Page MenuHomeVyOS Platform

runar (Runar Borge)
User

Projects

User Details

User Since
Jun 7 2018, 9:21 PM (301 w, 4 d)

Recent Activity

Tue, Feb 27

runar reopened T5080: Conntrack enabled by default, a subtask of T5160: Firewall refactor, as Open.
Tue, Feb 27, 5:12 PM · VyOS 1.4 Sagitta
runar reopened T5080: Conntrack enabled by default as "Open".

Reopened on @Apachez request

Tue, Feb 27, 5:12 PM · VyOS 1.4 Sagitta

Feb 2 2024

mark22k awarded T766: Implement support for the Tinc VPN daemon a Like token.
Feb 2 2024, 10:19 AM

Jan 27 2024

runar created T5993: DHCP6: no leases are created unless specifying a "interface" on the zone.
Jan 27 2024, 6:05 PM · VyOS 1.5 Circinus
runar created T5992: DHCP: show dhcp server leases not showing all leases.
Jan 27 2024, 5:50 PM · VyOS 1.5 Circinus

Nov 18 2023

runar added a comment to T5757: Embedded: Allow ethernet names lanX, wan, sfpX.

ahh.. looking at it now it looks like the new upstream DTB uses lanX for all "lan" switchports..

Nov 18 2023, 10:11 AM · VyOS 1.5 Circinus
runar added a comment to T5757: Embedded: Allow ethernet names lanX, wan, sfpX.

Enumaration order and names are specified here:
DSA switch ports: https://github.com/torvalds/linux/blob/master/arch/arm64/boot/dts/mediatek/mt7986a-bananapi-bpi-r3.dts#L408-L459
CPU Ethernet ports: https://github.com/torvalds/linux/blob/master/arch/arm64/boot/dts/mediatek/mt7986a-bananapi-bpi-r3.dts#L171-L198

Nov 18 2023, 9:54 AM · VyOS 1.5 Circinus
runar added a comment to T5757: Embedded: Allow ethernet names lanX, wan, sfpX.

@Apachez no, they are not mapped by hw-id, all mapping of DSA ports are done by the DTB file (Hardware Device Tree) loaded into the kernel. also the enumeration order of cpu ethX interfaces are specified by the DTB file

Nov 18 2023, 9:47 AM · VyOS 1.5 Circinus

Nov 17 2023

runar created T5757: Embedded: Allow ethernet names lanX, wan, sfpX.
Nov 17 2023, 10:15 PM · VyOS 1.5 Circinus

Sep 15 2022

runar created T4697: policy route: Generating ConfigError failes when tcp flag is missing on set tcp-mss rule commit.
Sep 15 2022, 7:39 PM · VyOS 1.4 Sagitta

Nov 3 2021

runar claimed T3965: arm: Extend configure scripts to allow for arm builds.
Nov 3 2021, 8:13 PM · VyOS 1.4 Sagitta
runar created T3965: arm: Extend configure scripts to allow for arm builds.
Nov 3 2021, 8:00 PM · VyOS 1.4 Sagitta

Aug 4 2021

runar created T3721: ARM64: 1.4: Fastnetmon in current is a precompiled custom "blob" and amd64 only. (blocks all arm64 builds).
Aug 4 2021, 4:51 PM · VyOS 1.4 Sagitta

May 11 2021

runar added a comment to T3534: VLAN cannot be both `allowd-vlan` and `native-vlan`.

I agree with @c-po, no warning is needed inbthis case

May 11 2021, 5:18 PM · VyOS 1.4 Sagitta
runar added a comment to T3534: VLAN cannot be both `allowd-vlan` and `native-vlan`.

Please make it so when both are present the native-vlan command is used.. do not throw an exception as this would make configuration much harder, as a eg. allow-vlan 1-4096, native-vlan 50 will be impossible to configure... Splitting up the allow-vlan and redoing it just to change native-vlan is work that the scripts should do in the backend and not have the user do it

May 11 2021, 5:55 AM · VyOS 1.4 Sagitta

May 5 2021

runar closed T3486: sagita: arm64: kernel: Extend Kernel pipeline to build arm64 packages. as Resolved.

Kernel pipeline merged

May 5 2021, 7:34 PM

Apr 19 2021

runar renamed T3486: sagita: arm64: kernel: Extend Kernel pipeline to build arm64 packages. from sagita: arm64: kernel-build: Extend Kernel pipeline to build arm64 packages. to sagita: arm64: kernel: Extend Kernel pipeline to build arm64 packages. .
Apr 19 2021, 8:12 AM
runar changed the status of T3486: sagita: arm64: kernel: Extend Kernel pipeline to build arm64 packages. from Open to In progress.
Apr 19 2021, 8:12 AM

Mar 30 2021

runar renamed T3448: Loading vyos on a system without xdp installed fails from Loading vyos on a non-xdp system fails to Loading vyos on a system without xdp installed fails.
Mar 30 2021, 7:52 AM · VyOS 1.4 Sagitta
runar created T3448: Loading vyos on a system without xdp installed fails.
Mar 30 2021, 7:52 AM · VyOS 1.4 Sagitta

Mar 28 2021

runar assigned T3441: More intelligent config loading scripts to jestabro.
Mar 28 2021, 10:10 PM · VyOS 1.5 Circinus
runar created T3441: More intelligent config loading scripts.
Mar 28 2021, 10:10 PM · VyOS 1.5 Circinus

Mar 15 2021

runar added a comment to T3409: Add back TCP-MSS Clamp to PMTU.

What about this? https://docs.vyos.io/en/latest/configuration/firewall/index.html?highlight=Mss#tcp-mss-clamping

Mar 15 2021, 6:15 AM · VyOS 1.4 Sagitta

Mar 10 2021

runar added a comment to T3399: RPKI: dashes in hostnames are replaced with underscores when rendering the FRR config.

The fix submitted is not working as intended.. both - and _ are allowed characters in dns, so this this break dns names with _ in them. Before anyone complains, rfc952 that sets the name definition disallows use of underscore in hostnames and top level domains, not subdomains where the use is fully valid

Mar 10 2021, 6:55 PM · VyOS 1.3 Equuleus (1.3.0)

Feb 21 2021

runar added a comment to T3344: Per VRF dynamic routing support.

Ahh.. yea, i see that now.. i've never done this, so cant say how it work.. but as i can se this is still the same process, so my answer is still the same.... Actually this migth be a good reason for migrating set protocols bgp <asn> to its own local-as <asn> subnode, so the AS is not hardcoded in the configpath

Feb 21 2021, 6:27 PM · VyOS 1.4 Sagitta
runar added a comment to T3344: Per VRF dynamic routing support.

@Viacheslav in you example, what does set protocols bgp <asn> vrf do? if i'm reading it correctly it makes no sense as you do not start a new process, and the ASN for the vrf will be the asn of the global bgp process

Feb 21 2021, 9:05 AM · VyOS 1.4 Sagitta
runar added a comment to T3344: Per VRF dynamic routing support.

using set protocols ospf vrf ... makes it harder to show that this is actually multiple processes that co-exist on the router, but on the other hand if we are thinking about the config scripts that are going to execute all this the syntax set protocols ospf vrf.... makes more sense, because the normal ospf config_mode script can program both "global" and all the vrf's

Feb 21 2021, 9:03 AM · VyOS 1.4 Sagitta
runar added a comment to T3344: Per VRF dynamic routing support.

There are differences on vrf support in ospf,++ and BGP. the largest difference is that in IGP's you start a new process for each and every vrf you use. then the syntax set protocols vrf ospf.... makes kinda sense, but on BGP you are only using ONE process and the vrf is only a address-family inside the current process. and there the syntax set protocols bgp X vrf X makes most sense.

Feb 21 2021, 8:58 AM · VyOS 1.4 Sagitta

Feb 14 2021

runar added a comment to T2315: Ability to have right address-family for BGP peers..

In the new xml/py rewrite, do they disapear if you rerun the bgp configurator script? Eg. Can we execute frr-reload twice as a workaround?

Feb 14 2021, 5:07 PM · VyOS 1.4 Sagitta

Jan 14 2021

runar added a comment to T3216: Removal of restricted-shell broke configure mode for RADIUS users.

Some days ago a cleanup was done on 1.4 to clean away some old legacy code, it looks like this cleanup has removed a bit to much...
https://github.com/vyos/vyatta-cfg-system/pull/136

Jan 14 2021, 8:20 AM · VyOS 1.4 Sagitta

Jan 8 2021

runar added a comment to T1354: Add support for VLAN-Aware bridges.

@c-po

There is no need to use set interfaces bridge br1 vlan-aware, as soon as the vif node is present, it will be vlan aware. We should not randomly add all kinds of new CLI nodes.

Jan 8 2021, 6:49 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Jan 6 2021

runar added a comment to T1354: Add support for VLAN-Aware bridges.

I'm sorry for the delay in response but i've now have had time to look at your initial implementation of vlan-aware bridges.
As a first implementation your implementation in T3042 looks it look and feels quite good!
But i've noticed a few things, and have some questions and suggestions:

Jan 6 2021, 10:46 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Jan 5 2021

runar added a comment to T3173: Need 'nopmtudisc' option for tunnel interface.

As far as i know all our other "disable" commands starts wirh "disable-"

Jan 5 2021, 6:20 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.4 Sagitta

Dec 24 2020

runar added a comment to T3151: Decide on the final list of packages for 1.3.

vyatta-biosdevname:
https://github.com/vyos/vyatta-cfg-system/blob/ebbdfe44aa321a2de35ddccaa255d384a5fd99e4/scripts/vyatta_net_name#L96
Used for calculating initial interface order, to try getting a ordered list and not only the random init-order used by the kernel

Dec 24 2020, 7:54 PM · VyOS 1.3 Equuleus (1.3.0)

Dec 17 2020

runar added a comment to T3133: conf; policy prefix-list: ge is not allowed to be the same as prefix length.

In your example the use of ge is redundant as as you have allready specified a limiting subnettmask you cant go outside the boundry of the prefix specified.

Dec 17 2020, 4:42 PM

Dec 3 2020

runar added a comment to T3108: Section config overlapped match with FRRConfig.

To clarify the fault here. the smoketest is looking for the word "Config()" inside all conf_mode scripts without taking into account that this could be part of another name. the patch above modifies the behavior to not mat when a alpha-character is in front of the C in Config.
full regex: [^a-ZA-Z]Config\(\)

Dec 3 2020, 8:01 PM · VyOS 1.3 Equuleus (1.3.0)

Dec 2 2020

runar added a comment to T3096: Add a build option to disallow live CD boot.

Does this mean to to disallow installing the syslinux bootloader to the iso by default? The reason for asking is the arm builds we try to make, as syslinux is incompatible with arm, and a iso cant be generated for such a system as it tries to install syslinux when building the image.

Dec 2 2020, 5:59 AM · VyOS 1.4 Sagitta

Dec 1 2020

runar created T3103: Rewrite parts of vyos\frr.py for readability, logging and to fix mulitiline regex "bugs".
Dec 1 2020, 11:13 PM · VyOS 1.3 Equuleus (1.3.0)

Nov 27 2020

runar updated subscribers of T2744: igmp-proxy issue: Address already in use.

@Dmitry I dont really know if this is a good idea.
The reason for this is that the configuration synchronisation between frr daemons depends on the daemons started at the same time, and always running when global configuration is applied.. this is also one of the reasons why frr-daemons starts prior to vyos starting on bootup and not when a daemon is configured. I do not know if this will be a issue with PIM, so i'm not sure what will happen with this daemon.
as an example for such synctonization is a prefix-list.
If you start bgp and ospf and then create a prefix-list, the list will be created in both ospf and bgp.
If you start bgp , then create the prefix-list and then start ospf, ospf will not automatically add the prefix-list but when you show the combined configuration is is still show'ed as a global prefix-list.. to get the prefix-list into ospf you need to manually add the commands to the daemon to get in sync.

Nov 27 2020, 1:18 PM · VyOS 1.3 Equuleus (1.3.0)

Nov 15 2020

runar added a comment to T3071: Display VLAN mode information on the network interface.

In the example above you only included the header, could you extend the examples with example information you want to display there?

Nov 15 2020, 4:40 PM · VyOS 1.5 Circinus, VyOS 1.4 Sagitta

Nov 4 2020

runar added a comment to T3048: Drop static smp-affinity for a more dynamic way using tuned.

it sounds good to me.
I personally think the days with manually locking nic queues to cpu's is a bit outdated and we need something more dynamic.
After reading a bit on tuned i give my thumbs up

Nov 4 2020, 6:59 PM · VyOS 1.3 Equuleus (1.3.0)
runar added a comment to T3042: Support VLAN filter and VLAN sub-interface on the bridge.

@c-po i agree with using "native-vlan", but i dont agree on using "allowed-vlan".
"allowed-vlan" for me it dosn't actually describe that this vlan will be tagged on the port

Nov 4 2020, 6:47 PM · VyOS 1.3 Equuleus (1.3.0)
runar added a comment to T3042: Support VLAN filter and VLAN sub-interface on the bridge.

Hmm.. i have a few sugestions about the syntax.
The linux kernel allows the user to have different pvid vlan's on ingress and egress of a router port,.

  • this is if you ask me not a common use case and i think we should merge the pvid(ingress) and untagged(egress) so that they will be ONE command..
  • my second note is that the syntax shown above is quite verbose when creating a lot of vlan's and interfaces. consider creating 20 vlans on 5 ports, that will make a minimum of 100 lines of code in the config.

i would like to purpose a different syntax like this:

# Enable vlan filtering
set interfaces bridge br1 vlan
Nov 4 2020, 12:44 PM · VyOS 1.3 Equuleus (1.3.0)

Oct 18 2020

runar added a comment to T766: Implement support for the Tinc VPN daemon.

What information do you need access to from within op-mode?

Since restarting tinc requires resetting the interface, it means that you may need to get all the configuration information to call the update function settings of the interface class

Oct 18 2020, 1:53 PM
runar added a comment to T766: Implement support for the Tinc VPN daemon.

I hope to implement an operation mode command, but too many interface parameters are generated according to the configuration in the interface. I don't know how to call these existing configurations. Can I call the user's configuration information through config in operation mode?

It seems that we need to think about it now

Oct 18 2020, 1:32 PM
runar added a comment to T766: Implement support for the Tinc VPN daemon.

You can pull the host configuration in operation mode using the following command:

generate tinc tincN host-conf <user@service:/path>

Oct 18 2020, 1:30 PM
runar added a comment to T766: Implement support for the Tinc VPN daemon.

Note: my test found that when the server is in switch mode, the client cannot Ping to the peer in routing mode (more tests may be needed)

Oct 18 2020, 1:26 PM

Oct 14 2020

runar added a comment to T1663: T1656 equuleus: buster: arm64/aarch64: ipaddrcheck does not complete testing.

the issue is verified by soxrok2122 by using a stock ubuntu 20 host with the stock vyos/vyos-build:current-arm64 docker image

Oct 14 2020, 5:39 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
runar reopened T1663: T1656 equuleus: buster: arm64/aarch64: ipaddrcheck does not complete testing, a subtask of T476: Update the base system to Debian 10 (Buster), as Open.
Oct 14 2020, 5:36 PM · VyOS 1.3 Equuleus (1.3.0-epa1)
runar reopened T1663: T1656 equuleus: buster: arm64/aarch64: ipaddrcheck does not complete testing as "Open".

I'm reopening this issue as this seams to still be an issue. reported by user soxrok2212 on slack (#vyos-on-arm64)

Oct 14 2020, 5:36 PM · VyOS 1.3 Equuleus (1.3.0-epa1)

Oct 13 2020

runar added a comment to T766: Implement support for the Tinc VPN daemon.

I think we could generate private/public keys using openssl instead of using the tinc utility to generate it... But i have not tested it

Oct 13 2020, 4:10 PM

Oct 12 2020

runar added a comment to T766: Implement support for the Tinc VPN daemon.

placing the tinc deb in vyos-build/packages is appropriate while writing support for tinc, but for building on a production iso that is distribute it is not appropriate.. but it's quite easy to add the package to our own repository if we need that...

Oct 12 2020, 7:34 AM
runar added a comment to T766: Implement support for the Tinc VPN daemon.

The version of tinc vpn supplied with buster is 1.0.35, and 1.1-pre17 is only availabe in the experimental repository as for now. The first release of 1.1pre is from 2011 and i would say that it is quite mature at this point.

Oct 12 2020, 5:53 AM

Oct 1 2020

runar closed T2943: Wireguard allow use of hostname as endpoint as Wontfix.

This is disallowed by design by the VyOS team. the reason for this is partly because of the configuration order done by VyOS and how the dns lookup is handled by Wireguard.
Yes, the wg configuration utillity DOES handle DNS lookups, but NO, Wireguard does not handle them. This means that the DNS lookups is done once (and only once) when the wg command is executed on creation of the tunnel and then the resulting ip result is stored in wireguard. this results in the dns lookup will fail after a reboot of the VyOS device because it cant resolve the dns of the endpoint at that point (this is done before routing is enabled on the device)

Oct 1 2020, 12:28 PM · VyOS 1.2 Crux

Sep 4 2020

runar created T2856: equuleus: `show version all` throws broken pipe exception on abort.
Sep 4 2020, 7:41 AM · VyOS 1.3 Equuleus (1.3.0), VyOS 1.2 Crux

Sep 3 2020

runar added a comment to T2508: Enable user to configure a LUA script that modifies resolving in PowerDNS.

why don't we chang unbound to coredns ? Coredns will be more stronger thant unbound.

Sep 3 2020, 4:54 AM · VyOS 1.4 Sagitta, VyOS 1.3 Equuleus (1.3.5)

Aug 25 2020

runar closed T2826: frr: frr python lib error in replace_section as Resolved.
Aug 25 2020, 6:27 PM · VyOS 1.3 Equuleus (1.3.0)
runar created T2826: frr: frr python lib error in replace_section.
Aug 25 2020, 6:03 PM · VyOS 1.3 Equuleus (1.3.0)

Aug 20 2020

runar added a comment to T2814: kernel 5.1+ : NAT : module `nft_chain_nat_ipv4` renamed.

Yes, nft_chain_nat_ipv6 is also affected by this, and needs the same adjustments as the nat module

Aug 20 2020, 4:29 AM · VyOS 1.3 Equuleus (1.3.0)

Aug 19 2020

runar updated the task description for T2814: kernel 5.1+ : NAT : module `nft_chain_nat_ipv4` renamed.
Aug 19 2020, 7:05 PM · VyOS 1.3 Equuleus (1.3.0)
runar added a project to T2814: kernel 5.1+ : NAT : module `nft_chain_nat_ipv4` renamed: VyOS 1.3 Equuleus.
Aug 19 2020, 6:47 PM · VyOS 1.3 Equuleus (1.3.0)
runar created T2814: kernel 5.1+ : NAT : module `nft_chain_nat_ipv4` renamed.
Aug 19 2020, 6:44 PM · VyOS 1.3 Equuleus (1.3.0)
runar renamed T2813: NAT: possible to commit illegal source nat without translation from NAT: possible to commit illegal source nat without destination to NAT: possible to commit illegal source nat without translation .
Aug 19 2020, 6:32 PM · VyOS 1.3 Equuleus (1.3.0)
runar created T2813: NAT: possible to commit illegal source nat without translation .
Aug 19 2020, 6:31 PM · VyOS 1.3 Equuleus (1.3.0)

Aug 17 2020

runar closed T2766: vyos-build: build-config: arm64 is not a valid architecture as Resolved.

Merged

Aug 17 2020, 9:43 AM

Aug 6 2020

runar added a comment to T2766: vyos-build: build-config: arm64 is not a valid architecture.

PR: https://github.com/vyos/vyos-build/pull/116

Aug 6 2020, 9:33 PM
runar created T2766: vyos-build: build-config: arm64 is not a valid architecture.
Aug 6 2020, 9:29 PM
runar closed T2765: vyatta-cfg-system: arm: vyatta-cfg-system is dependent on a amd64 only package as Resolved.

PR Merged

Aug 6 2020, 9:21 PM
runar added a comment to T2765: vyatta-cfg-system: arm: vyatta-cfg-system is dependent on a amd64 only package.

PR: https://github.com/vyos/vyatta-cfg-system/pull/127

Aug 6 2020, 9:12 PM
runar created T2765: vyatta-cfg-system: arm: vyatta-cfg-system is dependent on a amd64 only package.
Aug 6 2020, 8:44 PM
runar closed T2422: arm: docker: Unable to build docker container for ARM and ARM64 as Resolved.

Container fixed, closing this ticket

Aug 6 2020, 5:59 PM
runar closed T1927: Extend main docker container to support arm builds as Resolved.

The CI is now extended to build arm containers by default. they are also exported to dockerhub. closing this ticket

Aug 6 2020, 5:58 PM

Aug 3 2020

runar closed T1511: Rewrite ethernet setup scripts to python as Resolved.

This could be closed in its current form, i'll open a new ticket om the missing parts

Aug 3 2020, 5:32 PM · VyOS 1.3 Equuleus (1.3.0)

Jul 29 2020

runar created T2739: vyos-utils is not compiled with a Jenkins pipeline..
Jul 29 2020, 6:12 AM · VyOS 1.3 Equuleus (1.3.0)
runar added a comment to T2719: Standardized op mode script structure.

Please consider using zeromq instead of pynng

Jul 29 2020, 4:57 AM · VyOS 1.3 Equuleus (1.3.5), VyOS 1.4 Sagitta

Jul 27 2020

runar added a comment to T2736: Change curl to aria2c.

I have to say i agree with @c-po, i see no real reason for changing this. But it could be added as an optional executable but not changing our internal tools to use it. -1

Jul 27 2020, 5:57 PM · VyOS 1.3 Equuleus (1.3.0)

Jul 26 2020

runar added a comment to T2735: WireGuard cannot configure multiple peers - allowed-ips is overwritten.

Ref: https://lists.zx2c4.com/pipermail/wireguard/2018-December/003704.html

Jul 26 2020, 7:30 PM · VyOS 1.3 Equuleus (1.3.0)
runar added a comment to T2735: WireGuard cannot configure multiple peers - allowed-ips is overwritten.

This s expected wireguard behavior.

Jul 26 2020, 7:10 PM · VyOS 1.3 Equuleus (1.3.0)

Jul 21 2020

runar added a comment to T2326: Migrate NHRP(DMVPN) to FRR.

As i remember the lack of multicast replication was the reason this stopped up last time it was discussed... And as ospf and eigrp is the most used protocols run over dmvpn i think this is a showstopper for implementimg nhrpd

Jul 21 2020, 5:58 PM · VyOS 1.5 Circinus
runar added a comment to T2720: Rework vyos.template Python module to make future extension easier.

While you are working on this, there is a need for a render function that does return the template as an variable instead of saving it to a file.
could you extend your patch to also include such a function? if written correctly it could be used by the render() function to not duplicate code.

Jul 21 2020, 11:19 AM · VyOS 1.3 Equuleus (1.3.6)

Jul 15 2020

runar added a comment to T2706: Support NDP protocol monitoring.

https://github.com/vyos/vyos-1x/blob/current/debian/control

Jul 15 2020, 2:38 PM · VyOS 1.3 Equuleus (1.3.0)
runar added a comment to T2706: Support NDP protocol monitoring.

Hi! This PR does the wrong approach for adding this command to the vyos system. As this is a utility that should be used from within the CLI it should be added to the cliwith the xml framework inside vyos-1x, and rhen should be a dependency of vyos-1x, and not to vyos-build

Jul 15 2020, 2:25 PM · VyOS 1.3 Equuleus (1.3.0)

Jul 9 2020

runar added a comment to T2638: FRR: New framework for configuring FRR .

After some benchmarking of this code i have i've gotten hold of a quite large test configuration that takes a waste amount of time to load into vyos.

Jul 9 2020, 9:54 PM · VyOS 1.3 Equuleus (1.3.0)

Jul 8 2020

runar added a comment to T2646: Sysctl for IPv4 ECMP Hash Policy Not Set.

The same for ipv6 is available under set system ipv6 layer4-hashing

Jul 8 2020, 5:45 AM · VyOS 1.3 Equuleus (1.3.0)
runar added a comment to T2646: Sysctl for IPv4 ECMP Hash Policy Not Set.

HI! On 1.3 layer4-hashing is activated by using the set system ip layer4-hashing command

Jul 8 2020, 5:38 AM · VyOS 1.3 Equuleus (1.3.0)

Jul 6 2020

runar added a comment to T2689: Add helper functions to query changes between session and effective configs.

About is_changed, i see the need to have a function that tells if there are any changes in the path tree under the given path.. specified.

Jul 6 2020, 3:45 PM · VyOS 1.3 Equuleus (1.3.0)
runar added a comment to T2689: Add helper functions to query changes between session and effective configs.

Good point, get_value_changed is a better name for this. As you want to distinguish between a returned value of False and a "Not Changed" using a two tuple (namedTuple?) returned with new and old value makes it easy to "see" the difference

Jul 6 2020, 3:17 PM · VyOS 1.3 Equuleus (1.3.0)
runar added a comment to T2689: Add helper functions to query changes between session and effective configs.

Also, as everything set in python will render True, couldn't is_value_changed return the old and new value instead of just true/false? This will make get_value_changed redundant

Jul 6 2020, 3:08 PM · VyOS 1.3 Equuleus (1.3.0)
runar added a comment to T2689: Add helper functions to query changes between session and effective configs.

What about providing a is_changed, that returns False, added, deleted or changed with the new value provided in the result? Added/deleted/changed can be of a enum type or something like that

Jul 6 2020, 3:00 PM · VyOS 1.3 Equuleus (1.3.0)

Jul 3 2020

runar added a comment to T2674: Other arhitecture support (MIPS, ARM).

There are allready someone trying to make a guide for building vyos on arm and the pi3/4, i myself have made it work on the pi4 some time ago but did not save my work so i dont have all the steps to reproduce..

Jul 3 2020, 8:19 AM · VyOS 1.5 Circinus

Jul 2 2020

runar added a comment to T2653: "set interfaces" Python handler code improvements - next iteration.

Please open a new ticket or move your comment to an appropriate ticket, this ticket is not discussing your consernes.

Jul 2 2020, 4:42 PM · VyOS 1.3 Equuleus (1.3.0)

Jun 28 2020

runar added a comment to T2638: FRR: New framework for configuring FRR .

PR for FRR code in vyos-1x : https://github.com/vyos/vyos-1x/pull/483/files

Jun 28 2020, 7:09 PM · VyOS 1.3 Equuleus (1.3.0)

Jun 27 2020

runar added a comment to T2638: FRR: New framework for configuring FRR .

PR for fixing frr-reload: https://github.com/vyos/vyos-build/pull/111

Jun 27 2020, 7:43 PM · VyOS 1.3 Equuleus (1.3.0)
runar added a comment to T2659: Add fastnetmon (DDoS detection) support.

I agree with @jack9603301 on this, as fastnetmon is not a ids solution, and only focuses on ddos protection it is best to avoid ids in the command syntax alltogether...

Jun 27 2020, 4:02 PM · VyOS 1.3 Equuleus (1.3.0)

Jun 24 2020

runar updated the task description for T2638: FRR: New framework for configuring FRR .
Jun 24 2020, 9:18 PM · VyOS 1.3 Equuleus (1.3.0)
runar updated the task description for T2638: FRR: New framework for configuring FRR .
Jun 24 2020, 9:43 AM · VyOS 1.3 Equuleus (1.3.0)
runar created T2638: FRR: New framework for configuring FRR .
Jun 24 2020, 9:38 AM · VyOS 1.3 Equuleus (1.3.0)

Jun 11 2020

runar added a comment to T2587: Cannot enable the interface when the MTU is set to less than 1280.

As a side-note, the kernel reacts correctly to this by rfc6145.

An IPv6 link has to have an MTU of 1280 bytes or greater. The corresponding limit for IPv4 is 68 bytes.
Jun 11 2020, 9:12 PM · VyOS 1.3 Equuleus (1.3.0)

Jun 10 2020

runar added a comment to T2578: ipaddrcheck unaware of /31 host addresses - can no longer assign /31 mask to interface addresses.

i'm wondering if this is the right approach.
This works as a workaround, but this needs to be added to the ipaddrcheck validator as an allowed host-address and not be done in a shell script

Jun 10 2020, 8:23 AM · VyOS 1.3 Equuleus (1.3.0)

Jun 5 2020

runar added a comment to T2549: repository restructuration suggestions.

Yes, we need to try/except the apply section (the other should never fail but we could still catch errors to not leave the system in an unknown state) but when applying the reverse configuration (ie: invert effective and new and re-apply) one must then be careful if that fails too (we do not want a forever loop :p). The code already runs all the get_dict and all the verify first, so we will only apply if all is ok, but still issues could occur.

Jun 5 2020, 8:48 PM · VyOS 2.0.x