[Vyatta-users] glendale problems my 1st view
Got around to doing some more testing and all is looking much better. The md5 auth is now working following the advice given earlier. 00:11:22.589724 IP (tos 0xc0, ttl 1, id 6646, offset 0, flags [none], length: 80) 172.16.10.111 224.0.0.5: OSPFv2, Hello (1), length: 44 Router-ID: 172.16.10.111, Backbone Area, Authentication Type: MD5 (2) Key-ID: 1, Auth-Length: 16, Crypto Sequence Number: 0x47a51bca Options: [External] Hello Timer: 10s, Dead Timer 40s, Mask: 255.255.255.0, Priority: 1 Designated Router 172.16.10.111 00:11:32.593896 IP (tos 0xc0, ttl 1, id 6647, offset 0, flags [none], length: 80) 172.16.10.111 224.0.0.5: OSPFv2, Hello (1), length: 44 Router-ID: 172.16.10.111, Backbone Area, Authentication Type: MD5 (2) Key-ID: 1, Auth-Length: 16, Crypto Sequence Number: 0x47a51bd4 Options: [External] Hello Timer: 10s, Dead Timer 40s, Mask: 255.255.255.0, Priority: 1 Designated Router 172.16.10.111 ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
5. any help on the CLI regardless of level show bash options vrs th vyatta engine options. (confusing to say the least ) If you're logged in as root, you'll get Unix commands listed as well as Vyatta commands during tab completion/help. However, if you're an admin level user, you'll just see the Vyatta command set. You can still issue Unix commands; you'll just need to enter them directly. Justin ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
#3 - I agree, please bring back my beloved ?! Its an automatic reflex to hit ? whenever I'm in a router. I end up hitting it 3 or 4 times before I realize that its echoing the char to the screen rather than activating help. That and the new CLI being mildly confusing (i'm adjusting to it) are my only two complaints so far. -- Aubrey Wells Senior Engineer Shelton | Johns Technology Group A Vyatta Ready Partner www.sheltonjohns.com On Jan 28, 2008, at 10:03 PM, Ken Felix (C) wrote: 1. Still todate, OSPF md authenication is not enable or even configurable 2. System uptime is now show via show version show system uptime 3. system help now requires a tab vrs the previous question mark on the CLI, I thought this was confusing at first 4. system configuration like for protocols ospf is slightly different vrs vc3 5. any help on the CLI regardless of level show bash options vrs th vyatta engine options. (confusing to say the least ) ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
Frankly I miss the ? and space auto-completion too, but am slowly getting use to the tabtab. Given that the new cli is integrated with bash and ? has special meaning to bash, then it probably limits our usage of ? for help. stig _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aubrey Wells Sent: Tuesday, January 29, 2008 7:48 AM To: Ken Felix (C) Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] glendale problems my 1st view #3 - I agree, please bring back my beloved ?! Its an automatic reflex to hit ? whenever I'm in a router. I end up hitting it 3 or 4 times before I realize that its echoing the char to the screen rather than activating help. That and the new CLI being mildly confusing (i'm adjusting to it) are my only two complaints so far. -- Aubrey Wells Senior Engineer Shelton | Johns Technology Group A Vyatta Ready Partner www.sheltonjohns.com On Jan 28, 2008, at 10:03 PM, Ken Felix (C) wrote: 1. Still todate, OSPF md authenication is not enable or even configurable 2. System uptime is now show via show version show system uptime 3. system help now requires a tab vrs the previous question mark on the CLI, I thought this was confusing at first 4. system configuration like for protocols ospf is slightly different vrs vc3 5. any help on the CLI regardless of level show bash options vrs th vyatta engine options. (confusing to say the least ) ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
Aubrey, when you say it's mildly confusing, what are you referring to? -- Dave _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aubrey Wells Sent: Tuesday, January 29, 2008 7:48 AM To: Ken Felix (C) Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] glendale problems my 1st view #3 - I agree, please bring back my beloved ?! Its an automatic reflex to hit ? whenever I'm in a router. I end up hitting it 3 or 4 times before I realize that its echoing the char to the screen rather than activating help. That and the new CLI being mildly confusing (i'm adjusting to it) are my only two complaints so far. -- Aubrey Wells Senior Engineer Shelton | Johns Technology Group A Vyatta Ready Partner www.sheltonjohns.com On Jan 28, 2008, at 10:03 PM, Ken Felix (C) wrote: 1. Still todate, OSPF md authenication is not enable or even configurable 2. System uptime is now show via show version show system uptime 3. system help now requires a tab vrs the previous question mark on the CLI, I thought this was confusing at first 4. system configuration like for protocols ospf is slightly different vrs vc3 5. any help on the CLI regardless of level show bash options vrs th vyatta engine options. (confusing to say the least ) ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
I guess its just so wildly different than any other router I've ever been on that it threw me for a loop with the bash integration. After reading the docs, it just talks about the new CLIs benefits, it bever actually says hey dummy, you just need to type your commands at the shell I had to look at an example section and realize that that was a bash prompt. There was also something in the docs about it being called the vshell so i was searching for a vshell command to dump me in to the cli. I guess its mostly the initial fumbling of how to get to the thing, and now its just adjusting to not having a distinct router CLI. Its probably just culture shock and I'll get over it. -- Aubrey Wells Senior Engineer Shelton | Johns Technology Group A Vyatta Ready Partner www.sheltonjohns.com On Jan 29, 2008, at 12:11 PM, Dave Roberts wrote: Aubrey, when you say it's mildly confusing, what are you referring to? -- Dave From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] ] On Behalf Of Aubrey Wells Sent: Tuesday, January 29, 2008 7:48 AM To: Ken Felix (C) Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] glendale problems my 1st view #3 - I agree, please bring back my beloved ?! Its an automatic reflex to hit ? whenever I'm in a router. I end up hitting it 3 or 4 times before I realize that its echoing the char to the screen rather than activating help. That and the new CLI being mildly confusing (i'm adjusting to it) are my only two complaints so far. -- Aubrey Wells Senior Engineer Shelton | Johns Technology Group A Vyatta Ready Partner www.sheltonjohns.com On Jan 28, 2008, at 10:03 PM, Ken Felix (C) wrote: 1. Still todate, OSPF md authenication is not enable or even configurable 2. System uptime is now show via show version show system uptime 3. system help now requires a tab vrs the previous question mark on the CLI, I thought this was confusing at first 4. system configuration like for protocols ospf is slightly different vrs vc3 5. any help on the CLI regardless of level show bash options vrs th vyatta engine options. (confusing to say the least ) ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
[Vyatta-users] glendale problems my 1st view
I'm going to retry the md5 auth this afternoon when I get some more vyatta console time ;) Other then these immediate issues, it's been holding stable. I have to recheck, BGP4 and ipsec, and then know for sure are is good. I'm assuming at some later date , a new vyatta user guide will be post ? Now that some small difference in the new vrs previous release commands syntax, will people be ableto upload their previous configs into let's say glendale and onwards, and will it work? or what problems could creep up during a upgrade? ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
Frankly I miss the ? and space auto-completion too, but am slowly getting use to the tabtab. Given that the new cli is integrated with bash and ? has special meaning to bash, then it probably limits our usage of ? for help. stig _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aubrey Wells Sent: Tuesday, January 29, 2008 7:48 AM To: Ken Felix (C) Cc: vyatta-users@mailman.vyatta.com Subject: Re: [Vyatta-users] glendale problems my 1st view #3 - I agree, please bring back my beloved ?! Its an automatic reflex to hit ? whenever I'm in a router. I end up hitting it 3 or 4 times before I realize that its echoing the char to the screen rather than activating help. That and the new CLI being mildly confusing (i'm adjusting to it) are my only two complaints so far. Has anyone explored using ~/.inputrc to rebind the ? character to something for auto-completion? It might be possible, to do $if Bash ?: C-IC-I $endif Good call Stephen. I just tried: $if Bash ?: \C-i $endif And now I get the following: [EMAIL PROTECTED] set 1st ? cluster firewallinterfaces policy protocols service system vpn [edit] [EMAIL PROTECTED] set 2nd ? Possible completions: cluster Configure clustering firewall Configure firewall interfacesNetwork interface configuration policyConfigure routing policy protocols Routing protocol configuration service Service configuration systemSystem configuration vpn Configure VPN Maybe we won't have to give up the ?. stig ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
Note also that if the '?' key is bound to auto-completion, the user can still input the '?' character using the readline escape sequence (i.e., in this case Ctrl-v ?). So basically it came down to a choice between these: (1) Keep '?' key as help. To input a '?' character, prefix it with Ctrl-v. (2) Use some other key sequence for help. A '?' character can be entered directly. At that time, (2) was deemed more acceptable than (1), so we currently have (2). An-Cheng An-Cheng Huang wrote: That was the first thing I tried when we started implementing the help system. The problem is when the user actually wants to input a '?' character, how do we rebind the '?' key back to the actual character? I also tried to rebind the key after seeing a quote (assuming '?' characters can only appear in quotes), etc., etc. In the end, this is a limitation in the readline library (which is used by bash for command line input). We _could_ change readline, I suppose, somewhere down the road. An-Cheng ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
In case people don't know about this: instead of '?', a user can get the help text using either of the following two key sequences: Alt = or Alt ?. (These are the default key bindings for possible-completions in readline/bash.) An-Cheng Huang wrote: That was the first thing I tried when we started implementing the help system. The problem is when the user actually wants to input a '?' character, how do we rebind the '?' key back to the actual character? I also tried to rebind the key after seeing a quote (assuming '?' characters can only appear in quotes), etc., etc. In the end, this is a limitation in the readline library (which is used by bash for command line input). We _could_ change readline, I suppose, somewhere down the road. An-Cheng ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
Stig Thormodsrud wrote: #3 - I agree, please bring back my beloved ?! Its an automatic reflex to hit ? whenever I'm in a router. I end up hitting it 3 or 4 times before I realize that its echoing the char to the screen rather than activating help. Has anyone explored using ~/.inputrc to rebind the ? character to something for auto-completion? It might be possible, to do $if Bash ?: C-IC-I $endif Good call Stephen. I just tried: $if Bash ?: \C-i $endif Maybe we won't have to give up the ?. stig That was the first thing I tried when we started implementing the help system. The problem is when the user actually wants to input a '?' character, how do we rebind the '?' key back to the actual character? I also tried to rebind the key after seeing a quote (assuming '?' characters can only appear in quotes), etc., etc. In the end, this is a limitation in the readline library (which is used by bash for command line input). We _could_ change readline, I suppose, somewhere down the road. An-Cheng ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
I vote for #1. Maybe its just because I've been doing this for quite a while, but I would think that most people who would be annoyed about not being able to put a ? in a description or something know how to use the ctrl-v escape like with a cisco. maybe it can be a config option? set system online-help key-rebindings true -- Aubrey Wells Senior Engineer Shelton | Johns Technology Group A Vyatta Ready Partner www.sheltonjohns.com On Jan 29, 2008, at 5:27 PM, An-Cheng Huang wrote: Note also that if the '?' key is bound to auto-completion, the user can still input the '?' character using the readline escape sequence (i.e., in this case Ctrl-v ?). So basically it came down to a choice between these: (1) Keep '?' key as help. To input a '?' character, prefix it with Ctrl-v. (2) Use some other key sequence for help. A '?' character can be entered directly. At that time, (2) was deemed more acceptable than (1), so we currently have (2). An-Cheng An-Cheng Huang wrote: That was the first thing I tried when we started implementing the help system. The problem is when the user actually wants to input a '?' character, how do we rebind the '?' key back to the actual character? I also tried to rebind the key after seeing a quote (assuming '?' characters can only appear in quotes), etc., etc. In the end, this is a limitation in the readline library (which is used by bash for command line input). We _could_ change readline, I suppose, somewhere down the road. An-Cheng ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
I'd vote for #1 also (but my thinking may be warped by over a decade of IOS development using the ? key ;-). The other thing to consider is the principle of least astonishment for the over 100,000 downloads of vyatta before glendale. stig I vote for #1. Maybe its just because I've been doing this for quite a while, but I would think that most people who would be annoyed about not being able to put a ? in a description or something know how to use the ctrl-v escape like with a cisco. maybe it can be a config option? set system online-help key-rebindings true -- Aubrey Wells Senior Engineer Shelton | Johns Technology Group A Vyatta Ready Partner www.sheltonjohns.com On Jan 29, 2008, at 5:27 PM, An-Cheng Huang wrote: Note also that if the '?' key is bound to auto-completion, the user can still input the '?' character using the readline escape sequence (i.e., in this case Ctrl-v ?). So basically it came down to a choice between these: (1) Keep '?' key as help. To input a '?' character, prefix it with Ctrl-v. (2) Use some other key sequence for help. A '?' character can be entered directly. At that time, (2) was deemed more acceptable than (1), so we currently have (2). An-Cheng An-Cheng Huang wrote: That was the first thing I tried when we started implementing the help system. The problem is when the user actually wants to input a '?' character, how do we rebind the '?' key back to the actual character? I also tried to rebind the key after seeing a quote (assuming '?' characters can only appear in quotes), etc., etc. In the end, this is a limitation in the readline library (which is used by bash for command line input). We _could_ change readline, I suppose, somewhere down the road. An-Cheng ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
Re: [Vyatta-users] glendale problems my 1st view
Hi Ken, Let me 1st address point #4. There is a new routing engine that has better performance, better scalability and a lot more features. Because of this the commands for the routing protocols are different. Our initial approach was to try to map the old cli exactly, but in many cases that prevented us from being able to take advantage of the new features (for example we can now support multiple bgp instances, but couldn't do that with the old cli). Another example of a cli change is vrrp which was required if we wanted to support multiple vrrp groups per interface. As for ospf md authentication, the new command for ospf authentication is under the interface (similar to how cisco does it). Try: [EMAIL PROTECTED] set interfaces ethernet eth1 ip ospf authentication md5 key-id 1 md5-key testing123 must add the md5-key for key-id 1 [edit] [EMAIL PROTECTED] commit The warning message must add the md5-key for key-id 1 is a cosmetic bug that can be ignored (bug 2211). Using wireshark I captured an OSPF hello packet and verified that Auth Type is Cryptographic Let me know if that works for you. stig _ From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ken Felix (C) Sent: Monday, January 28, 2008 7:03 PM To: vyatta-users@mailman.vyatta.com Subject: [Vyatta-users] glendale problems my 1st view 1. Still todate, OSPF md authenication is not enable or even configurable 2. System uptime is now show via show version show system uptime 3. system help now requires a tab vrs the previous question mark on the CLI, I thought this was confusing at first 4. system configuration like for protocols ospf is slightly different vrs vc3 5. any help on the CLI regardless of level show bash options vrs th vyatta engine options. (confusing to say the least ) ___ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users