Jun 30 2022
Jun 30 2022
trae32566 added a comment to T1641: VRRP conntrack-sync dropping packets passing through the router.
Viacheslav added a comment to T1641: VRRP conntrack-sync dropping packets passing through the router.
@trae32566 Extentd conntrack table and reduce timeouts:
for example
set system sysctl parameter net.netfilter.nf_conntrack_generic_timeout value 60 set system sysctl parameter net.netfilter.nf_conntrack_icmp_timeout value 10 set system sysctl parameter net.netfilter.nf_conntrack_icmpv6_timeout value 10 set system sysctl parameter net.netfilter.nf_conntrack_tcp_timeout_close_wait value 20 set system sysctl parameter net.netfilter.nf_conntrack_tcp_timeout_established value 1800 set system sysctl parameter net.netfilter.nf_conntrack_tcp_timeout_fin_wait value 30 set system sysctl parameter net.netfilter.nf_conntrack_tcp_timeout_syn_recv value 30 set system sysctl parameter net.netfilter.nf_conntrack_tcp_timeout_syn_sent value 60 set system sysctl parameter net.netfilter.nf_conntrack_tcp_timeout_time_wait value 120 set system sysctl parameter net.netfilter.nf_conntrack_udp_timeout_stream value 60
trae32566 added a comment to T1641: VRRP conntrack-sync dropping packets passing through the router.
This seems to be an issue in 1.4 as well, I have the exact same symptoms, and removing the accept-protocol fixes the issue.
Sep 10 2021
Sep 10 2021
dmbaturin removed a project from T1378: Embed Git commit ID of vyos-build repo in resulting image: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1390: Extend bgp config for bestpath as-path multipath-relax: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1454: Reading deprecated /etc/frr/daemons.conf: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1309: allow duplicate ip adresses on different interfaces: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1464: FRR: Set explicit OSPFv3 network type for specified interface: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1343: do not remove trailing zeroes from subnets in DHCP static route config: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1355: rsyslog stopped after reboot or clean start: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1345: Specify RADIUS source IP for system login command: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1379: Deprecated functions in /sbin/dhclient-script: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1400: iBGP: remote-as and router AS can't be the same value: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1387: Disabling a DHCP interface with no address displays an error: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1433: "show dhcpv6 server leases" shows leases from wrong file: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1471: Wireguard interfaces have no firewall subtree: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1419: Can't delete multiple OSPF passive-interfaces in single commit: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1475: Enable Kernel Data Center Bridging (CONFIG_DCB) support: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1516: [wireguard] config changes cause an error: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1504: DHCP-provided DNS servers are not propagated to resolv.conf: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1484: OSPF md5 key not removed in strip-private: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1357: Wrong exit code produced by dhcp-server migration script: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1370: Webproxy with ldap authentication don't start: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1461: Deleting 'firewall options' causes Python TypeError: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1371: Arguments of VRRP health check scripts are ignored: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1422: Add a utility for querying values in config files: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1453: Warning: nss-myhostname is not installed: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1446: Raid install with efi can generate some warning output.: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1477: Intel i40evf fails to load - unknown symbol: VyOS 1.3 Equuleus.
dmbaturin removed a project from T1242: Error when setting 'pppoe 0 ipv6 address autoconf': VyOS 1.3 Equuleus.
dmbaturin removed a project from T1505: vyos.config return_effective_values does not convert the output to a list: VyOS 1.3 Equuleus.