I’m not sure if this could be a migration bug or the existing configuration isn’t supported in the current rolling release.
If I have the following basic 1.3 configuration:
interfaces {
ethernet eth0 {
address dhcp
hw-id 00:0c:29:68:05:78
policy {
route tcp-clamping
}
}
loopback lo {
}
}
policy {
route tcp-clamping {
rule 100 {
protocol tcp
set {
tcp-mss 1452
}
tcp {
flags SYN
}
}
}
}
service {
ssh {
port 22
}
}
system {
config-management {
commit-revisions 100
}
conntrack {
modules {
ftp
h323
nfs
pptp
sip
sqlnet
tftp
}
}
console {
device ttyS0 {
speed 115200
}
}
host-name vyos
login {
user vyos {
authentication {
encrypted-password ****************
plaintext-password ****************
}
}
}
name-server 8.8.8.8
ntp {
server time1.vyos.net {
}
server time2.vyos.net {
}
server time3.vyos.net {
}
}
syslog {
global {
facility all {
level info
}
facility protocols {
level debug
}
}
}
}
Migrating to the latest 1.4-rolling-202302010317-amd64 release shows the following:
Feb 1 15:37:03 vyos vyos-router[1004]: Starting VyOS router: migrate configure
Feb 1 15:37:03 vyos vyos-router[1882]: failed!
Feb 1 15:37:03 vyos systemd[1]: Reloading.
Feb 1 15:37:03 vyos vyos-config[1010]: Configuration error
The resulting configuration after migrating is as follows:
interfaces {
ethernet eth0 {
address dhcp
hw-id 00:0c:29:68:05:78
}
loopback lo {
}
}
policy {
}
service {
ntp {
allow-client {
address 0.0.0.0/0
address ::/0
}
server time1.vyos.net {
}
server time2.vyos.net {
}
server time3.vyos.net {
}
}
ssh {
port 22
}
}
system {
config-management {
commit-revisions 100
}
conntrack {
modules {
ftp
h323
nfs
pptp
sip
sqlnet
tftp
}
}
console {
device ttyS0 {
speed 115200
}
}
host-name vyos
login {
user vyos {
authentication {
encrypted-password ****************
plaintext-password ****************
}
}
}
name-server 8.8.8.8
syslog {
global {
facility all {
level info
}
facility protocols {
level debug
}
}
}
}
The policy section doesn’t seem to be migrated.
Do I need to switch to using ip adjust-mss on the interface for 1.4 rather than policies?