Today
I wanted to ask you guys if this is an appropriate change to make. Considering it's on BGP, it's going to be a change in a crucial part but I think this one is probably a good one to make just to reduce ambiguity.
PR for equuleus (upcoming 1.3.2 release https://github.com/vyos/vyos-1x/pull/1390)
PR https://github.com/vyos/vyos-1x/pull/1389
set service dns forwarding dns64-prefix 2001:db8:aabc::/96
Or probably better:
Oh, if you are asking for an example of what the VyOS config setting would look like?
I've been manually adding TAYGA to VyOS (See T160) for my NAT64 capability.
@dsummers Could you provide an example of VyOS configuration and an example of what you add?
Yes, I spent quite some time trying to replicate your findings until I noticed that you used if commit_in_progress, so the truth value of a defined object that isn't None or False was trivially true.
Bug of testing
I tested commit_in_progress instead of commit_in_progress()
Is there any further testing needed by me or someone else will do that?
I tested on VyOS 1.4-rolling-202207030217. The bug was resolved.
Yesterday
I already tested the PR before submitting:
Sat, Jul 2
Potentially slow validators:
src/validators/interface-address:ipaddrcheck --is-ipv4-host $1 || ipaddrcheck --is-ipv6-host $1
src/validators/ip-address:ipaddrcheck --is-any-single $1
src/validators/ip-cidr:ipaddrcheck --is-any-cidr $1
src/validators/ip-host:ipaddrcheck --is-any-host $1
src/validators/ip-prefix:ipaddrcheck --is-any-net $1
src/validators/ipv4:ipaddrcheck --is-ipv4 $1
src/validators/ipv4-address:ipaddrcheck --is-ipv4-single $1
src/validators/ipv4-host:ipaddrcheck --is-ipv4-host $1
src/validators/ipv4-multicast:ipaddrcheck --is-ipv4-multicast $1 && ipaddrcheck --is-ipv4-single $1
src/validators/ipv4-prefix:ipaddrcheck --is-ipv4-net $1
src/validators/ipv4-range: ipaddrcheck --is-ipv4-single ${strarr[0]}
src/validators/ipv4-range: ipaddrcheck --is-ipv4-single ${strarr[1]}
src/validators/ipv6:ipaddrcheck --is-ipv6 $1
src/validators/ipv6-address:ipaddrcheck --is-ipv6-single $1
src/validators/ipv6-host:ipaddrcheck --is-ipv6-host $1
src/validators/ipv6-multicast:ipaddrcheck --is-ipv6-multicast $1 && ipaddrcheck --is-ipv6-single $1
src/validators/ipv6-prefix:ipaddrcheck --is-ipv6-net $1Inverse match PR: https://github.com/vyos/vyos-1x/pull/1386
Fri, Jul 1
If the counters are visible and incrementing when checking with nft list table ip filter then I don't think this is an implementation issue. Wondering if its a problem with the syslog daemon.