We cannot backport anything that introduces a syntax or behaviour change, much less if it may possibly need a migration script. ;)

@zsdc I've included keepalived 2.0.17 in the rolling release repo and it will be in tomorrow's nightly build. Please test.

I would be wary of including it in Crux, since it's a behaviour change.

This is really a broken abstraction. There is no separate namespaces for IPv4 and IPv6 groups in IPset.
We'll have to autoprefix the groups or similar, if we want it to work that way.

@ekim First of all, a quick fix for your situation with next-hop: add { } after the next-hop that is missing it. I.e.:

@c-po We have plurals everywhere we have more than one option under a subtree. dhcpv6-options, offload-options, "system options"
Since there's also the hostname option, and possibly other options we may want to send, that makes sense I guess.

This hasn't been possible because it links to vyconf, which makes a UNIX cultural assumption. However, I'm moving the tree handling modules and the parsers into a reusable library that can be used by both vyconf and libvyosconfig, and custom applications as well. Then it should be possible.

I think it may be a good idea.

Builds work again.

I'm not sure if I can think of a situation when a master script can be used without a backup/fault script, but I suppose it's a fair point.
We likely want to save the state on every transition.

The application got rejected.

The ISO builds has been fixed, then broken again recently, then fixed again... :)
If anyone runs into a broken build, please reopen.

The wiki, sadly, was so hard to protect from spam that it became nearly impossible to edit for humans indeed.
I've updated the banner to tell people about migration to readthedocs and the github repository everyone is now welcome to contribute to.

There are things that should be simply incorrect grammar, and this is one of them, as of me.

The usual procedure is to create a route-map that sets the nexthop to a blackholed address if the advertisment has a specific community string set.
So when a customer advertises an address (rather a /32 network) to you with that string set, it automatically ends up blackholed.

@spectre3500 Now that I think of it, did you build it with build-ami or the AWS target of the vyos-build scripts?

...oh, and remove "disable-password-authentication" from the SSH settings of course.

I wonder if this issue will ever stop re-occuring. Every time it happens, it's for some new reason. I think this time it may be related to ongoing work of @Unicron.

Related task: T1334

Here's a commented reference config from Vyatta 6.5 for testing: