User Details
- User Since
- Jun 9 2021, 3:23 PM (55 w, 3 d)
Tue, Jun 28
Sun, Jun 26
Tue, Jun 21
PR for 1.4: https://github.com/vyos/vyos-1x/pull/1367
Wed, Jun 15
Tue, Jun 14
Since in previous version set protocols nhrp tunnel tun0 cisco-authentication "" was allowed, a migration script is required. Otherwise, when upgrading, configuration fails.
Sat, Jun 11
Extra checks are needed not only when attaching a policy route to an interface, but also when attaching firewall.
For example:
[email protected]# set firewall name FOO rule 10 action accept [edit] [email protected]# set firewall name FOO rule 10 destination group address-group NOAG [edit] [email protected]# commit
Fri, Jun 10
Same as Viacheslav. No issues on my tests in Ubuntu.
Yes. New 1.4 has more restricted checks on addresses and networks.
Actually, if you are using /22, the correct network for this case is 192.168.44.0/22.
You can use this online tool for checking ipv4 networks and subnets.
Thu, Jun 9
Sun, Jun 5
Added more options. PR https://github.com/vyos/vyos-1x/pull/1350
Sat, Jun 4
Fri, Jun 3
May 29 2022
Yes, you error with "root" user is a known issue: T4281.
May 28 2022
May 27 2022
For a better analysis, can you share your firewall and nat config without hidden data? You can send it to my email: [email protected]
May 15 2022
I agree that having a smoketest for WLB will be great. But, there are certain limitations/considerations:
May 12 2022
PR for docs: https://github.com/vyos/vyos-documentation/pull/771
May 11 2022
May 9 2022
May 6 2022
I was able to reproduce issue on latest VyOS 1.4-rolling-202205060217
Steps to reproduce:
1 - Fresh/clean vyos router
2 - Add interface configuration (dhcp on WANs and static IP addresses on LAN side), commit and save
3 - Add next WLB configuration:
Apr 29 2022
Apr 22 2022
Apr 21 2022
Apr 17 2022
Apr 16 2022
Apr 11 2022
Did similar tests with your big config >20k lines:
Apr 8 2022
Apr 7 2022
With shared config, I'm not getting high times while loading config (at least not that high as exposed in this task)
Thanks for sharing.
It this ok?
Can you share your config @daniel.arconada ?
Apr 5 2022
Applying patch from the PR I could not reproduce issue anymore
Apr 4 2022
Great.
In that case I suggest marking this invalid and close it
Apr 3 2022
Bug confirmed on 1.3.1-S1 and on 1.4-rolling-202203180317
Mar 30 2022
Issue found.
On freh 1.3.1-S1 intallation:
Mar 29 2022
Hi @freelancer . PR mentioned by @Viacheslav was merged on February 17, so fix should be included in 1.3.1
Mar 28 2022
@m.korobeinikov
Does your configuration include this scripts corrections? https://docs.vyos.io/en/equuleus/automation/command-scripting.html#executing-configuration-scripts
Mar 20 2022
Ok, thanks for the clarification.
I'm closing this task and marking it as resolved.
Mar 18 2022
@hakwerk . Is this solved in PR https://github.com/vyos/vyos-vm-images/pull/24 ??
Splitting ipv4 files, and just adding what needed. In my case, I extracted content from geoip-ipv4.nft and create and include file geoip-CA-ipv4.nft (Canada IPs)
After some custom build and POC, here's what I got:
- Filtering works, as shown in this table:
Can you share configuration that you are deleting? So far, I can't reproduce error
Mar 13 2022
Update download URL -> PR: https://github.com/vyos/vyos-vm-images/pull/26
Mar 12 2022
PR for 1.4: https://github.com/vyos/vyos-1x/pull/1247
Mar 11 2022
Mar 10 2022
A simplified validator that rejects non-ipv6 address range (still lacks of 1st ipv6 minor than 2nd address validator):
For 1.4, problem is in ipv6-range validator, which accepts lots of values that should be considered as invalid:
Mar 7 2022
Mar 4 2022
Feb 26 2022
Feb 25 2022
This situation is worst, since ipset exposed the error, but vyos cli accepts it, and remains in the running configuration:
Feb 23 2022
Tested on VyOS 1.4-rolling-202202150317:
I think this task can be marked as resolved, but before doing that, anything else @artooro ? Were you able to test it?
@pvanberlo Can you share more info on how we can reproduce this issue?
I wasn't able to reproduce the issue.
I installed 3 times VyOS 1.3.0 version on Proxmox:
Feb 22 2022
Explanation on how to reproduce this error:
- On fresh install on 1.2.8 (more parameter may be needed to be able to upgrade router):
set interfaces input ifb042 set interfaces ethernet eth0 vif 42 address 203.0.113.47/32 set interfaces ethernet eth0 vif 42 redirect 'ifb042'
Then add and install 1.3.0 vyos image, and reboot.
Same problem when downgrading from 1.3.0 to 1.2.8
Can confirm the problem.
Also, when bootting on 1.3.0 version, and trying to load pre-migration config file, it's also not possible.
Removing "redirect" entry from pre-migration file, configurations loads correctly.
Once configuration was loaded, "redirect" command con be inserted once again in cli, and it is accepted.
Feb 21 2022
- Negated ports: erros while writing command.
For example:
Feb 15 2022
Comman "show conntrack ..." not available any more in latest?