Bug #11142: rc.newwanip restarts VPN services when the IP matches - pfSense - pfSense bugtracker

Custom queries

2.4.5-p1 - Resolved/Closed
2.5.0 - Resolved/Closed
2.5.1 - Resolved/Closed
2.5.2 - Resolved/Closed
2.6.0 - Resolved/Closed
2.7.0 - Resolved/Closed
2.7.1 - All Open Issues
2.7.1 - Resolved/Closed
2.7.2 - Resolved/Closed
2.8.0 - All Open Bugs
2.8.0 - All Open Features
2.8.0 - All Open Issues
2.8.0 - All Open Regressions
2.8.0 - Feedback
2.8.0 - Needs Attention
2.8.0 - New/Confirmed
2.8.0 - Pull Requests
2.8.0 - Regressions affecting 2.7.0
2.8.0 - Resolved/Closed
21.02.2/2.5.1 - Resolved/Closed
21.05 Plus - All Closed Issues
21.05.1 Plus Target - All Closed Issues
21.05.1 Target - All Closed Issues
22.01 Plus - All Closed Issues
22.01 Target - All Closed Issues
22.05 Plus - All Closed Issues
22.05 Target - All Closed Issues
23.01 Plus - All Closed Issues
23.01 Target - All Closed Issues
23.05 Plus - All Closed Issues
23.05 Target - All Closed Issues
23.05.1 Plus - All Closed Issues
23.05.1 Target - All Closed Issues
23.09 Plus - All Closed Issues
23.09 Target - All Closed Issues
23.09.1 Plus - All Closed Issues
23.09.1 Target - All Closed Issues
24.03 Plus - All Closed Issues
24.03 Target - All Closed Issues
24.11 Plus - All Closed Issues
24.11 Plus - All Open Issues
24.11 Plus - Feedback Issues
24.11 Plus - Needs Attention/Work
24.11 Plus - New/Confirmed/In Progress Issues
24.11 Target - All Closed Issues
24.11 Target - All Open Issues
25.01 Plus - All Closed Issues
25.01 Plus - All Open Issues
25.01 Plus - Feedback Issues
25.01 Plus - Needs Attention/Work
25.01 Plus - New/Confirmed/In Progress Issues
25.01 Plus - Pull Request Review
25.01 Plus - Waiting on Merge
25.01 Target - All Closed Issues
25.01 Target - All Open Issues
All Open Issues assigned to Me
All Open Pull Requests
Any Target - All Open Regressions
Any Target - Feedback Issues
CE-Next - All Closed Issues (Move to specific target)
CE-Next - All Open Issues
CE-Next - Feedback (Likely needs target changed)
New Issues by Category - Future Target
New Issues by Category - No Target
New Issues by Category - No Target+Future
No Target - All Open Issues (Base Only)
No Target - New Issues (Base Only)
No Target - New Issues (Base and Packages)
Release Notes - Plus Target Version (DO NOT EDIT)
Release Notes - Target Version (DO NOT EDIT)

Actions

Copy link

Bug #11142

closed

rc.newwanip restarts VPN services when the IP matches

Added by Viktor Gurov almost 4 years ago. Updated almost 3 years ago.

Status:

Resolved

Priority:

Normal

Assignee:

Viktor Gurov

Category:

Interfaces

Target version:

2.5.0

Start date:

12/08/2020

Due date:

% Done:

100%

Estimated time:

Plus Target Version:

Release Notes:

Affected Version:

2.4.5-p1

Affected Architecture:

Description

If DHCP on WAN interface receives the same IP, rc.newwanip restarts all services:
https://github.com/pfsense/pfsense/blob/186ef8568345d216688e56e06ba08e02c44b1711/src/etc/rc.newwanip#L229

rc.newwanipv6 in more correct in this case and restarts VPN services only if WAN is PPP interface:
https://github.com/pfsense/pfsense/blob/186ef8568345d216688e56e06ba08e02c44b1711/src/etc/rc.newwanipv6#L156

Related issues

Related to Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state

Closed

Actions

Issue # Delay: days Cancel

History
Notes
Property changes
Associated revisions

Actions

Copy link

Updated by Viktor Gurov almost 4 years ago

https://gitlab.netgate.com/pfSense/pfSense/-/merge_requests/81

Actions

Copy link

Updated by Renato Botelho almost 4 years ago

Status changed from New to Feedback
Assignee set to Viktor Gurov
Target version set to 2.5.0

PR has been merged. Thanks!

Actions

Copy link

Updated by Viktor Gurov almost 4 years ago

% Done changed from 0 to 100

Applied in changeset 27f89b066752d433844279d3101f01cb64057c7b.

Actions

Copy link

Updated by Danilo Zrenjanin almost 4 years ago

Tested on:

2.5.0-DEVELOPMENT (amd64)
built on Thu Dec 10 03:02:47 EST 2020
FreeBSD 12.2-STABLE

It doesn't restart services anymore if the IP address stays the same after DHCP renewal, that's fine.

However, it still restarts services if you make any change at the WAN interface, no matter if you didn't change the IP address(even if you just hit apply at the wan interface without changes). Maybe there is room for improvement too.

Actions

Copy link

Updated by Alhusein Zawi almost 4 years ago

Danilo Zrenjanin wrote:

Tested on:
[...]

It doesn't restart services anymore if the IP address stays the same after DHCP renewal, that's fine.

However, it still restarts services if you make any change at the WAN interface, no matter if you didn't change the IP address(even if you just hit apply at the wan interface without changes). Maybe there is room for improvement too.

ipsec tunnel will be restarted if you hit apply at any interface. (log file shows Restarting ipsec tunnels)
applied the same steps on 2.4.5-p1 and it shows same results .
log file shows "Restarting ipsec tunnels" , ipsec tunnel in status>Ipsec is not interrupted.

Actions

Copy link

Updated by Viktor Gurov almost 4 years ago

Status changed from Feedback to Resolved

Alhusein Zawi wrote:

Danilo Zrenjanin wrote:

ipsec tunnel will be restarted if you hit apply at any interface. (log file shows Restarting ipsec tunnels)
applied the same steps on 2.4.5-p1 and it shows same results .
log file shows "Restarting ipsec tunnels" , ipsec tunnel in status>Ipsec is not interrupted.

This is another issue, please create a ticket
Original issue is resolved

Actions

Copy link

Updated by Scott Silver almost 3 years ago

Pretty sure this breaks gateway monitoring when the WAN comes back on the same IP.

See https://redmine.pfsense.org/issues/11570?next_issue_id=11567&prev_issue_id=11572

Perhaps is there a fix where we only don't restart the ip tunnels but continue to restart the gateway monitoring?

Actions

Copy link

Updated by Viktor Gurov almost 3 years ago

Related to Regression #11570: Gateway monitoring services is not always restarted on interface events, which may prevent a WAN from recovering back to an online state added

Actions

Copy link

Updated by Viktor Gurov almost 3 years ago

original user issue:

"We've noticed every X hours that services restart on our pfSense FW and this results in people being kicked off the VPN.
This pfSense FW runs in AWS and has 2 interfaces rather than 1.
Log entries:

check_reload_status        rc.newwanip starting ixv1

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense

Custom queries

Bug #11142

rc.newwanip restarts VPN services when the IP matches

Updated by Viktor Gurov almost 4 years ago

Updated by Renato Botelho almost 4 years ago

Updated by Viktor Gurov almost 4 years ago

Updated by Danilo Zrenjanin almost 4 years ago

Updated by Alhusein Zawi almost 4 years ago

Updated by Viktor Gurov almost 4 years ago

Updated by Scott Silver almost 3 years ago

Updated by Viktor Gurov almost 3 years ago

Updated by Viktor Gurov almost 3 years ago