Remove "default value" items from configuration

atoy40 · September 30, 2019, 12:58pm

Hello,

Is it possible to exclude configuration item which are set to there default values ?
When I upgrade my vyos image, it seems the saved config also save default (like the “show configuration all” command does)

Thanks.
Anthony.

Dmitry · September 30, 2019, 1:55pm

Hello, what exactly default values? Can you show example?

atoy40 · September 30, 2019, 2:14pm

For example, I had a firewall with some ruleset, and after an upgrade, I had those configs added :
ipv6-receive-redirects disable
ipv6-src-route disable
ip-src-route disable
log-martians enable

And every blocks of the configuration have new items added. It looks like the backup done when you upgrade save a “show configuration all” version

atoy40 · October 1, 2019, 8:30am

I’ve done a test :
I’ve removed all thoses directive setup with their default values into config.boot, and then reboot the box. After that, a “show configuration” doesn’t show thoses directives anymore. But if i “save” (configuration -> save) the config, then all thoses defaults reappear in the config.boot
Is it a normal behavior ??

Anthony.

Dmitry · October 2, 2019, 1:02pm

I think this behavior absolutely normal. Can you tell me, why you need delete default values?

Dmitry · October 2, 2019, 1:24pm

@atoy40 I understood what exactly you mean. If we don’t set all when use command show configuration default values mustn’t appears in output, but its seem appear. I think this bug, and need research this more detailed.

atoy40 · October 3, 2019, 9:46am

why you need delete default values <= because I want my config as simple as possible, so no need to have directives set to their default, espacially when I’ve not manually set thoses directive. They are added “magically” after a save.

And to reply to your second message. the problem is not with show configuration, the problem is when you “save” the config, it add a lot of directives. For example, i’ve this running config :

firewall {
    name admin-v4 {
        default-action reject
        enable-default-log
        rule 1 {
            action accept
            state {
                established enable
                related enable
            }
        }
    }
}

as soon as I save the config, it becomes :

firewall {
    all-ping enable
    broadcast-ping disable
    config-trap disable
    ipv6-receive-redirects disable
    ipv6-src-route disable
    ip-src-route disable
    log-martians enable
    name admin-v4 {
        default-action reject
        enable-default-log
        rule 1 {
            action accept
            state {
                established enable
                related enable
            }
        }
    }
    receive-redirects disable
    send-redirects enable
    source-validation disable
    syn-cookies enable
    twa-hazards-protection disable
}

As you can see, a lot of new directive are added in the config.boot file (and so in the running config after next reboot)

The question is why “save” has added config directives only visible with “show configuration all”

Anthony.