 AM · VyOS 1.2 Crux (VyOS 1.2.6), VyOS 1.3 Equuleus

Sun, Jul 5

c-po added a comment to T2687: SNMP: change logic on v3 password encryption.

Just digging around I found this:

Sun, Jul 5, 6:17 PM · VyOS 1.3 Equuleus
c-po added a comment to T2680: Dhcp6c service can not recover when it fails..

There is already a new build containing the fix.

Sun, Jul 5, 2:38 PM · VyOS 1.3 Equuleus
c-po created T2687: SNMP: change logic on v3 password encryption.
Sun, Jul 5, 2:22 PM · VyOS 1.3 Equuleus
c-po added a comment to T2686: FRR: BGP: large-community configuration is not applied properly after upgrading FRR to 7.3.x series.

@Viacheslav could you please check if this probably should make it into 1.2.6 in addition?

Sun, Jul 5, 2:10 PM · VyOS 1.2 Crux (VyOS 1.2.6), VyOS 1.3 Equuleus
c-po changed the status of T2686: FRR: BGP: large-community configuration is not applied properly after upgrading FRR to 7.3.x series from Open to Backport candidate.
Sun, Jul 5, 2:10 PM · VyOS 1.2 Crux (VyOS 1.2.6), VyOS 1.3 Equuleus
c-po added a comment to T2686: FRR: BGP: large-community configuration is not applied properly after upgrading FRR to 7.3.x series.

https://github.com/vyos/vyatta-cfg-quagga/pull/51

Sun, Jul 5, 2:10 PM · VyOS 1.2 Crux (VyOS 1.2.6), VyOS 1.3 Equuleus
c-po created T2686: FRR: BGP: large-community configuration is not applied properly after upgrading FRR to 7.3.x series.
Sun, Jul 5, 2:07 PM · VyOS 1.2 Crux (VyOS 1.2.6), VyOS 1.3 Equuleus
c-po closed T2681: PPPoE stops negotiating IPv6 as Resolved.
Sun, Jul 5, 10:35 AM · VyOS 1.3 Equuleus
c-po added a comment to T2681: PPPoE stops negotiating IPv6.

Problem was introduced by porting PPPoE to the get_config_dict() implementation T2653 commit https://github.com/vyos/vyos-1x/commit/65fa21f5

Sun, Jul 5, 10:25 AM · VyOS 1.3 Equuleus
c-po closed T2685: Update Accel-PPP to fix SSTP client issues as Resolved.
Sun, Jul 5, 9:40 AM · VyOS 1.3 Equuleus
c-po closed T2685: Update Accel-PPP to fix SSTP client issues, a subtask of T2684: Update Linux Kernel to v4.19.131, as Resolved.
Sun, Jul 5, 9:40 AM · VyOS 1.3 Equuleus
c-po closed T2684: Update Linux Kernel to v4.19.131 as Resolved.
Sun, Jul 5, 9:39 AM · VyOS 1.3 Equuleus
c-po changed the status of T2684: Update Linux Kernel to v4.19.131 from Open to In progress.
Sun, Jul 5, 9:36 AM · VyOS 1.3 Equuleus
c-po created T2685: Update Accel-PPP to fix SSTP client issues.
Sun, Jul 5, 9:35 AM · VyOS 1.3 Equuleus
c-po created T2684: Update Linux Kernel to v4.19.131.
Sun, Jul 5, 9:35 AM · VyOS 1.3 Equuleus
c-po added a comment to T2678: High RAM usage on SSH logins with lots of IPv6 routes in the routing table..

Does DNS static-host-mapping still work with the nssswich.conf change? I‘m just curious about the side effects.

Sun, Jul 5, 8:05 AM · VyOS 1.3 Equuleus

Sat, Jul 4

c-po renamed T2682: VRF aware services - connection no longer possible after system reboot from SSH: VRF: connection no longer possible after system reboot to VRF aware services - connection no longer possible after system reboot.
Sat, Jul 4, 7:56 PM · VyOS 1.3 Equuleus
c-po added a comment to T2678: High RAM usage on SSH logins with lots of IPv6 routes in the routing table..

Somehow I do not want to change the overall system behavior by altering nsswitch.conf. I wonder if we should not enable "disable-host-ookups" by default as an IP address is in the end more useful then a resolved PTR. A PRT can be changed later on when dissecting the logfiles but an IP lookup should stay longer.

Sat, Jul 4, 7:41 PM · VyOS 1.3 Equuleus
c-po closed T2682: VRF aware services - connection no longer possible after system reboot as Resolved.
Sat, Jul 4, 7:36 PM · VyOS 1.3 Equuleus
c-po added a comment to T2682: VRF aware services - connection no longer possible after system reboot.

Linux tries to bind SSHd to the VRF but it is yet not ready. After restarting SSH to often (rate-limiting) it is blocked.

Sat, Jul 4, 7:19 PM · VyOS 1.3 Equuleus
c-po changed the status of T2682: VRF aware services - connection no longer possible after system reboot from Open to Confirmed.
Sat, Jul 4, 6:31 PM · VyOS 1.3 Equuleus
c-po updated the task description for T2682: VRF aware services - connection no longer possible after system reboot.
Sat, Jul 4, 6:31 PM · VyOS 1.3 Equuleus
c-po created T2682: VRF aware services - connection no longer possible after system reboot.
Sat, Jul 4, 6:10 PM · VyOS 1.3 Equuleus
c-po added a comment to T2680: Dhcp6c service can not recover when it fails..

Changing the systemd defaults is a thing I hesitate to do! It will have a ton of unexpected sideeffects. I guess you have an error in your entire setup as multiple sites of mine work flawlessly

Sat, Jul 4, 1:26 PM · VyOS 1.3 Equuleus
c-po moved T2678: High RAM usage on SSH logins with lots of IPv6 routes in the routing table. from Need Triage to In Progress on the VyOS 1.3 Equuleus board.
Sat, Jul 4, 7:07 AM · VyOS 1.3 Equuleus
c-po changed the status of T2678: High RAM usage on SSH logins with lots of IPv6 routes in the routing table. from Open to Confirmed.
Sat, Jul 4, 7:07 AM · VyOS 1.3 Equuleus
c-po added a comment to T2678: High RAM usage on SSH logins with lots of IPv6 routes in the routing table..

I found that I had disable-host-validation configured and as soon as I removed it it happened to me, too. Changing task priority.

Sat, Jul 4, 7:07 AM · VyOS 1.3 Equuleus
c-po added a comment to T2678: High RAM usage on SSH logins with lots of IPv6 routes in the routing table..

I have checked with a v4/v6 full table router and VyOS 1.2.5 - each SSH session will consume 7MiB which semms okay for me.

Sat, Jul 4, 6:59 AM · VyOS 1.3 Equuleus
c-po added a comment to T2679: VRRP with BFD Failure Detection.

Availible in keepalived, thus kt could be considered for 1.3

Sat, Jul 4, 6:42 AM · VyOS 1.3 Equuleus

Fri, Jul 3

c-po assigned T2675: DNS service failed to start to jjakob.
Fri, Jul 3, 4:57 PM · VyOS 1.3 Equuleus
c-po added a comment to T2675: DNS service failed to start.

Again, please always attach a configuration file

Fri, Jul 3, 4:57 PM · VyOS 1.3 Equuleus
c-po moved T2677: Proposal for clearer DHCPv6-PD configuration options from In Progress to Backlog on the VyOS 1.3 Equuleus board.
Fri, Jul 3, 3:26 PM · VyOS 1.3 Equuleus
c-po moved T2677: Proposal for clearer DHCPv6-PD configuration options from Need Triage to In Progress on the VyOS 1.3 Equuleus board.
Fri, Jul 3, 3:26 PM · VyOS 1.3 Equuleus
c-po changed the status of T2677: Proposal for clearer DHCPv6-PD configuration options from Open to In progress.
Fri, Jul 3, 3:26 PM · VyOS 1.3 Equuleus
c-po closed T2676: NTP: migrate to get_config_dict() implementation as Resolved.
Fri, Jul 3, 11:33 AM · VyOS 1.3 Equuleus
c-po changed the status of T2676: NTP: migrate to get_config_dict() implementation from Open to In progress.
Fri, Jul 3, 11:10 AM · VyOS 1.3 Equuleus
c-po created T2676: NTP: migrate to get_config_dict() implementation.
Fri, Jul 3, 11:09 AM · VyOS 1.3 Equuleus
c-po added a comment to T2665: vyos.xml.defaults for tag nodes.

I use myself a "cleanup" function, imagine:

Fri, Jul 3, 8:57 AM · VyOS 1.3 Equuleus
c-po added a comment to T2674: Other arhitecture support (MIPS, ARM).

I wish you success in advance. Porting and compiling has always been a large-scale application project, which may take a lot of time. However, in addition to rewriting and porting related code to a more portable language, we can also try to transplant and cross build the existing old code first. Of course, this is only the first step. If possible, porting the code base has made it easier for the code base to be transplanted Meaningful.

Fri, Jul 3, 8:39 AM · VyOS 1.3 Equuleus
c-po added a comment to T2665: vyos.xml.defaults for tag nodes.

As "ip" is an invalid key in "vif" (as its no VLAN number) it should not be part of the default dict I guess - same for vif_s

Fri, Jul 3, 8:29 AM · VyOS 1.3 Equuleus
c-po added a comment to T2674: Other arhitecture support (MIPS, ARM).

porting half of an operating system to a different architecture is far from easy. Right now VyOS still has a lot of the old Vyatta codebase in it. As we are more and more in the process of migrating this to a Python based codebase it will still take some time. To be fair I stater a project some time back to port VyOS on an EdgeROuterPro (https://github.com/c-po/vy-project) and at least "it booted" but I then switched my focus to VyOS first - so by migrating th ecodebase to our own vyos-1x based Python implementation it will become easier in the future to port it to other operating systems as there is less code, less packages to port.

Fri, Jul 3, 7:10 AM · VyOS 1.3 Equuleus

Thu, Jul 2

c-po added a comment to T2671: SNMP failed to start after the system was rebooted.

As always, please provide your config and probably a way to reproducs.

Thu, Jul 2, 10:48 PM · VyOS 1.3 Equuleus

Wed, Jul 1

c-po added a comment to T1928: Is the 'Welcome to VyOS' message when using SSH an information leak?.

The login banner was always user configurable, see https://docs.vyos.io/en/latest/system/user-management.html?highlight=banner#login-banner

Wed, Jul 1, 4:16 PM

Tue, Jun 30

c-po assigned T2665: vyos.xml.defaults for tag nodes to thomas-mangin.
Tue, Jun 30, 4:46 PM · VyOS 1.3 Equuleus
c-po created T2665: vyos.xml.defaults for tag nodes.
Tue, Jun 30, 4:46 PM · VyOS 1.3 Equuleus

Sun, Jun 28

c-po closed T2660: XML: Python default dictionary does not obey underscore (_) when flat is False, a subtask of T2656: XML: Python default dictionary returns wrong dictionary level(s), as Resolved.
Sun, Jun 28, 8:06 AM · VyOS 1.3 Equuleus
c-po closed T2660: XML: Python default dictionary does not obey underscore (_) when flat is False as Resolved.
Sun, Jun 28, 8:06 AM · VyOS 1.3 Equuleus

Sat, Jun 27

c-po assigned T2660: XML: Python default dictionary does not obey underscore (_) when flat is False to thomas-mangin.
Sat, Jun 27, 7:25 PM · VyOS 1.3 Equuleus
c-po created T2660: XML: Python default dictionary does not obey underscore (_) when flat is False.
Sat, Jun 27, 7:24 PM · VyOS 1.3 Equuleus
c-po closed T2656: XML: Python default dictionary returns wrong dictionary level(s) as Resolved.
Sat, Jun 27, 1:23 PM · VyOS 1.3 Equuleus
c-po added a comment to T2159: webproxy log read from wrong file.

@elbandi could you please submit a PR?

Sat, Jun 27, 1:16 PM · VyOS 1.3 Equuleus, vyatta-webproxy