I am unable to find meaningful documentation on the Config-Sync service that VyOS now has. I have a 2 router/firewall setup with VyOS and I’d like to sync their configs but I persistently am getting a Connection Refused upon syncing.
I’ve tried a few different mixes of the configuration, but to no avail. Has anybody gotten this to work successfully? I am on VyOS 1.4-rolling-202404160026
Primary
vyos@SP-C1# show service config-sync
mode load
secondary {
address 10.18.80.2
key Foo
}
section {
protocols {
ospf
}
}
Secondary
vyos@SP-C2# show service https
allow-client {
address 10.18.80.1
}
api {
graphql {
authentication {
expiration 315600
type token
}
introspection
}
keys {
id sync {
key Foo
}
}
}
listen-address 10.18.80.2
Awesome, thanks you two for the replies. I’ll double check my firewall rules and configurations according to that github link when I get back from work.
Tried mode set & load, to no avail. The secondary router’s configuration is a simple HTTPS service configured the same as previously posted but I subtracted the graphql configuration.
I think I may try an earlier version of VyOS, as this is a rolling release image but I had previously built the 1.4 RC.
Both systems MUST be the same version
Works in my test
vyos@r4# set protocols ospf area 0 network 192.0.2.0/30
[edit]
vyos@r4# commit
INFO:vyos_config_sync:Config synchronization: Mode=load, Secondary=192.168.122.11
[edit]
vyos@r4#
Check:
vyos@r4# ssh vyos@192.168.122.11
The authenticity of host '192.168.122.11 (192.168.122.11)' can't be established.
ED25519 key fingerprint is SHA256:6hhF9yKMdVC1DbbR0F5okaRRHd7qSsLImPj/XAnZe2c.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.122.11' (ED25519) to the list of known hosts.
vyos@192.168.122.11's password:
Welcome to VyOS!
┌── ┐
. VyOS 1.5-rolling-202404290019
└ ──┘ current
* Documentation: https://docs.vyos.io/en/latest
* Project news: https://blog.vyos.io
* Bug reports: https://vyos.dev
You can change this banner using "set system login banner post-login" command.
VyOS is a free software distribution that includes multiple components,
you can check individual component licenses under /usr/share/doc/*/copyright
Last login: Tue Apr 30 12:28:19 2024 from 192.168.122.1
vyos@r1-right:~$ show conf com | match ospf
set protocols ospf area 0 network '192.0.2.0/30'
vyos@r1-right:~$