Page MenuHomeVyOS Platform

dtoux (Dmitri Toubelis)
User

Projects

User does not belong to any projects.

User Details

User Since
Mar 23 2021, 6:54 AM (157 w, 2 d)

Recent Activity

May 9 2022

dtoux added a comment to T4405: DHCP client sometimes ignores `no-default-route` option of an interface.

It may be a good idea to cherry-pick this for 1.4.x branch.

May 9 2022, 3:48 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

May 5 2022

dtoux added a comment to T4405: DHCP client sometimes ignores `no-default-route` option of an interface.

I've creatred a pull request for the above - https://github.com/vyos/vyos-1x/pull/1313

May 5 2022, 5:55 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

May 4 2022

dtoux updated the task description for T4405: DHCP client sometimes ignores `no-default-route` option of an interface.
May 4 2022, 6:38 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

May 3 2022

dtoux added a comment to T4405: DHCP client sometimes ignores `no-default-route` option of an interface.

Also, these routes getting an administrative distance of 1, which is impossible to override. I believe the default route from DHCP normally has 210 which is manageable. So, the quick workaround could be increasing distance of these routes.

May 3 2022, 2:28 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
dtoux added a comment to T4405: DHCP client sometimes ignores `no-default-route` option of an interface.
r24:/home/dtoubelis# cat /var/lib/dhcp/dhclient_eth4.leases
lease {
  interface "eth4";
  fixed-address 100.123.57.53;
  option subnet-mask 255.192.0.0;
  option relay-agent-information 1:4:0:0:4:cf:5:4:64:40:0:1:97:8:1:0:14:ed:0:0:14:ed:98:0;
  option dhcp-lease-time 300;
  option routers 100.64.0.1;
  option dhcp-message-type 5;
  option domain-name-servers 1.1.1.1,8.8.8.8;
  option dhcp-server-identifier 100.64.0.1;
  option interface-mtu 1500;
  option rfc3442-classless-static-routes 32,192,168,100,1,0,0,0,0,32,34,120,255,244,0,0,0,0,0,100,64,0,1;
  renew 2 2022/05/03 12:42:00;
  rebind 2 2022/05/03 12:44:26;
  expire 2 2022/05/03 12:45:04;
}
lease {
  interface "eth4";
  fixed-address 100.123.57.53;
  option subnet-mask 255.192.0.0;
  option relay-agent-information 1:4:0:0:4:cf:5:4:64:40:0:1:97:8:1:0:14:ed:0:0:14:ed:98:0;
  option dhcp-lease-time 300;
  option routers 100.64.0.1;
  option dhcp-message-type 5;
  option domain-name-servers 1.1.1.1,8.8.8.8;
  option dhcp-server-identifier 100.64.0.1;
  option interface-mtu 1500;
  option rfc3442-classless-static-routes 32,192,168,100,1,0,0,0,0,32,34,120,255,244,0,0,0,0,0,100,64,0,1;
  renew 2 2022/05/03 12:46:34;
  rebind 2 2022/05/03 12:48:50;
  expire 2 2022/05/03 12:49:28;
}
lease {
  interface "eth4";
  fixed-address 100.123.57.53;
  option subnet-mask 255.192.0.0;
  option relay-agent-information 1:4:0:0:4:cf:5:4:64:40:0:1:97:8:1:0:14:ed:0:0:14:ed:98:0;
  option dhcp-lease-time 300;
  option routers 100.64.0.1;
  option dhcp-message-type 5;
  option domain-name-servers 1.1.1.1,8.8.8.8;
  option dhcp-server-identifier 100.64.0.1;
  option interface-mtu 1500;
  option rfc3442-classless-static-routes 32,192,168,100,1,0,0,0,0,32,34,120,255,244,0,0,0,0,0,100,64,0,1;
  renew 2 2022/05/03 12:51:33;
  rebind 2 2022/05/03 12:53:25;
  expire 2 2022/05/03 12:54:03;
}
...
}
May 3 2022, 2:22 PM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
dtoux added a comment to T4405: DHCP client sometimes ignores `no-default-route` option of an interface.

Below is a packet capture from DHCP exchange:


It seems that option 121 has more than one route. Could this be causing the abnormal behavior?

May 3 2022, 4:44 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta
dtoux created T4405: DHCP client sometimes ignores `no-default-route` option of an interface.
May 3 2022, 4:16 AM · VyOS 1.3 Equuleus (1.3.2), VyOS 1.4 Sagitta

Aug 18 2021

dtoux added a comment to T3537: Unable to override the default OSPFv3 link cost for wireguard interface.

Sounds good to me.

Aug 18 2021, 1:13 PM · VyOS 1.3 Equuleus (1.3.0-epa1)

Aug 17 2021

dtoux added a comment to T3552: BFD does not work with OSPFv3 via wireguard.

Any news on this?

Aug 17 2021, 5:26 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
dtoux added a comment to T3537: Unable to override the default OSPFv3 link cost for wireguard interface.

I haven't tested it directly but I haven't experienced this problem while working on the configuration changes. I don't have much time right now, so I can't test the exact scenario.

Aug 17 2021, 4:01 PM · VyOS 1.3 Equuleus (1.3.0-epa1)

Jul 9 2021

dtoux changed Version from VyOS 1.3-rolling-202105011026 to VyOS 1.3-rolling-202105011026, VyOS 1.3.0-rc5 on T3537: Unable to override the default OSPFv3 link cost for wireguard interface.
Jul 9 2021, 4:47 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
dtoux added a comment to T3537: Unable to override the default OSPFv3 link cost for wireguard interface.

The issue seems still present in Vyos 1.3.0-rc5

Jul 9 2021, 4:46 AM · VyOS 1.3 Equuleus (1.3.0-epa1)

May 26 2021

dtoux added a comment to T3553: OSPFv3 redistribute configuration remains in frr running config after removal.

Where can I get the rc4? The last RR I see is vyos-1.3-rolling-202105011026-amd64.iso.

May 26 2021, 3:45 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
dtoux added a comment to T3553: OSPFv3 redistribute configuration remains in frr running config after removal.

BTW, the same happens when adding/removing interfaces to an area.

May 26 2021, 6:02 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
dtoux added a comment to T3553: OSPFv3 redistribute configuration remains in frr running config after removal.

I did some more digging and found a reliable way of reproducing it:

May 26 2021, 4:40 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
dtoux created T3581: Incomplete command `show ipv6 ospfv3 linkstate`.
May 26 2021, 4:27 AM · VyOS 1.3 Equuleus (1.3.0)

May 17 2021

dtoux added a comment to T3553: OSPFv3 redistribute configuration remains in frr running config after removal.

I think I found a way to reproduce it:

  • rename an interface that was previously included in ospfv3 configuration and then remove it in the same commit from ospfv3 in the same commit.
  • get an error that interface is not found. I think that at this stage the configuration is applied only partially
  • after that error configuration in frr and vyos goes out of sync and never unsynchronized unless forced (or by lucky accident :-)
May 17 2021, 5:29 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
dtoux added a comment to T3553: OSPFv3 redistribute configuration remains in frr running config after removal.

Hmm, I still have it in my running-config. Is there a way to force config regeneration?

May 17 2021, 3:54 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
dtoux added a comment to T3552: BFD does not work with OSPFv3 via wireguard.

The "Time exceeded" likely means that message is sent to a black hole. There are two bfd sessions running through the same tunnel - one for OSPF and the other for OSPFv3. Timeout settings are the same and the first one is established instantly and is running happily. The OSPFv3 one is not so much:

May 17 2021, 3:47 PM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
dtoux created T3553: OSPFv3 redistribute configuration remains in frr running config after removal.
May 17 2021, 5:02 AM · VyOS 1.3 Equuleus (1.3.0-epa1)
dtoux added a comment to T3552: BFD does not work with OSPFv3 via wireguard.

BFDd amybe creating those addresses automatically. In theory, it doesn't matter what they are as long as both ends have a way of learning them. I'm not sure if this is a general issue or an issue only with wireguard but right now bfd doesn't work with OSPFv3 over wireguard.

May 17 2021, 4:55 AM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
dtoux added a comment to T3552: BFD does not work with OSPFv3 via wireguard.

BTW, it appears ths fe80::... addresses used in bfd dialogue do not belong to any of the actual interfaces. It could be by design but this si something I discovered when trying to troubleshoot the session. This could also be the reason for mismatch between session ends if the other side does not know the peer address.

May 17 2021, 1:02 AM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
dtoux updated the task description for T3552: BFD does not work with OSPFv3 via wireguard.
May 17 2021, 12:58 AM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
dtoux added a comment to T3552: BFD does not work with OSPFv3 via wireguard.

Attaching packet captures from both ends filered with bfd && ipv6.addr == fe80::/64 rule

May 17 2021, 12:50 AM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
dtoux created T3552: BFD does not work with OSPFv3 via wireguard.
May 17 2021, 12:48 AM · VyOS 1.4 Sagitta (1.4.0-epa1), Restricted Project
dtoux closed T3533: BGP IPv4 does not initiateate a session as Invalid.

I ran a packet capture on the session and It appears had been an issue with firewall settings on the provider site. It just happened that we hit a similar issue with two providers and VyOS was the common denominator but It appears to be red herring. Feel free to close.

May 17 2021, 12:29 AM · VyOS 1.3 Equuleus (1.3.0)

May 12 2021

dtoux added a comment to T3537: Unable to override the default OSPFv3 link cost for wireguard interface.

the same is the case for GRE interfaces too (ip6gre in particular)

May 12 2021, 2:14 AM · VyOS 1.3 Equuleus (1.3.0-epa1)

May 11 2021

dtoux created T3537: Unable to override the default OSPFv3 link cost for wireguard interface.
May 11 2021, 9:05 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
dtoux added a comment to T3533: BGP IPv4 does not initiateate a session.

I ran a packet capture on this BGP session and it appears that VyOS actually sends some packets out and they appear to go through the right gateway... I'm investigating with the provider and will post an update here shortly.

May 11 2021, 7:13 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux created T3536: Unable to list all available routes.
May 11 2021, 6:07 PM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta

May 10 2021

dtoux added a comment to T3533: BGP IPv4 does not initiateate a session.

Yes, I've changed the source since i posted the configuration and now it is the specific IP address that the peer expects.

May 10 2021, 7:35 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux added a comment to T3533: BGP IPv4 does not initiateate a session.

This issue is consistently reproducible and I'm experiencing it with two peers. I convinced one of them to disable passive mode on their end but the other one is not that flexible.

May 10 2021, 7:33 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux added a comment to T3533: BGP IPv4 does not initiateate a session.
r6:~$ show ip route 172.107.195.1
Routing entry for 172.107.195.1/32
  Known via "static", distance 1, metric 0, best
  Last update 00:32:33 ago
  * 38.39.193.57, via eth0, weight 1
May 10 2021, 7:28 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux added a comment to T3533: BGP IPv4 does not initiateate a session.

I've also tried with disable-connected-check option with no effect

May 10 2021, 7:26 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux added a comment to T3533: BGP IPv4 does not initiateate a session.

This is the current setup:

May 10 2021, 7:23 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux added a comment to T3533: BGP IPv4 does not initiateate a session.

The route is set and validated with traceroute and it has 2 hops.

May 10 2021, 7:15 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux updated the task description for T3533: BGP IPv4 does not initiateate a session.
May 10 2021, 7:03 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux added a comment to T3533: BGP IPv4 does not initiateate a session.
May 10 2021, 6:17 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux renamed T3533: BGP IPv4 does not initiateate a session from BGP IPv4 does not initiate ate session to BGP IPv4 does not initiateate a session.
May 10 2021, 5:59 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux created T3533: BGP IPv4 does not initiateate a session.
May 10 2021, 5:58 PM · VyOS 1.3 Equuleus (1.3.0)

May 2 2021

dtoux added a comment to T3453: IPv6 routes from BGP are not inserted into FIB.

The 2001:19f0:ffff::1 is the neighbour, it is accessible via the Kernel route and I'm able to pull routes from it. The setup is multihop. But I think you are on something. I think the peer should return the gateway as the next hop and not itself. I'm experimenting with Vultr and their setup is questionable, so this is just one more thing that they messed up. Anyhow, thanks for your help. Feel free to close the ticket.

May 2 2021, 12:02 AM · VyOS 1.3 Equuleus (1.3.0)

May 1 2021

dtoux added a comment to T3453: IPv6 routes from BGP are not inserted into FIB.

Hmm, all other routes have longer prefixes, so they should take precedence. As far as I understand the priority is prefix length (longest first) -> admin distance -> metric. So, your explanation contradicts this unless I miss something.

May 1 2021, 5:26 AM · VyOS 1.3 Equuleus (1.3.0)

Apr 12 2021

dtoux added a comment to T3427: Show prefix received via IA_PD in interface info.

Sorry for the late reply, I've dismantled the setup as I needed to put the PPP link back in use, I will look into it again tonight. In essence, it would be good to see something like this on terse view:

Apr 12 2021, 5:54 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Apr 2 2021

dtoux added a comment to T3453: IPv6 routes from BGP are not inserted into FIB.

I think the presence of the kernel default route may be the problem. It comes from RA through autoconf option on the interface. I will do some more testing.

Apr 2 2021, 8:08 AM · VyOS 1.3 Equuleus (1.3.0)
dtoux created T3453: IPv6 routes from BGP are not inserted into FIB.
Apr 2 2021, 7:17 AM · VyOS 1.3 Equuleus (1.3.0)
dtoux created T3452: Vyos views IPv6 routers received from BGP peer as internal.
Apr 2 2021, 7:01 AM · VyOS 1.3 Equuleus (1.3.6)

Mar 30 2021

dtoux added a comment to T3447: Default IPv6 route is not created in VRF.

I still see it in frr after the reboot but it is not showing in the output of show ipv6 route, so it seems like just a visualization problem.

Mar 30 2021, 9:02 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux added a comment to T3447: Default IPv6 route is not created in VRF.

What command do you use to get this?

Mar 30 2021, 7:40 PM · VyOS 1.3 Equuleus (1.3.0)

Mar 29 2021

dtoux updated the task description for T3447: Default IPv6 route is not created in VRF.
Mar 29 2021, 7:55 PM · VyOS 1.3 Equuleus (1.3.0)
dtoux created T3447: Default IPv6 route is not created in VRF.
Mar 29 2021, 7:52 PM · VyOS 1.3 Equuleus (1.3.0)

Mar 25 2021

dtoux added a comment to T3423: Cannot create ipv4 static route for default gateway in vrf.

I will give it a try once the image is out. The latest right now is still showing 2021-03-23.

Mar 25 2021, 4:16 AM · VyOS 1.4 Sagitta

Mar 24 2021

dtoux added a project to T3427: Show prefix received via IA_PD in interface info: VyOS 1.4 Sagitta.
Mar 24 2021, 3:24 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta
dtoux created T3427: Show prefix received via IA_PD in interface info.
Mar 24 2021, 3:21 AM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Mar 23 2021

dtoux created T3424: PPPoE IA-PD doesn't work in VRF.
Mar 23 2021, 4:49 PM · VyOS 1.3 Equuleus (1.3.4), VyOS 1.4 Sagitta
dtoux renamed T3423: Cannot create ipv4 static route for default gateway in vrf from Cannot create ipv4 static route in vrf to Cannot create ipv4 static route for default gateway in vrf.
Mar 23 2021, 4:02 PM · VyOS 1.4 Sagitta
dtoux added a comment to T3423: Cannot create ipv4 static route for default gateway in vrf.

Yes, I made mistake when adding the command to the ticket and I corrected it now. It should read:

Mar 23 2021, 3:58 PM · VyOS 1.4 Sagitta
dtoux updated the task description for T3423: Cannot create ipv4 static route for default gateway in vrf.
Mar 23 2021, 3:57 PM · VyOS 1.4 Sagitta
dtoux created T3423: Cannot create ipv4 static route for default gateway in vrf.
Mar 23 2021, 3:22 PM · VyOS 1.4 Sagitta