I saw the alert about DNS security vulnerabilities and decided to upgrade to 5.x.
Imagine my surprise when the switch configuration is gone from the router and the Luci interface? Even the swconfig command is gone.
All my VLANs are gone.
This is crazy not to warn the users about this huge change. I would never have considered the upgrade if the notes had included a warning about switch configurations (including vlans) going away.
A big thumbs down guys…
I see there’s a thread here: Turris Omnia - VLAN on TOS 4.x/5.x I’ll review that but it looks like the really easy and powerful switch configuration that I really enjoyed with my Turris Omnia is gone (along with my entire weekend I guess)… I guess it’s time to migrate to something with a bit more support.
If you read it thoroughly, you would have recognised that there is also an update for TurrisOS 3.x which fixes the DNS vulnerability. And if you used Turris standard DNS configuration you wouldn’t have had the need to update at all (as TurrisOS uses knot resolver instead of dnsmasq).
And besides that - the basic information @protree linked solves your problem…
Yes, digging around I was able to get my network working again on 5.x but it sure would have been nice if this change was mentioned here: https://docs.turris.cz/geek/tos3-migration/
Admittedly it does say “Be prepared that some packages and features you are used to have might no longer be there.” but it’s hard to prepare when you don’t know what’s going away.
I’ll accept the page @protree links to is a reasonable solution, but more explanation about how the “switch” goes away in this upgrade would be very useful, each physical port becoming it’s own interface should be made clear for example. The changes are all good really!
As to why I’m running dnsmasq I have no idea but it was (and is) running alongside kresd. If this was a change I’ve made then I have forgotten all about it.
You‘re not the only one, there‘s a post like yours about twice a month on this forum, so I think there is a problem in communication, too…
The vulnerabilities were found in the DNS part of dnsmasq. In Turris OS Standard Configuration kresd is used for DNS and dnsmasq is only used for DHCP.