VyOS Platform Blog

Building an open source network OS for the people, together.

VyOS 1.2.4 release

Posted 1 Jan, 2020 by Yuriy Andamasov

Happy new year! I hope you all had a good rest while we preparing this release. It´s been a while from last 1.2.4 EPA but testing went pretty good. Thanks to all who reported issues and worked with us to solve them!

What’s new

While it’s technically a point release, we’ve backported a number of features from current that are either well-tested enough to be safe or don’t have the potential to disrupt any existing functionality.

Intel QAT

VyOS now supports encryption acceleration with Intel QuickAssist Technology, this also unblocked hardware-specific releases (more details below)

We’ve made a point to make all acceleration features optional and possible to disable. We stand by that decision, so QAT is disabled by default and needs to be enabled explicitly.

With “set system acceleration qat” command, you can enable QAT on machines whose CPU supports it. If it doesn’t have QAT support, the commit will fail.

You can view the QAT status with “show system acceleration qat” command (use tab completion to discover the subcommands).

Important to say that QAT works also with SR-IOV exposed devices, so you can use it in VMs too

BFD

Switching to FRR wasn’t exactly painless, however, it did bring better stability and functionality to routing protocols we already had CLI for and opened a path to adding new ones. In this release, we’ve backported BFD support from the rolling release branch.

Here are the provided commands:

set interface ethernet INTF ip ospf bfd
set protocols bgp AS neighbor IP bfd
set protocols bgp AS peer-group NAME bfd
set protocols bfd peer IP multihop
set protocols bfd peer IP shutdown
set protocols bfd peer IP multihop
set protocols bfd peer IP interval receive
set protocols bfd peer IP interval transmit
set protocols bfd peer IP interval multiplier
set protocols bfd peer IP source address
set protocols bfd peer IP source interface
show protocols bfd peer
show protocols bfd peer IP

Custom scripts for SNMP

You now can expose via SNMP output of custom scripts, which can be really useful in certain cases. Refer to the documentation for details

IP6GRE

You now can specify ip6gre as encapsulation in the tunnel configuration

OVA and OVF properties

When deploying from OVA you now have the ability to configure API key and port. This is pretty useful for automation scenarios. 

Platform-specific images

This took longer than we expected initially, but now we provide images for specific hardware platforms. Everyone can build them using appropriate makefile targets (e.g. make edgecore), while subscribers with support or corp access can download prebuilt images.

For some platforms it´s really initial release, during 2020 we will expand hardware-specific capabilities so you can interact with iDRAC/IPMI, support OOB access via serial, manage and monitor RAID controllers and so on.

 

The following images are available for 1.2.4:

  • EdgeCore SAF51003I & SAF51015I-0318-EC
  • DellEMC Poweredge R6x0 Servers
  • DellEMC VEP1400 & VEP4600
  • Protectli FW series

Admittedly, this led to some makefile target proliferation. We are working to make the build scripts more logical and flexible so that adding new platforms will not make a mess there.

Target platform will also be decoupled from the image format. That is, target platform will be specified with a ./configure option, like ./configure --platform vmware or ./configure --platform dell-vep, which will make the build script include additional packages and default configs required for those platforms. Then you will be able to build an image in any format with make iso or make vmdk.

Updated packages

A number of packages have been updated:

  • Linux kernel to 4.19.84
  • Linux firmware to 2019-10-07
  • ddclient to 3.9.0, to support the Cloudflare DDNS API
  • WireGuard to 0.0.20191012
  • FRR 7.2

Resolved issues

258 Can not configure wan load-balancing on vyos-1.2
818 SNMP v3 - remove required engineid from user node
1030 Upgrade ddclient from 3.8.2 to 3.9.0 (support Cloudflare API v4)
1183 BFD Support via FRR
1299 Allow SNMPd to be extended with custom scripts
1351 accel-pppoe adding CIDR based IP pool option
1391 In route-map set community additive
1394 syslog systemd and host_name.py race condition
1401 Copying files with the FTP protocol fails if the password contains special characters
1421 OpenVPN client push-route stopped working, needs added quotes to fix
1430 Add options for custom DHCP client-id and hostname
1447 Python subprocess called without import in host_name.py
1470 improve output of "show dhcpv6 server leases"
1485 Enable 'AdvIntervalOpt' option in for radvd.conf
1496 Separate rolling release and LTS kernel builds
1560 "set load-balancing wan rule 0" causes segfault and prevents load balancing from starting
1568 strip-private command improvement for additional masking of IPv6 and MAC address
1578 completion offers "show table", but show table does not exist
1593 Support ip6gre
1597 /usr/sbin/rsyslogd after deleting "system syslog"
1638 vyos-hostsd not setting system domain name
1678 hostfile-update missing line feed
1694 NTPd: Do not listen on all interfaces by default
1701 Delete domain-name and domain-search won't work
1705 High CPU usage by bgpd when snmp is active
1707 DHCP static mapping and exclude address not working
1708 Update Rolling Release Kernel to 4.19.76
1709 Update WireGuard to 0.0.20190913
1716 Update Intel NIC drivers to recent versions
1726 Update Linux Firmware binaries to 2019-10-07
1728 Update Linux Kernel to 4.19.79
1737 SNMP tab completion missing
1738 Copy SNMP configuration from node to node raises exception
1740 Broken OSPFv2 virtual-link authentication
1742 NHRP unable to commit.
1745 dhcp-server commit fails with "DHCP range stop address x must be greater or equal to the range start address y!" when static mapping has same IP as range stop
1749 numeric validator doesn't support multiple ranges
1769 Remove complex SNMPv3 Transport Security Model (TSM)
1772 regex constraints in XML are partially broken
1778 Kilobits/Megabits difference in configuration Vyos/FRR
1780 Adding ipsec ike closeaction
1786 disable-dhcp-nameservers is missed in current host_name.py implementation
1788 Intel QAT (QuickAssist Technology ) implementation
1792 Update WireGuard to Debian release 0.0.20191012-1
1800 Update Linux Kernel to v4.19.84
1809 Wireless: SSID scan does not work in AP mode
1811 Upgrade from 1.1.8: Config file migration failed: module=l2tp
1812 DHCP: hostnames of clients not resolving after update v1.2.3 -> 1.2-rolling
1819 Reboot kills SNMPv3 configuration
1822 Priority inversion wireless interface dhcpv6
1825 Improve DHCP configuration error message
1836 import-conf-mode-commands in vyos-1x/scripts fails to create an xml
1839 LLDP shows "VyOS unknown" instead of "VyOS"
1841 PPP ipv6-up.d direcotry missing
1893 igmp-proxy: Do not allow adding unknown interface
1903 Implementation udev predefined interface naming
1904 update eth1 and eth2 link files for the vep4600

Comments