Page MenuHomePhabricator

jjakob (Jernej Jakob)
User

Projects

User does not belong to any projects.

User Details

User Since
Nov 6 2018, 10:08 PM (49 w, 6 d)

Recent Activity

Sat, Oct 19

jjakob added a project to T1745: dhcp-server commit fails with "DHCP range stop address x must be greater or equal to the range start address y!" when static mapping has same IP as range stop: VyOS 1.2 Crux.

This is present in branches crux and current too, so adding tag for crux.
https://github.com/vyos/vyos-1x/commit/5848a4d6095e6d7bc70e34e0b7b7e2c3d8e3303f
https://github.com/vyos/vyos-1x/commit/6f954ab56768af9a07d8a1dc086f54ddefa58da7
https://github.com/vyos/vyos-1x/commit/5848a4d6095e6d7bc70e34e0b7b7e2c3d8e3303f

Sat, Oct 19, 4:48 AM · VyOS 1.2 Crux (VyOS 1.2.4), VyOS 1.3 Equuleus
jjakob created T1745: dhcp-server commit fails with "DHCP range stop address x must be greater or equal to the range start address y!" when static mapping has same IP as range stop.
Sat, Oct 19, 4:40 AM · VyOS 1.2 Crux (VyOS 1.2.4), VyOS 1.3 Equuleus
jjakob added a comment to T1744: Config load fails in ConfigTree with ValueError: Failed to parse config: lexing: empty token.

Via the process of elimination I found the culprit - comments with special characters in them, that at some point in the upgrade cycle got converted into backslash-escped octal:

description "\197\160" # this was once Š
description "\196\140 \196\141" # Č č

So old versions allowed these characters in comments and worked fine with them, then at one opint a upgrade converted them to backslash octal numbers, which still worked until at some point they started causing the error.

Sat, Oct 19, 4:18 AM · VyOS 1.3 Equuleus, VyOS 1.2 Crux
jjakob created T1744: Config load fails in ConfigTree with ValueError: Failed to parse config: lexing: empty token.
Sat, Oct 19, 3:42 AM · VyOS 1.3 Equuleus, VyOS 1.2 Crux
jjakob closed T1743: equuleus: remove references to SSH key type "rsa1" deprecated in Debian Buster as Resolved.
Sat, Oct 19, 2:12 AM · VyOS 1.3 Equuleus
jjakob added a comment to T1743: equuleus: remove references to SSH key type "rsa1" deprecated in Debian Buster.

https://github.com/vyos/vyatta-cfg-system/pull/109

Sat, Oct 19, 1:27 AM · VyOS 1.3 Equuleus
jjakob updated the task description for T1743: equuleus: remove references to SSH key type "rsa1" deprecated in Debian Buster.
Sat, Oct 19, 1:16 AM · VyOS 1.3 Equuleus
jjakob changed the status of T1743: equuleus: remove references to SSH key type "rsa1" deprecated in Debian Buster from Open to In progress.
Sat, Oct 19, 1:06 AM · VyOS 1.3 Equuleus

Fri, Oct 18

jjakob added a comment to T1604: equuleus: buster: vbash: tab completion breaks.

@c-po I can't see the issue here, that seems like normal expected behavior (tabbing gives a list of all possible nodes, even the long ones?)
I agree that if there is a problem, it's for a separate issue and describe what the problem and expected behavior is in more detail there.

Fri, Oct 18, 8:59 PM · VyOS 1.3 Equuleus

Mon, Oct 14

jjakob added a comment to T1604: equuleus: buster: vbash: tab completion breaks.

@c-po can you provide a way to reproduce your issue?

Mon, Oct 14, 7:49 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1604: equuleus: buster: vbash: tab completion breaks.

https://github.com/vyos/vyatta-cfg/pull/19
This fixes the conf mode completion, at least in the bash cli shell.

Mon, Oct 14, 7:41 PM · VyOS 1.3 Equuleus

Sep 19 2019

jjakob added a comment to T1416: 2 dhcp server run in failover mode can't sync hostname with each other.

@thinkl33t you can run your own DNS server with dynamic update functionality, vyos's dhcp server will write the hostnames to it. Doing that is outside the scope of vyos though, and you'd have to think of security, e.g. can a rogue dhcp client DNS spoof your hostnames to do a MITM attack. Systems that do do dyn-dns updates, for example FreeIPA, usually use some sort of pre-shared keys/certificates on the clients (for authentication) and limit the scope to IP updates on preexisting hostnames only, they don't allow adding arbitrary hostnames. At least I'd limit the scope to add all dynamic dns updates to a single zone predefined expressly for that purpose, and not use that zone for any security-critical applications, like logging in to services or doing unauthenticated connections, where a MITM may scrape your sensitive data. I'd only do dyn-dns hostnames from dhcp on a DHCP network where I'm absolutely sure no rogue client could gain access to it, via the network or physically, and that is almost never useful.

Sep 19 2019, 4:33 PM · VyOS 1.3 Equuleus

Sep 7 2019

jjakob added a comment to T1604: equuleus: buster: vbash: tab completion breaks.

It still fails in config mode:

vyos@vyos# ls <TAB>
  Configuration path [-o] is not valid
  Set failed
Sep 7 2019, 9:12 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1604: equuleus: buster: vbash: tab completion breaks.

This PR fixes it for me: https://github.com/vyos/vyatta-op/pull/29

Sep 7 2019, 8:19 PM · VyOS 1.3 Equuleus

Sep 5 2019

jjakob added a comment to T1604: equuleus: buster: vbash: tab completion breaks.

The same, but on current (jessie):


The above 2 files can be diffed to see where the bug is triggered.
The _filedir function from /usr/share/bash-completion/bash_completion was changed, the offending part is:

reset=$(shopt -po noglob); set -o noglob
toks=( $( compgen -d -- "$cur" ) )
eval $reset

when eval is called, it expands to eval 'set -o noglob' which triggers _vyatta_op_run set -o noglob, which chokes on the input.
_vyatta_op_run was set up as alias for "set" in https://github.com/vyos/vyatta-op/blob/66753705b86a3d104dfe127d4dd2b904a54ab404/functions/interpreter/vyatta-op-run#L38

eval alias ${cmd:0:$pos}=\'_vyatta_op_run ${cmd:0:$pos}\'

due to "set" being part of the templates.

Sep 5 2019, 10:25 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1604: equuleus: buster: vbash: tab completion breaks.

Here's the output of set -x redirected to a file when doing "ls <TAB>" as root.


At first glance it seems like a call to "set -o tag" from within a script is interpreted as an argument to the template "set" node somewhere, which causes it to break.
If anyone wants to dig in to vyatta-op, this is a starting point.

Sep 5 2019, 12:18 AM · VyOS 1.3 Equuleus

Sep 4 2019

jjakob created T1634: Commit fails when changing policy route "set table" and adding the table at the same time, results in config deadlock.
Sep 4 2019, 3:59 PM

Sep 2 2019

jjakob added a comment to T1620: Leases in "show dhcp server leases" lose Pool and Hostname after some time.

Here's the sanitized dhcp-server config.

Sep 2 2019, 7:00 PM · VyOS 1.2 Crux (VyOS 1.2.4), VyOS 1.3 Equuleus
jjakob added a comment to T1620: Leases in "show dhcp server leases" lose Pool and Hostname after some time.

On my routers they are definitely missing from /config/dhcpd.leases. I have some static host mappings in the config too. I also confirmed the "on commit set shared-networkname" line is in dhcpd.conf.

Sep 2 2019, 6:07 PM · VyOS 1.2 Crux (VyOS 1.2.4), VyOS 1.3 Equuleus

Aug 31 2019

jjakob added a comment to T169: Image install should put correct serial console device in created grub menuentry.

+1 to this. I have VyOS running on several serial-console-only devices (they do have a graphics card on the chipset but it has no connector and is disabled in BIOS).
The console works in GRUB and once fully booted (login screen) but the boot console messages (kernel) still go to the video console. I have console device ttyS0 set in config, but every "install system image" resets the GRUB default entry to KVM console.

Aug 31 2019, 6:39 PM · VyOS 1.3 Equuleus

Aug 30 2019

jjakob created T1620: Leases in "show dhcp server leases" lose Pool and Hostname after some time in the S1 VyOS Public space.
Aug 30 2019, 9:54 AM · VyOS 1.2 Crux (VyOS 1.2.4), VyOS 1.3 Equuleus

Aug 28 2019

jjakob added a comment to T1586: OpenVPN add IPv6 support to tunnels.

Adding "tls-crypt" and in the upcoming 2.5 release "tls-crypt-v2" options would also be desirable.

Aug 28 2019, 10:25 PM · VyOS 1.3 Equuleus

Aug 24 2019

jjakob added a comment to T1611: Migration to latest rolling fails with vyos.configtree.ConfigTreeError: Path [b'interfaces bridge br0 igmp-snooping querier'] doesn't exist.

https://github.com/vyos/vyos-1x/pull/116

Aug 24 2019, 9:53 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1611: Migration to latest rolling fails with vyos.configtree.ConfigTreeError: Path [b'interfaces bridge br0 igmp-snooping querier'] doesn't exist.

vyos-1x src/migration-scripts/interfaces/0-to-1 line 41:
https://github.com/vyos/vyos-1x/blob/2f3aa28f259ee7f23ef8a4a091db8ced2202bbd8/src/migration-scripts/interfaces/0-to-1#L41:

# igmp-snooping: check if enabled
igmp_val = config.return_value(base + [br, 'igmp-snooping', 'querier'])

This should be preceded by a if config.exists, as should line 33:

    # STP: check if enabled
        stp_val = config.return_value(base + [br, 'stp'])
`
Aug 24 2019, 9:39 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1556: Rewrite Bridge in new style XML syntax.

The interface/0-to-1 migration script is failing on upgrade (T1611).

Aug 24 2019, 9:34 PM · VyOS 1.3 Equuleus
jjakob updated subscribers of T1156: VyOS sticker templates.

@c-po The above commits should reference T1556, probably a typo.

Aug 24 2019, 9:31 PM · Core Community
jjakob added a comment to T1608: bridge: Bridge adding non existing interfaces is allowed but does not work.

Would something like https://openwrt.org/docs/techref/netifd be useful? The drawback that it's dependent on ubus https://openwrt.org/docs/techref/ubus

Aug 24 2019, 9:20 PM · VyOS 1.3 Equuleus
jjakob created T1612: dhcp-server time-offset fails to validate in the S1 VyOS Public space.
Aug 24 2019, 8:56 PM · VyOS 1.3 Equuleus
jjakob created T1611: Migration to latest rolling fails with vyos.configtree.ConfigTreeError: Path [b'interfaces bridge br0 igmp-snooping querier'] doesn't exist in the S1 VyOS Public space.
Aug 24 2019, 8:13 PM · VyOS 1.3 Equuleus

Jul 19 2019

jjakob added a comment to T1331: DNS stops working.

I'll set up monitoring, sure.

Jul 19 2019, 5:46 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1435: Make ip-address [OPTIONAL] (in dhcp-server -> static-mapping) to cope with "unfriendly" client-hostnames of IoT-Devices.

Can be set to finished on 1.3 Equuleus

Jul 19 2019, 5:23 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1331: DNS stops working.

That's unfortunate. I've had to restart dns every few days at some clients due to an outage because of this bug. It would be not nice if it were to regress. Is there a way to build on buster with newer packages?

Jul 19 2019, 4:37 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1376: Change dhcp lease couting funcition.

PR https://github.com/vyos/vyos-1x/pull/91

Jul 19 2019, 12:39 AM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus

Jul 18 2019

jjakob added a comment to T1440: Creating two DHCPv6 shared-network-names with the same subnet is allowed, causes dhcpd to fail to start..

Even if it was allowed, dhcpd would fail to start with the generated config so it shouldn't be a problem? Unless some had their invalid config kept even with broken dhcp-server, which I doubt.
It would be fixed first in current, of course. It's not a priority for me so I won't be tackling it.

Jul 18 2019, 10:09 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus

Jul 16 2019

jjakob added a comment to T1527: Typo in dhcpv6-server description.

This is already fixed in the latest rolling images (equuleus).

Jul 16 2019, 11:50 PM · VyOS 1.2 Crux (VyOS 1.2.3)

Jul 4 2019

jjakob changed the status of T1470: improve output of "show dhcpv6 server leases" from In progress to Backport candidate.
Jul 4 2019, 10:48 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob added a comment to T1435: Make ip-address [OPTIONAL] (in dhcp-server -> static-mapping) to cope with "unfriendly" client-hostnames of IoT-Devices.

Fix is commited in current branch (rolling/Equuleus), it can be tested with the latest rolling build and task status updated.

Jul 4 2019, 10:40 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1499: Move nic to mac mapping out of the configuration file.

Also to consider, if going to a different naming scheme: https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/

Jul 4 2019, 2:04 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1491: Primary interface for bond not getting configured on VyOS 1.2.0 / 1.2.1.

mode 802.3ad doesn't support setting a primary interface.

Jul 4 2019, 11:34 AM
jjakob triaged T1506: commit-archive scp/sftp public key authentication as Wishlist priority.
Jul 4 2019, 11:07 AM · VyOS 1.3 Equuleus
jjakob created T1506: commit-archive scp/sftp public key authentication in the S1 VyOS Public space.
Jul 4 2019, 11:06 AM · VyOS 1.3 Equuleus
jjakob added a comment to T1499: Move nic to mac mapping out of the configuration file.

I had a few (one or two) cases where I did a rolling-to-rolling offline migration (installed the new rolling to a clean drive and copied the old config dir into new image's /boot/<image>/rw/) that the interface naming got completely screwed up, creating new eth devices in the config with higher numbers and leaving the config defined ones inactive, I then had to rescue the situation manually on console (don't remember how exactly). I probably should've created a issue then but I was just glad it was over with. Hopefully this does something to improve the situation as I'm now hesitant to do remote upgrades for fear of losing connectivity...

Jul 4 2019, 8:00 AM · VyOS 1.3 Equuleus

Jun 28 2019

jjakob added a comment to T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id.

Putting the migration script on hold until I can get sample configs for "service dhcp6-server static-mapping identifier ..." and related host entries in /etc/dhcp/dhcpdv6.conf from an old vyos version with the old vyatta-cfg-dhcp-server scripts.
In particular if it was possible to set quoted strings as identifier which would be set unchanged in dhcpd6.conf, this would necessitate detecting whether the identifier was a quoted string or not, and converting the string to hex. If it wasn't possible to set quoted strings the migration script is not necessary.

Jun 28 2019, 5:51 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus

Jun 26 2019

jjakob added a comment to T1416: 2 dhcp server run in failover mode can't sync hostname with each other.
In T1416#38821, @zsdc wrote:

I have checked behavior in 4.3.5 and 4.4.1 versions. The information about hostname is still not synced from primary to secondary.

I wonder if this was even ever a working feature. Perhaps check the source of isc-dhcp.

As I see from the information in the Debian bug report, it is about the other bug - when hostname not rewritten after offering lease. From the ISC-DHCP changelog:

This corrects an issue where leases that were offered but ignored retained the client hostname from the original client.

Also, I have found another one problem - there is no trigger in the failover mechanism to run external commands, which are using for hostname updates. This means that, even if hostname would be synced via failover, this will be not enough for updating information inside the hosts.
Therefore, due to lack of functionality inside the ISC-DHCP syncing hostnames inside the hosts file via DHCP failover is currently impossible in the VyOS.

Yeah, I'd mark this not-a-bug. Update the documentation to mention hosts file update with failover doesn't maintain consistent state between failover servers.

Jun 26 2019, 11:37 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1376: Change dhcp lease couting funcition.

@zsdc I'm thinking of partially rewriting show_dhcp.py soon. You can wait a few days if it's not urgent.
@dongjunbo please attach your /config/dhcpd.leases as a file so we can test the code against it. You can sanitize it manually of MAC addresses if you prefer.

Jun 26 2019, 5:08 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob moved T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id from Finished to Need Triage on the VyOS 1.3 Equuleus board.
Jun 26 2019, 12:33 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob added a comment to T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id.

Since this changed dhcp6.client-id to only accept colon-separated hex lists, configs that still have the strings will fail to apply, leading to nonworking configs.
Should we bump the dhcp-server vyatta-config-version and write a migration script?
Shouldn't there be a separate dhcpv6-server/relay vyatta-config-version? Perhaps the migration script could add those.

Jun 26 2019, 12:31 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus

Jun 25 2019

jjakob added a comment to T1416: 2 dhcp server run in failover mode can't sync hostname with each other.

I think this is https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=810971
Fixed in isc-dhcp 4.3.4-1 so pulling in newer isc-dhcp should fix it.

Jun 25 2019, 11:36 AM · VyOS 1.3 Equuleus

Jun 24 2019

jjakob created T1487: DNS (pdns_recursor) stats logs not saved to disk in the S1 VyOS Public space.
Jun 24 2019, 9:58 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1383: Cannot use quotes for openvpn-option --route-up.

I think this is a parser issue

vyos@vyos# set interfaces openvpn vtun0 openvpn-option "route-up \"echo arg1 arg2\""
Jun 24 2019, 6:38 PM · VyOS 1.3 Equuleus
jjakob moved T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id from Need Triage to Finished on the VyOS 1.3 Equuleus board.
Jun 24 2019, 6:24 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob changed the status of T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id from In progress to Backport candidate.
Jun 24 2019, 6:23 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob updated the task description for T1481: When deleting and re-adding a configuration node with the same value, exit and save still say configuration has been modified.
Jun 24 2019, 6:07 PM · VyOS 1.3 Equuleus
jjakob created T1481: When deleting and re-adding a configuration node with the same value, exit and save still say configuration has been modified in the S1 VyOS Public space.
Jun 24 2019, 6:06 PM · VyOS 1.3 Equuleus
jjakob changed the status of T1421: OpenVPN client push-route stopped working, needs added quotes to fix from Open to In progress.

https://github.com/vyos/vyatta-openvpn/pull/11
Tested working on current rolling

Jun 24 2019, 5:39 PM · VyOS 1.2 Crux (VyOS 1.2.4), VyOS 1.3 Equuleus
jjakob added a comment to T1470: improve output of "show dhcpv6 server leases".

https://github.com/vyos/vyos-1x/pull/77
tested working on rolling (current)

Jun 24 2019, 12:13 AM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus

Jun 23 2019

jjakob updated subscribers of T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id.
Jun 23 2019, 11:55 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob added a comment to T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id.

Tested working on 1.2.0-rolling+201906210337

Jun 23 2019, 11:52 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob added a comment to T1331: DNS stops working.

Still present on 1.2.0-rolling+20190616
Some domains were still working normally while most returned SERVFAIL.

Jun 23 2019, 1:38 PM · VyOS 1.3 Equuleus

Jun 22 2019

jjakob added a comment to T1470: improve output of "show dhcpv6 server leases".

https://kb.isc.org/docs/isc-dhcp-44-manual-pages-dhcpdleases#the-dhcpv6-lease-ia-declaration
isc-dhcpd can store IANA_DUID either as octal string (default) or hex, as set by lease-id-format parameter.
python-isc-dhcp-leases currently only supports string type, so it internally parses it into hex. We need to parse it again to add colons to unify with isc-dhcp hex format.
If python-isc-dhcp-leases were improved to add hex type support, we could set lease-id-format to hex and do away with all this parsing.

Jun 22 2019, 4:17 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob updated the task description for T1470: improve output of "show dhcpv6 server leases".
Jun 22 2019, 4:02 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob changed the subtype of T1470: improve output of "show dhcpv6 server leases" from "Task" to "Enhancement".
Jun 22 2019, 3:16 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob changed the status of T1470: improve output of "show dhcpv6 server leases" from Open to In progress.
Jun 22 2019, 3:15 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob added a comment to T1433: "show dhcpv6 server leases" shows leases from wrong file.

With https://github.com/vyos/vyos-1x/pull/74 tested working on crux.

Jun 22 2019, 2:59 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS 1.3 Equuleus

Jun 21 2019

jjakob added a comment to T1434: Add support for global-parameters, shared-network-parameters, subnet-parameters and static-mapping-parameters in dhcpv6-server as already implemented in (v4) dhcp-server.

Looking at the dhcp_server.py for reference, I see the *-parameters were considered to be deprecated:

# HACKS AND TRICKS
#
# check for 'raw' ISC DHCP parameters configured by users
# actually this is a bad idea in general to pass raw parameters
# from any user
#
# deprecate this and issue a warning like we do for DNS forwarding?
if conf.exists('shared-network-parameters'):
    config['network_parameters'] = conf.return_values('shared-network-parameters')

Now I'm not sure whether this would be a welcome addition to dhcpv6 server.
My particular use-case that I considered this for is assigning per-static-mapping DNS server config (manually migrating clients enrolled into a IPA domain means I have to have some clients pointed to old DNS servers and some to new, currently I get by with setting static v6 addresses on the clients)

Jun 21 2019, 8:00 PM · VyOS 1.3 Equuleus

Jun 16 2019

jjakob added a comment to T1433: "show dhcpv6 server leases" shows leases from wrong file.

@c-po Line 115 and 116 of src/conf_mode/dhcpv6_server.py (that generate /etc/default/isc-dhcpdv6-server) still reference the dhcpd6 name and would need to be changed also.
Are you sure we should change all these filenames and the leases filename without migrating it? I guess if you wanted the naming with "dhcpv6" consistent, but IMO it's unnecessary.
The alternative would be to just fix src/op_mode/show_dhcpv6.py and keep the old lease file naming, thus not breaking the cache on upgrade for all users.
I'll create a PR with the version you decide...

Jun 16 2019, 7:50 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS 1.3 Equuleus
jjakob added a comment to T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id.

Closed PR and reopened in https://github.com/vyos/vyos-1x/pull/72 due to creating a new branch

Jun 16 2019, 7:22 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob claimed T1433: "show dhcpv6 server leases" shows leases from wrong file.
Jun 16 2019, 6:56 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS 1.3 Equuleus
jjakob added a comment to T1433: "show dhcpv6 server leases" shows leases from wrong file.

@c-po The commits only fix the generated config filename, not the one used by dhcpd (set in /etc/default/isc-dhcpdv6-server) so it would probably break the dhcpv6-server. Even if both were updated, that would cause the server to forget all the cached leases on upgrade that are stored in the old leases file as there is no migration script to copy the old filename to new.

Jun 16 2019, 6:55 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS 1.3 Equuleus
jjakob renamed T1434: Add support for global-parameters, shared-network-parameters, subnet-parameters and static-mapping-parameters in dhcpv6-server as already implemented in (v4) dhcp-server from Add support for static-mapping-parameters in dhcpv6-server as it's already implemented in (v4) dhcp-server to Add support for global-parameters, shared-network-parameters, subnet-parameters and static-mapping-parameters in dhcpv6-server as already implemented in (v4) dhcp-server.
Jun 16 2019, 5:57 PM · VyOS 1.3 Equuleus
jjakob changed the status of T1434: Add support for global-parameters, shared-network-parameters, subnet-parameters and static-mapping-parameters in dhcpv6-server as already implemented in (v4) dhcp-server from Open to In progress.
Jun 16 2019, 5:55 PM · VyOS 1.3 Equuleus
jjakob triaged T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id as High priority.

Change priority to high as the bug makes DHCPv6 static mappings inoperable.

Jun 16 2019, 5:34 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob added a comment to T1189: [Security Advisory] PowerDNS Recursor 4.1.9 Released.

vyos 1.2.0-rolling+201906161308 has pdns_recursor 4.1.14, should this be marked as fixed?

Jun 16 2019, 5:33 PM · VyOS 1.2 Crux ( VyOS 1.2.0-EPA)
jjakob changed the status of T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id from Open to In progress.

https://github.com/vyos/vyos-1x/pull/71

Jun 16 2019, 5:29 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob added a comment to T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id.

ISC-dhcp can parse this option either as a quoted string or colon-separated hex list. common/tables.c

Jun 16 2019, 2:48 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob claimed T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id.
Jun 16 2019, 2:24 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob created T1440: Creating two DHCPv6 shared-network-names with the same subnet is allowed, causes dhcpd to fail to start..
Jun 16 2019, 1:49 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus
jjakob created T1439: DHCPv6 static-mappings not working due to excess quotes around dhcp6.client-id.
Jun 16 2019, 12:56 PM · VyOS 1.2 Crux (VyOS 1.2.3), VyOS 1.3 Equuleus

Jun 12 2019

jjakob created T1434: Add support for global-parameters, shared-network-parameters, subnet-parameters and static-mapping-parameters in dhcpv6-server as already implemented in (v4) dhcp-server.
Jun 12 2019, 1:59 PM · VyOS 1.3 Equuleus
jjakob added a comment to T1433: "show dhcpv6 server leases" shows leases from wrong file.

After some more investigation, dhcpd6.leases in /config/ and /opt/vyatta/etc/config/ are the same.
In the same config folder there's also dhcpdv6.leases (with the letter "v" before 6) that's a leftover from an older image.

-rw-r--r-- 1 root root       3262 Jun 12 14:55 dhcpd6.leases
-rw-r--r-- 1 root root       2615 Jun 12 14:23 dhcpd6.leases~
-rw-r--r-- 1 root root      27726 Jun 12 14:30 dhcpd.leases
-rw-r--r-- 1 root root      28072 Jun 12 14:22 dhcpd.leases~
-rwxrwxr-x 1 root vyattacfg  8141 Oct 27  2018 dhcpdv6.leases
-rwxrwxr-x 1 root vyattacfg 17618 Oct 27  2018 dhcpdv6.leases~

If I delete these two, I get a nice traceback when running show dhcpv6 server leases:

vyos@vyos:~$ show dhcpv6 server leases 
Traceback (most recent call last):
  File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 81, in <module>
    leases = get_leases(lease_file, state='active')
  File "/usr/libexec/vyos/op_mode/show_dhcpv6.py", line 44, in get_leases
    leases = IscDhcpLeases(lease_file).get()
  File "/usr/lib/python3/dist-packages/isc_dhcp_leases/iscdhcpleases.py", line 110, in get
    with open(self.filename) as lease_file:
FileNotFoundError: [Errno 2] No such file or directory: '/config/dhcpdv6.leases'

So it seems that at some point the dhcpd leases filename was changed without updating the name everywhere else (and leaving the old files dangling).

Jun 12 2019, 1:19 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS 1.3 Equuleus
jjakob updated the task description for T1433: "show dhcpv6 server leases" shows leases from wrong file.
Jun 12 2019, 1:15 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS 1.3 Equuleus
jjakob created T1433: "show dhcpv6 server leases" shows leases from wrong file.
Jun 12 2019, 12:12 PM · VyOS 1.2 Crux (VyOS 1.2.2), VyOS 1.3 Equuleus

May 31 2019

jjakob created T1421: OpenVPN client push-route stopped working, needs added quotes to fix.
May 31 2019, 2:48 PM · VyOS 1.2 Crux (VyOS 1.2.4), VyOS 1.3 Equuleus

May 4 2019

jjakob added a comment to T1331: DNS stops working.

I've had this bug occur on 1.2.0-rc11, at one site (with moderately high load) at least once a day, and at the second site (with small load) only once after several months.
After upgrading to the latest 1.2.0 rolling release I've had no issues any more, however the bug may still remain.
It may have something to do with DNSSEC setting as the second system that ran flawlessly for months before started doing it immediately after setting dnssec=validate.

May 4 2019, 7:17 PM · VyOS 1.3 Equuleus

Dec 16 2018

jjakob created T1107: Grub: no input from serial console (menu doesn't respond to keystrokes).
Dec 16 2018, 10:26 PM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-EPA3)

Nov 28 2018

jjakob added a comment to T1054: Webproxy commit failed: Can't touch /var/log/squid/blacklist.log: No such file or directory.

Creating /var/log/squid (sudo mkdir /var/log/squid) allows the commit to complete.

Nov 28 2018, 1:15 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc9)
jjakob created T1054: Webproxy commit failed: Can't touch /var/log/squid/blacklist.log: No such file or directory.
Nov 28 2018, 1:10 AM · VyOS-1.2.0-GA, VyOS 1.2 Crux (VyOS 1.2.0-rc9)