Mastodon

0 posts0 participants0 posts today

LibreQoSGreat to see this nice farewell to our beloved <a href="https://bird.makeup/users/mtaht" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@mtaht</a> at <a href="https://vyos.social/users/news" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@news</a> forum:<a href="https://forum.vyos.io/t/farewell-dave-taht/16379" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://forum.vyos.io/t/farewell-dave-taht/16379</a><a href="https://fosstodon.org/tags/DaveTaht" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DaveTaht</a> <a href="https://fosstodon.org/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> <a href="https://fosstodon.org/tags/RFC8290" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RFC8290</a> <a href="https://fosstodon.org/tags/BandwidthIsALIE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BandwidthIsALIE</a> <a href="https://fosstodon.org/tags/FQ_CoDel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FQ_CoDel</a> <a href="https://fosstodon.org/tags/sch_CAKE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sch_CAKE</a> <a href="https://fosstodon.org/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://fosstodon.org/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://fosstodon.org/tags/FLOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FLOSS</a> <a href="https://fosstodon.org/tags/bufferbloat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bufferbloat</a> <a href="https://fosstodon.org/tags/latency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#latency</a> <a href="https://fosstodon.org/tags/jitter" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#jitter</a> <a href="https://fosstodon.org/tags/LibreQoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LibreQoS</a> <a href="https://fosstodon.org/tags/schCAKE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#schCAKE</a> <a href="https://fosstodon.org/tags/FQCoDel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FQCoDel</a> <a href="https://fosstodon.org/tags/WiFi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WiFi</a> <a href="https://fosstodon.org/tags/router" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#router</a>

SalearlymanHey fellow sysadmin cosplay nerds, does anyone here use VyOS? I use VyOS as the main router for my home network and I just found out that a job for uploading backups to an off-site location is strangling my upstream bandwidth.I want to create a QOS / traffic shaping policy to treat this as bulk traffic - take up as much bandwidth as available but give priority to all other traffic.Is there a simple way to do this? I don't want to allocate a fixed bandwidth for it.<a href="https://cloudisland.nz/tags/HomeLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HomeLab</a> <a href="https://cloudisland.nz/tags/vyos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vyos</a> <a href="https://cloudisland.nz/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sysadmin</a>

JunicastI think I might actually migrate my <a href="https://chaos.social/tags/firewall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#firewall</a> to <a href="https://chaos.social/tags/vyos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vyos</a>. Just the fact that I can easily deploy <a href="https://chaos.social/tags/podman" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#podman</a> <a href="https://chaos.social/tags/container" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#container</a> onto my firewall this is also possible with <a href="https://chaos.social/tags/OpenWrt" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenWrt</a> but sadly it's a bit hacky as their partitioning is ephemeral in it's nature. I'm still struggling a bit with managing core functionalities like firewalling but I will manage. Why isn't there already a GUI? Isn't their API supposed to be ready to use idk? Solutions like <a href="https://chaos.social/tags/pfSense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pfSense</a> or <a href="https://chaos.social/tags/OPNsense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OPNsense</a> are just a bit too inflexible for me.

JunicastAfter a couple of years of abstence I have to try <a href="https://chaos.social/tags/vyos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vyos</a> once again. I have been also trying to go back to <a href="https://chaos.social/tags/opnsense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opnsense</a> lately but it seems I like <a href="https://chaos.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> based firewalls better, even though somehow <a href="https://chaos.social/tags/BSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BSD</a>'s <a href="https://chaos.social/tags/pf" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pf</a> is really good.

Daniil BaturinI'm pretty sure there will be stink about an evil multi-billion corporation sending DMCA takedowns now, but for the record, <a href="https://github.com/umlumpa/vyos-1x" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/umlumpa/vyos-1x</a> was taken down because the owner of that account proceeded to _remove GPL license headers_ from all files and went as far as to replace my name in "this package was debianized by Daniil Baturin in 20xx" with his own name but the original date.If that's how you honor FOSS licenses, that's how we respond — no hard feelings, folks.<a href="https://functional.cafe/tags/vyos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vyos</a>

Scott LairdFeeling okay about progress on my <a href="https://hachyderm.io/tags/golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#golang</a> <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> config handling code. It can read and write all 3 forms of config (`show`, `set`, and the on-disk boot format), and I have a demo WASM app with a text area that I can paste `show` configs into and get them auto-converted to `set` configs.The next step is to bundle up a couple sample configs and add a template interface where you can specify which interfaces have LAN, WAN, etc, and what your IP address ranges look like. Then it'll auto-create a config for you.Yeah, this is doable without a full parser or WASM, but it's not a bad exercise. Plus this is inherently flexible in ways that strict text templating systems aren't.

Scott LairdToday's "fun" side project: working on a <a href="https://hachyderm.io/tags/golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#golang</a> library for parsing <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> router configs. VyOS"s config is Juniper-like, rather than IOS-like, which I like. However, like Junos, that means that it has (at least) 2 different formats: the block-structured `show configuration` output and the `set` format (`show | display set` in Junos, `show | commands` in VyOS) that can actually be pasted into a device.Right now, I can parse VyOS's block-structured configs into an AST and then dump the AST as `set` commands. The goal is to be able to parse and write all 3 of VyOS's config formats (its boot config format is *just* different enough to need its own code), to allow conversion between formats. The end goal is to be able to throw together a web app generating templatized starter configs that can convert between formats trivially.The other goal is to get some practice with Go generics and probably WASM.

Scott LairdYou know, <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> really doesn't seem happy when you try to add 65,536 static routes to its config. Sorta slow.

AlexAlso, while my previous choice <a href="https://swiss.social/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> was "okay", their update lifecycle and buggy config migrations leave no second guesses of moving away. <a href="https://swiss.social/tags/pfSense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pfSense</a> and <a href="https://swiss.social/tags/OPNsense" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OPNsense</a> are fine for basic functionality but in my experience are too buggy as well. And I cannot just fix those, my playbook I can. 😁 <a href="https://swiss.social/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#homelab</a> <a href="https://swiss.social/tags/network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#network</a>

MarekVyOS is unfortunately becoming more and more isolated. They now even have an EULA - doesn't that contradict the GNU GPL? I can understand the commercial interests behind it, but I think it's a shame.<a href="https://forum.vyos.io/t/doesnt-the-eula-contradict-the-gnu-gpl-is-vyos-stream-publicly-available/15756" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://forum.vyos.io/t/doesnt-the-eula-contradict-the-gnu-gpl-is-vyos-stream-publicly-available/15756</a><a href="https://blog.vyos.io/vyos-1.4.1-release" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.vyos.io/vyos-1.4.1-release</a><a href="https://layer8.space/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> <a href="https://layer8.space/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> <a href="https://layer8.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FLOSS</a> <a href="https://layer8.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://layer8.space/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeSoftware</a>

AliveDevil<a href="https://tauri.earth/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> PSA: If you have Accept_ANY rules in Zone-based firewall, don't# set firewall global-options state-policy invalid action dropThis will just shortcut drop all new packets, sometimes.<a href="https://tauri.earth/tags/Router" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Router</a> <a href="https://tauri.earth/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a>

AliveDevilThis configuration looks neat. Missing are just the migration from the second IKEv2 TCP reverse proxy VPN to this router as well.<a href="https://tauri.earth/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> <a href="https://tauri.earth/tags/Firewall" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Firewall</a> <a href="https://tauri.earth/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPN</a> <a href="https://tauri.earth/tags/Wireguard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Wireguard</a>

AliveDevilSo … <a href="https://tauri.earth/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> people. What's your solution for monitoring link stability? E.g. latency, ICMP drops, etc.<a href="https://tauri.earth/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://tauri.earth/tags/Router" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Router</a> <a href="https://tauri.earth/tags/HomeLab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HomeLab</a> <a href="https://tauri.earth/tags/SelfHosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SelfHosting</a>

AliveDevilThat urge to build a client app to configure <a href="https://tauri.earth/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a>.<a href="https://tauri.earth/tags/Avalonia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Avalonia</a> <a href="https://tauri.earth/tags/Desktop" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Desktop</a> <a href="https://tauri.earth/tags/CSharp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CSharp</a>

AliveDevilSomeone here who wants to translate <a href="https://tauri.earth/tags/OpenWRT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenWRT</a> firewall rules to <a href="https://tauri.earth/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> firewall rules?

AliveDevilBuilding <a href="https://tauri.earth/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> 1.4 for arm64, because Cloudflare.

ItzTrainI got tired of fussing with <a href="https://hachyderm.io/tags/FRR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FRR</a> and trying to use it to do VRF's and routing as it really is geared towards Dynamic Routing! Back to <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> for the <a href="https://hachyderm.io/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#homelab</a>. I am still using VRRP with 3 FFA routers on my <a href="https://hachyderm.io/tags/incus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#incus</a> hosts. So as long as my upstream router is up. I can reboot hosts all day long and no internet go down.<a href="https://hachyderm.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#selfhosted</a> <a href="https://hachyderm.io/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#selfhosting</a>

PaulThe <a href="https://social.pfzetto.de/tags/Vyos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vyos</a> firewall currently doesn't support SIIT-DC (Stateless IP/ICMP Translation for IPv6 Data Center Environments). Luckily there is a workaround to configure it anyway: <a href="https://pfzetto.de/blog/siit-dc-for-vyos" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://pfzetto.de/blog/siit-dc-for-vyos</a> <a href="https://social.pfzetto.de/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networking</a> <a href="https://social.pfzetto.de/tags/ipv6" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ipv6</a>

MarekVyOS 1.5 is somehow broken for me: Babel does not work at all (not even with the example from the documentation) and with BGP you cannot set a source address for installed routes (possible with route-map set src, but has no effect).The rolling release seems to be enormously rolling.<a href="https://layer8.space/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> <a href="https://layer8.space/tags/Babel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Babel</a> <a href="https://layer8.space/tags/FRR" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FRR</a> <a href="https://layer8.space/tags/BGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BGP</a> <a href="https://layer8.space/tags/Networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Networking</a>

ItzTrainI'm trying to get <a href="https://hachyderm.io/tags/VyOS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VyOS</a> dhcp across it's VRF's.. It doesn't seem to like it unless it's the default vrf, in which I do have services there.. I am running my own Kea dhcp server and that is pretty ehh.. getting dhcp lease information is cumbersome. So naturally i'm running 2.. for the vrf's that I can't use :) ..<a href="https://hachyderm.io/tags/homelab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#homelab</a> <a href="https://hachyderm.io/tags/selfhosted" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#selfhosted</a> <a href="https://hachyderm.io/tags/selfhosting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#selfhosting</a>

Recent searches

Search options

Administered by:

Server stats:

#vyos