- User Since
- Sep 10 2018, 3:30 PM (193 w, 5 d)
Fri, May 13
Thu, May 5
Tue, May 3
Resolved in https://github.com/vyos/vyos-cloud-init/pull/54
Sat, Apr 30
Apr 25 2022
Apr 14 2022
Theoretically, must be fixed in https://github.com/FRRouting/frr/pull/11004
Apr 11 2022
Apr 1 2022
Hi, @dberlin ! Thanks, you are right about the root cause.
I believe that we need to remove the max-size and action-on-max-size from rsyslog.conf. So, leave everything related to rotating logs to logrotate, and to sending logs to rsyslog - UNIX-way. :)
Mar 31 2022
Mar 26 2022
Updated to 22.1 in 1.4.
The current branch now must be compatible with 1.3, and merged to equuleus if there no new incompatibilities will be found during tests.
Mar 24 2022
Updated: we need to update 20.4 to 22.1 because 20.4 cannot extract SSH keys from the Azure Stack Hub data source.
Mar 15 2022
The same issue with set interfaces bonding bond0 arp-monitor interval 'X' option. Also extra conversion between variable types.
Added the fix to the same PR.
Mar 12 2022
Mar 11 2022
Mar 7 2022
Resolved in https://phabricator.vyos.net/T3774, but it will not be backported to 1.2.
Should be fixed in https://github.com/vyos/vyos-1x/pull/1241
Mar 6 2022
Should be fixed by https://github.com/vyos/vyatta-cfg-firewall/pull/32
Mar 2 2022
Feb 18 2022
Feb 16 2022
Feb 4 2022
Feb 3 2022
Jan 26 2022
We confirmed the problem - some serial consoles continue to work well, some are not initialized properly with the --keep-baud option. For example, this can be reproduced in the SOS console in Equinix Metal.
Originally, the problem comes from a systemd service template.
Since it is not completely clear if the option is necessary in one case or another, it seems that the best solution would be to provide the ability to set/remove it from the CLI, so everyone may configure what works best for his hardware.
Jan 13 2022
Dec 30 2021
Suggested fix: https://github.com/vyos/vyatta-op/pull/52
Dec 29 2021
PR to fix the problem: https://github.com/vyos/vyos-1x/pull/1128
It is compatible with both 1.3 and 1.4, so can be cherry-picked from sagitta to equuleus.
Nov 26 2021
Nov 9 2021
Nov 3 2021
The problem exists because of the IKEv1 limitation - peer ID is unknown at the authentication stage. Since, both DMVPN and L2TP are configured for any remote peer address, one of them intercepts customers of the other one during authentication because it is not possible to find out which service will be connected after Phase 1.
Technically, the other one is a duplicate, but there are more details already.
Nov 2 2021
After the investigation, we figured out that it is possible to get the prefix and link-local address during the DHCP commit procedure.
log(info, binary-to-ascii(16, 8, ":", substring(option dhcp6.ia-pd, 24, 17)));
will give us the next info:
So, a prefix can be extracted. Also, a link-local address may be generated from the MAC address extracted from the DHCP packet structure.
Oct 29 2021
After some investigation, we figured out several ways how to solve or at least mitigate the problem. From my point of view, the optimal for both developers and customers is the next one.
Oct 26 2021
Oct 25 2021
Sep 28 2021
The issue solved in the https://github.com/vyos/vyos-1x/pull/1017
However, the question if netplug script is necessary at all is still opened.
Sep 27 2021
Sep 15 2021
Aug 27 2021
This is a typo in the documentation. In the real system, the facility is called security, but it is deprecated at least from the 2004 year.
The problem that I see in names is that it seems that different systems and software may use slightly different names for facilities. So, could be a good idea to do the two things:
- check existing and add missing facility names in CLI
- in the actual configuration transparently convert facilities to numeric representation to avoid software issues (like deprecated security facility in rsyslog).
Aug 24 2021
Aug 16 2021
Thank you for testing! The change was backported to 1.3 and 1.2.
Aug 11 2021
Really appreciated for such a detailed problem analysis! The regex is fixed in the 1.4 version now.
Could you test it, so we can backport changes safely to 1.2 and 1.3?
Jul 29 2021
They should be disabled by default, but there must be the ability to re-enable OIDs back from CLI.
Jul 26 2021
Jun 29 2021
Jun 11 2021
It also works with the current VTI interfaces (sudo ip l set vti1 vrf VRF1).
May 28 2021
@UnicronNL I would like to put default values in the config.boot file, and overwrite them from Cloud-init if a customer provides custom values.
Apr 28 2021
Apr 22 2021
Apr 13 2021
The issue exists because the ifupdown package that is required for the eni renderer was removed by the https://github.com/vyos/vyatta-cfg-system/commit/3dd837f2d3518b7ddcf8e1ab68d8ab9f3eff0968
To not take back it again for all the platforms, the problem was resolved by the https://github.com/vyos/vyos-vm-images/commit/090e5367dc6df9b49c037e0b60f7adfafdf54a53 , so all the images created with the vyos-vm-images should not contain the problem with the renderer.
This task must be obsoleted by the https://phabricator.vyos.net/T2116
Just a small update on this.
PXE boot service for all 1.2 / 1.3 / 1.4 versions is up and running in private testing.
Mar 23 2021
Mar 22 2021
The root of the problem here is changed place for custom options and the ability to configure options that should be applied differently, depending on the place. In other words, "Additional OpenVPN options" becomes "Additional OpenVPN options. You must use the syntax of openvpn.conf in this text-field", but actually these variants are not fully equal and cannot be converted directly.