- User Since
- Oct 31 2021, 3:16 PM (55 w, 6 d)
Thu, Nov 24
Mon, Nov 7
Sat, Nov 5
Note: this requires https://phabricator.vyos.net/T4800 to be completed.
Well, after a better code reading, the var should be named chroot_includes_dir instead of includes_chroot_dir.
Aug 26 2022
Aug 22 2022
I think I found the "problematic" commit.
With an older version:
Aug 4 2022
From the strongswan 5.9.6 changelog:
Actively initiating duplicate CHILD_SAs within the same IKE_SA is now largely prevented. This can happen if trap policies are installed and an IKE_SA with its CHILD_SAs is reestablished (e.g. with break-before-make reauthentication or dpd_action=restart). This does not prevent duplicates if they are initiated by the two peers concurrently.
Jun 27 2022
I think this is a BUG, not a feature.
If I enable mpls on an interface, then the proper sysctl flags must be applied and be persistent.
Apr 14 2022
Relevant configuration on one PE router:
Nov 8 2021
When I manually add the "vrf red" with vtysh, then the frr config is like the one you reported.
Nov 2 2021
Additional note: this, of course, breaks the 'red' vrf connectivity.
If I manually add, using vtysh, the
vrf red vni 3000
everything on the 'red' vrf works fine.