It's shaping up to be a Add Features to #VyOS sort of fall, apparently.

In addition to playing with some ARM things, I'd like to add a few missing NTP options (around polling speed, mostly), get PTP (time) support working, and do whatever tweaks are needed to get support for Mellanox's switchdev-backed switches, like the SN2010.

For the most part, it looks like just loading the (included) mlxsw module *should* be enough to get hardware offloaded L2, L3, and at least some VxLAN working if you install VyOS (or any Linux) on a Mellanox SNxxxx switch. Just configure Linux networking like normal, and the kernel pushes a matching offload config to the hardware on its own. Counter/statistic support may be somewhat lacking, and I don't think VyOS has any support for configuring port splitting (1x100G -> 4x25G). All in all, though, it's *probably* fairly minimal.

It's apparently time for my semi-annual "I wish I had a #Linux #ARM build system" post. But, as usual, I can't actually find a good solution to my problem.

I'm ~12h into compiling #VyOS for ARM right now, running on a system with 4x A73 cores. That's way, way too slow.

Moving it to a Pi 5 would help slightly (~2x, maybe?). There are a few 6-8 core SBCs or similar with faster CPUs for under $250. After that, I *think* I could piece together a 80 or 96-core Ampere Altra system for $1500 or so.

Surely there's *some* ARM system that will run Linux and fits between (say) a RK3588 and an Ampere server, righjt?

Presumably it'd be possible to run Linux on a M1 or M2 Mac mini, but driver support seems dodgy.

Or maybe ARM Linux in a VM on a new er Mac mini? That'd probably sidestep a lot of the driver issues with M3/M4 CPUs and Linux.

I could probably try qemu running on my x86 desktop; it's almost certainly slower than running natively, but it'd probably still outperform a 4-core power-constrained system.

Or I could farm this out to AWS/GCP/etc. That'd certainly be cheaper up front, but I'd end up paying to sling multi-GB images back and forth all day.

Anyone have any other suggestions?

I'm guessing it's not possible, but does anyone know if on #Hetzner it's possible to create like a VPC or similar between auction servers, and a VPS?

Basically want want to run #Vyos on VPS and then route traffic from the auction servers out via that Vyos instance.

Yow! I've been running #Minisforum MS-A2 #VyOS router performance benchmarks in the background for most of the weekend. I'll make a relatively small config, reboot, re-run the multi-hour NDR sweep with trex, lather, rinse, repeat.

When I set the BIOS to "performance" power mode instead of "balanced" (the default), I notice that it spikes to drawing 185W from the wall and runs like a bat out of hell for 6 seconds before throttling itself back down to 155W.

That's a spicy little mini PC -- I don't know how it expects to cool 185W. I mean, obviously it isn't, but it seems like a weirdly aggressive thing to even attempt.

This is *obviously* optimized for gaming/desktop uses, where a 6s spike in performance followed by slowing back down is a good thing. It benchmarks fairly poorly this way, though. Dropping back to "balanced" seems to give much better numbers overall.

I tried turning on AMD PBO, which will boost clock speeds even more when thermals permit it.

Thermals didn't permit it.

I'm running each test 3x, and with PBO I was seeing giant differences from run to run. Like 5.84/14.83/5.85 Mpps across 3 runs. In "balanced" mode without PBO it consistently got >15 Mpps, so enabling PBO isn't even slightly helpful.

This box feels like it should be faster than it is on routing; it's clearly faster than my previously-measured numbers on this thing's Intel twin, but throughput doesn't seem to be linear with CPU load. At 80% of peak load, it's using something like 50% of its CPU, but increasing past that rapidly swamps the CPU.

I saw similar with the Intel system, but I blamed it on Alder Lake's mix of P and E cores. The AMD model has 16 equal cores, so *that*'s not the problem.

I'm not sure if I'm hitting kernel-tunable issues (I've found at least one so far), hardware-tunable issues (Mellanox *loves* knobs), cache-size issues, or memory-bandwidth issues.

I probably have the tools to figure it out, though, so I'll leave tests running in the background for a day or two and keep making little tweaks to see what helps.

#VyOS
#ipv6
#pppoe

not critical, but mildly annoying that ipv6 almost works completely proper with VyOS and PPPOE for me.

https://forum.vyos.io/t/pppoe-does-not-get-ipv6-address-but-i-do-get-ipv6-prefix-delegation/16598

Great to see this nice farewell to our beloved @mtaht at @news forum:

https://forum.vyos.io/t/farewell-dave-taht/16379

Hey fellow sysadmin cosplay nerds, does anyone here use VyOS? I use VyOS as the main router for my home network and I just found out that a job for uploading backups to an off-site location is strangling my upstream bandwidth.

I want to create a QOS / traffic shaping policy to treat this as bulk traffic - take up as much bandwidth as available but give priority to all other traffic.

Is there a simple way to do this? I don't want to allocate a fixed bandwidth for it.

I'm pretty sure there will be stink about an evil multi-billion corporation sending DMCA takedowns now, but for the record, https://github.com/umlumpa/vyos-1x was taken down because the owner of that account proceeded to _remove GPL license headers_ from all files and went as far as to replace my name in "this package was debianized by Daniil Baturin in 20xx" with his own name but the original date.

If that's how you honor FOSS licenses, that's how we respond — no hard feelings, folks.

Feeling okay about progress on my #golang #VyOS config handling code. It can read and write all 3 forms of config (`show`, `set`, and the on-disk boot format), and I have a demo WASM app with a text area that I can paste `show` configs into and get them auto-converted to `set` configs.

The next step is to bundle up a couple sample configs and add a template interface where you can specify which interfaces have LAN, WAN, etc, and what your IP address ranges look like. Then it'll auto-create a config for you.

Yeah, this is doable without a full parser or WASM, but it's not a bad exercise. Plus this is inherently flexible in ways that strict text templating systems aren't.

Today's "fun" side project: working on a #golang library for parsing #VyOS router configs.

VyOS"s config is Juniper-like, rather than IOS-like, which I like. However, like Junos, that means that it has (at least) 2 different formats: the block-structured `show configuration` output and the `set` format (`show | display set` in Junos, `show | commands` in VyOS) that can actually be pasted into a device.

Right now, I can parse VyOS's block-structured configs into an AST and then dump the AST as `set` commands. The goal is to be able to parse and write all 3 of VyOS's config formats (its boot config format is *just* different enough to need its own code), to allow conversion between formats. The end goal is to be able to throw together a web app generating templatized starter configs that can convert between formats trivially.

The other goal is to get some practice with Go generics and probably WASM.

You know, #VyOS really doesn't seem happy when you try to add 65,536 static routes to its config. Sorta slow.

VyOS is unfortunately becoming more and more isolated. They now even have an EULA - doesn't that contradict the GNU GPL?
I can understand the commercial interests behind it, but I think it's a shame.

https://forum.vyos.io/t/doesnt-the-eula-contradict-the-gnu-gpl-is-vyos-stream-publicly-available/15756

https://blog.vyos.io/vyos-1.4.1-release

I got tired of fussing with #FRR and trying to use it to do VRF's and routing as it really is geared towards Dynamic Routing! Back to #VyOS for the #homelab. I am still using VRRP with 3 FFA routers on my #incus hosts. So as long as my upstream router is up. I can reboot hosts all day long and no internet go down.

VyOS 1.5 is somehow broken for me: Babel does not work at all (not even with the example from the documentation) and with BGP you cannot set a source address for installed routes (possible with route-map set src, but has no effect).

The rolling release seems to be enormously rolling.

Uh!! I'm probably moving to a batteries included router next.. Jesus christ! I don't know why I chose to move to VRF's on the router . I guess the big kids are doing it!! Now I can't get VRF's and the DHCP server to work on #VyOS

Prebuilt images for non-rolling relases are only for paying customers (enterprise only) or active devs, we have a good build process

Here are 3 different pages that link to eachother, each of which are out of date or inaccurate, also we archived closed a build-tool git repo with no note on the replacement, did you check the random blog post from 6 months ago describig the new process? Oh one of the features is mentioned there still isn't ready yet good luck

Oh also please don't distribute the builds you compile because it might look bad here we're going to claim to offer a tool you can pay to use instead dont worry it is fine