Page MenuHomeVyOS Platform

roedie (Sander Klein)
User

Projects

User does not belong to any projects.

User Details

User Since
Jul 29 2022, 1:49 PM (9 w, 6 d)

Recent Activity

Sun, Sep 18

roedie claimed T4639: Crowdsec in VyOS (Blocking only).
Sun, Sep 18, 5:57 PM · VyOS 1.4 Sagitta

Sat, Sep 17

roedie moved T4526: keepalived-fifo.py unable to load config from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sat, Sep 17, 8:34 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie moved T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 from Need Triage to Finished on the VyOS 1.4 Sagitta board.
Sat, Sep 17, 8:31 PM · VyOS 1.4 Sagitta
roedie closed T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3 as Resolved.

It works for me (tm)

Sat, Sep 17, 8:30 PM · VyOS 1.4 Sagitta

Sat, Sep 10

roedie added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.
In T1185#133944, @sdev wrote:

A similar syntax change is in progress as part of a larger firewall refactor. It should reach the 1.4 branch in a week or so. It should allow for any valid existing interface name.

Sat, Sep 10, 6:31 PM · VyOS 1.3 Equuleus (1.3.3)
roedie added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

Or, come to think, some free from of set interfaces unknown <typeyourownname> firewall local name <ruleset> where you can only config stuff that doesn't really depend on an interface.

Sat, Sep 10, 6:17 PM · VyOS 1.3 Equuleus (1.3.3)
roedie added a comment to T1185: Firewall rulesets are ignored in RFC-compliant VRRP setups.

Just a suggestion, would it be a weird idea to move the firewall config from the interface section to the firewall section? A bit like the zone config. So something like:

Sat, Sep 10, 6:09 PM · VyOS 1.3 Equuleus (1.3.3)

Thu, Sep 8

roedie closed T4526: keepalived-fifo.py unable to load config as Resolved.

I've tested this and it seems to work correctly.

Thu, Sep 8, 5:11 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie added a comment to T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3.

The interface naming is incorrect after this change for the second interface with the same VRID. It breaks show int.

Thu, Sep 8, 2:54 PM · VyOS 1.4 Sagitta

Sep 2 2022

roedie added a comment to T3933: The firewall does not filter incoming traffic on the interface with vrf..

In case of filtering on a VRF, would it be an idea to use the MAC address instead of the interface name in the rule?

Sep 2 2022, 7:45 PM · VyOS 1.3 Equuleus (1.3.3), VyOS 1.4 Sagitta
roedie added a comment to T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3.

https://github.com/vyos/vyos-documentation/pull/845 for docs

Sep 2 2022, 7:13 PM · VyOS 1.4 Sagitta
roedie added a comment to T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3.

I will modify the docs.

Sep 2 2022, 10:17 AM · VyOS 1.4 Sagitta

Sep 1 2022

roedie added a comment to T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3.

I do see I need to update the docs. Will do if this change is going to be merged.

Sep 1 2022, 9:46 AM · VyOS 1.4 Sagitta
roedie created T4665: Keepalived cannot use same VRID for VRRPv2 and VRRPv3.
Sep 1 2022, 9:16 AM · VyOS 1.4 Sagitta

Aug 23 2022

roedie added a comment to T4635: Add zebra option ip nht resolve-via-default as default option.

While reading the FRR docs I see it is only used in BGP and nowhere else. That would make something like set protocols bgp parameters next-hop-track resolve-via-default logical.

Aug 23 2022, 4:13 PM · VyOS 1.4 Sagitta
roedie created T4639: Crowdsec in VyOS (Blocking only).
Aug 23 2022, 2:18 PM · VyOS 1.4 Sagitta
roedie added a comment to T4635: Add zebra option ip nht resolve-via-default as default option.

@Viacheslav Do you just want this option added to the zebra config, or you it also be possible to enable/disable this via the conf mode?

Aug 23 2022, 1:02 PM · VyOS 1.4 Sagitta

Aug 22 2022

roedie added a comment to T4526: keepalived-fifo.py unable to load config.

https://github.com/vyos/vyos-1x/pull/1486 try#2

Aug 22 2022, 7:51 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie added a comment to T4526: keepalived-fifo.py unable to load config.

I've create a PR which does the retry part. It retries 10 time every 0.5 seconds until it succeeds or it's out of retries.

Aug 22 2022, 4:14 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie added a comment to T4526: keepalived-fifo.py unable to load config.

The problem here seems to be that keepalived is started before the complete commit is finished. So conf.get_config_dict() fails to get the config.

Aug 22 2022, 2:21 PM · vyos-keepalived, vyatta-vrrp, VyOS 1.4 Sagitta
roedie added a comment to T4633: Change keepalived to v2.2.7.

Created PR for this https://github.com/vyos/vyos-build/pull/256

Aug 22 2022, 1:20 PM · VyOS 1.4 Sagitta
roedie added a comment to T4634: Bgp neighbor disable-connected-check does not work.

Hi, I've created https://github.com/vyos/vyos-1x/pull/1483 for this one.

Aug 22 2022, 11:28 AM · VyOS 1.4 Sagitta

Aug 21 2022

roedie created T4633: Change keepalived to v2.2.7.
Aug 21 2022, 7:04 PM · VyOS 1.4 Sagitta

Jul 31 2022

roedie created T4581: 'show system cpu' not working.
Jul 31 2022, 7:42 PM · VyOS 1.4 Sagitta