Hello all,
we are using VyOS a lot but have not seen the following problem on other installations.
The machine we are talking about has an ethernet adapter and multiple VPN (IPsec and OpenVPN) running on top. After some time (days or weeks) incoming packets from the ethernet are not being forwarded to the VPN adapters anymore. The RIB and FIB are still correct but packets get somehow dropped. In the conntrack table you still can see that the incoming packet is tracked correctly.
There is a firewall with zone policies configured but the rules are ok. (It works for some days)
The interesting thing is also that only packets which come in via the ethernet are affected.
If the machine is in that status the opposite direction still works.
The difference on this machine compared to most of our other machines is that IPsec is used.
We have not seen the problem on the old 1.1.8 version.
But it started with the 1.2.x version.
Does anybody else had/have a similar problem?
Best Regards
Markus