It looks as though HTTP(S)-API VRF support was added to vyos 1.3.1 via ticket ⚓ T4055 Add VRF support for HTTP(S) API service, however when attempting to set a listen-address that’s on the assigned VRF for the https service, nginx fails to start properly claiming it can’t bind to the address.that’s in use for other VRF services like SSH.

Is this a supported configuration, or is this a bug that I’m looking at?

For reference, I’m using a self-built version of VYOS 1.3.1, Build commit ID: 80dff86d9522a0

Have you tried this command?
set vrf bind-to-all

I have, and this allows the API to function on both the VRF interface and the non-VRF interfaces, however nginx still fails to start properly - claiming it’s unable to bind to the VRF interface when attempting to set a virtual-host listen address.

I would expect the behaviour here to be similar to the behaviour seen with SSH, where you can specify that SSH uses the vrf, but also set the listen-address that’s within the VRF. Is that a valid expectation?

Looks like this was fixed at some point between the build I was running on the date of this post and the build I just did this week. All seems well here!

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.