Bug #11142
closed
rc.newwanip restarts VPN services when the IP matches
100%
Description
If DHCP on WAN interface receives the same IP, rc.newwanip restarts all services:
https://github.com/pfsense/pfsense/blob/186ef8568345d216688e56e06ba08e02c44b1711/src/etc/rc.newwanip#L229
rc.newwanipv6 in more correct in this case and restarts VPN services only if WAN is PPP interface:
https://github.com/pfsense/pfsense/blob/186ef8568345d216688e56e06ba08e02c44b1711/src/etc/rc.newwanipv6#L156
Related issues
Updated by Viktor Gurov over 3 years ago
Updated by Renato Botelho over 3 years ago
- Status changed from New to Feedback
- Assignee set to Viktor Gurov
- Target version set to 2.5.0
PR has been merged. Thanks!
Updated by Viktor Gurov over 3 years ago
- % Done changed from 0 to 100
Applied in changeset 27f89b066752d433844279d3101f01cb64057c7b.
Updated by Danilo Zrenjanin over 3 years ago
Tested on:
2.5.0-DEVELOPMENT (amd64) built on Thu Dec 10 03:02:47 EST 2020 FreeBSD 12.2-STABLE
It doesn't restart services anymore if the IP address stays the same after DHCP renewal, that's fine.
However, it still restarts services if you make any change at the WAN interface, no matter if you didn't change the IP address(even if you just hit apply at the wan interface without changes). Maybe there is room for improvement too.
Updated by Alhusein Zawi over 3 years ago
Danilo Zrenjanin wrote:
Tested on:
[...]It doesn't restart services anymore if the IP address stays the same after DHCP renewal, that's fine.
However, it still restarts services if you make any change at the WAN interface, no matter if you didn't change the IP address(even if you just hit apply at the wan interface without changes). Maybe there is room for improvement too.
ipsec tunnel will be restarted if you hit apply at any interface. (log file shows Restarting ipsec tunnels)
applied the same steps on 2.4.5-p1 and it shows same results .
log file shows "Restarting ipsec tunnels" , ipsec tunnel in status>Ipsec is not interrupted.
Updated by Viktor Gurov over 3 years ago
- Status changed from Feedback to Resolved
Alhusein Zawi wrote:
Danilo Zrenjanin wrote:
ipsec tunnel will be restarted if you hit apply at any interface. (log file shows Restarting ipsec tunnels)
applied the same steps on 2.4.5-p1 and it shows same results .
log file shows "Restarting ipsec tunnels" , ipsec tunnel in status>Ipsec is not interrupted.
This is another issue, please create a ticket
Original issue is resolved
Updated by Scott Silver over 2 years ago
Pretty sure this breaks gateway monitoring when the WAN comes back on the same IP.
See https://redmine.pfsense.org/issues/11570?next_issue_id=11567&prev_issue_id=11572
Perhaps is there a fix where we only don't restart the ip tunnels but continue to restart the gateway monitoring?
Updated by Viktor Gurov over 2 years ago
- Related to Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state added
Updated by Viktor Gurov over 2 years ago
original user issue:
"We've noticed every X hours that services restart on our pfSense FW and this results in people being kicked off the VPN.
This pfSense FW runs in AWS and has 2 interfaces rather than 1.
Log entries:
check_reload_status rc.newwanip starting ixv1