Actions
Bug #12857
open
Firewall gateway goes away when making changes to Bridge0 device
Status:
New
Priority:
Normal
Assignee:
-
Category:
Gateways
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Default
Affected Version:
Affected Architecture:
amd64
Description
PFSense Plus Version: 22.01-RELEASE
HW: Netgate 6100
BIOS: CORDOBA-02.01.00.05t
Summary: When running PFSense with a Filtered Bridge with IPv4 address on the bridge device, with only one IPv4 gateway configured, saving changes to Bridge0 (ie members, cache, etc.) causes PFSense to lose its gateway.
Symptoms: After making changes, PFSense is no longer able to check for updates, ping outside its subnet, or view/download packages.
Work-around: Go to Gateway Edit page, make no changes, select "Save" and "Apply" - Gateway is restored, updates, package downloads, pings outside subnet resume working.
Attached are a working (before edit of bridge0) and non-working (after edit of bridge0) status output tarballs. Was working with Marcos M on this.
Updated by Ryan Coleman almost 3 years ago
- Plus Target Version set to 22.01
- Affected Version deleted (
2.2)
Updated by Viktor Gurov almost 3 years ago
Can't reproduce this on pfSense CE 2.7.0 (2.7.0.a.20220224.0600)
Not tested on 22.01/2.6, but it may be related to hardware appliances.
Updated by Jim Pingle almost 3 years ago
- File deleted (
status_output-notworking.tgz)
Updated by Jim Pingle almost 3 years ago
- File deleted (
status_output-working.tgz)
Updated by Marcos M almost 3 years ago
After re-saving bridge configuration, default gateway is removed from routing table:
Feb 22 07:37:26 pf php-fpm[2325]: /interfaces_bridge_edit.php: Configuration Change: admin@99.72.x.x (Local Database): Bridge interface created Feb 22 07:37:26 pf kernel: igc1: promiscuous mode disabled Feb 22 07:37:26 pf kernel: ix0: promiscuous mode disabled Feb 22 07:37:26 pf kernel: ix1: promiscuous mode disabled Feb 22 07:37:26 pf kernel: bridge0: link state changed to DOWN Feb 22 07:37:26 pf kernel: bridge0: Ethernet address: 02:39:db:1d:30:00 Feb 22 07:37:26 pf kernel: bridge0: link state changed to UP Feb 22 07:37:26 pf kernel: ix1: promiscuous mode enabled Feb 22 07:37:26 pf kernel: ix0: promiscuous mode enabled Feb 22 07:37:26 pf kernel: igc1: promiscuous mode enabled Feb 22 07:37:26 pf check_reload_status[327]: Syncing firewall Feb 22 07:37:26 pf kernel: arpresolve: can't allocate llinfo for 99.72.y.y on bridge0 Feb 22 07:37:26 pf kernel: arpresolve: can't allocate llinfo for 99.72.y.y on bridge0 Feb 22 07:37:26 pf kernel: arpresolve: can't allocate llinfo for 99.72.y.y on bridge0 Feb 22 07:37:26 pf kernel: arpresolve: can't allocate llinfo for 99.72.y.y on bridge0 Feb 22 07:37:26 pf kernel: arpresolve: can't allocate llinfo for 99.72.y.y on bridge0 Feb 22 07:37:26 pf kernel: arpresolve: can't allocate llinfo for 99.72.y.y on bridge0 Feb 22 07:37:26 pf kernel: arpresolve: can't allocate llinfo for 99.72.y.y on bridge0
After re-saving gateway, default gateway is re-added to routing table.
Feb 22 05:02:39 pf kernel: arpresolve: can't allocate llinfo for 99.72.y.y on bridge0 Feb 22 05:02:39 pf kernel: arpresolve: can't allocate llinfo for 99.72.y.y on bridge0 Feb 22 05:02:55 pf php-fpm[2325]: /system_gateways.php: Configuration Change: admin@99.72.x.x (Local Database): System - Gateways: save default gateway Feb 22 05:02:55 pf check_reload_status[327]: Syncing firewall Feb 22 05:02:55 pf php-fpm[2325]: /system_gateways.php: Beginning configuration backup to https://acb.netgate.com/save Feb 22 05:02:58 pf php-fpm[93803]: /system_gateways.php: Default gateway setting BridgeGW as default. Feb 22 05:03:00 pf check_reload_status[327]: Reloading filter Feb 22 05:03:00 pf check_reload_status[327]: Updating all dyndns Feb 22 05:03:01 pf php-fpm[46481]: /rc.filter_configure_sync: The gateway: WAN_DHCP is invalid or unknown, not using it. Feb 22 05:03:21 pf php[2900]: /usr/local/sbin/acbupload.php: End of configuration backup to https://acb.netgate.com/save (success). Feb 22 05:03:35 pf php[2900]: /usr/local/sbin/acbupload.php: End of configuration backup to https://acb.netgate.com/save (success).
Interfaces:
igc1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: IOTNetwork
options=e120bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWFILTER,RXCSUM_IPV6,TXCSUM_IPV6>
capabilities=f53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,NETMAP,RXCSUM_IPV6,TXCSUM_IPV6>
ether 90:ec:77:21:2c:a1
inet6 fe80::92ec:77ff:fe21:2ca1%igc1 prefixlen 64 scopeid 0x2
media: Ethernet autoselect
status: no carrier
supported media:
media autoselect
media 2500Base-T
media 1000baseT
media 1000baseT mediaopt full-duplex
media 100baseTX mediaopt full-duplex
media 100baseTX
media 10baseT/UTP mediaopt full-duplex
media 10baseT/UTP
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
ix0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LionNetworks
options=e138bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,RXCSUM_IPV6,TXCSUM_IPV6>
capabilities=f53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,NETMAP,RXCSUM_IPV6,TXCSUM_IPV6>
ether 90:ec:77:21:2c:9e
inet6 fe80::92ec:77ff:fe21:2c9e%ix0 prefixlen 64 scopeid 0x5
media: Ethernet autoselect (10Gbase-Twinax <full-duplex,rxpause,txpause>)
status: active
supported media:
media autoselect
media 10Gbase-Twinax
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
plugged: SFP/SFP+/SFP28 Unknown (Copper pigtail)
vendor: OEM PN: SFP-H10GB-CU3M SN: CSC210605850055 DATE: 2021-06-29
SFF8472 DUMP (0xA0 0..127 range):
03 04 21 00 00 00 00 00 04 00 00 00 67 00 00 00
00 00 03 00 4F 45 4D 20 20 20 20 20 20 20 20 20
20 20 20 20 00 00 40 20 53 46 50 2D 48 31 30 47
42 2D 43 55 33 4D 20 20 52 20 20 20 01 00 00 F7
00 00 00 00 43 53 43 32 31 30 36 30 35 38 35 30
30 35 35 20 32 31 30 36 32 39 20 20 00 00 00 D2
81 00 11 C1 95 79 AC 91 3A 24 16 45 55 16 6F 9D
51 0F 58 00 00 00 00 00 00 00 00 00 82 09 02 0E
ix1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: WAN
options=e138bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,RXCSUM_IPV6,TXCSUM_IPV6>
capabilities=f53fbb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_UCAST,WOL_MCAST,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,NETMAP,RXCSUM_IPV6,TXCSUM_IPV6>
ether 90:ec:77:21:2c:9f
inet6 fe80::92ec:77ff:fe21:2c9f%ix1 prefixlen 64 scopeid 0x6
media: Ethernet autoselect (10Gbase-Twinax <full-duplex,rxpause,txpause>)
status: active
supported media:
media autoselect
media 10Gbase-Twinax
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
plugged: SFP/SFP+/SFP28 Unknown (Copper pigtail)
vendor: OEM PN: SFP-H10GB-CU3M SN: CSC210605850151 DATE: 2021-06-29
SFF8472 DUMP (0xA0 0..127 range):
03 04 21 00 00 00 00 00 04 00 00 00 67 00 00 00
00 00 03 00 4F 45 4D 20 20 20 20 20 20 20 20 20
20 20 20 20 00 00 40 20 53 46 50 2D 48 31 30 47
42 2D 43 55 33 4D 20 20 52 20 20 20 01 00 00 F7
00 00 00 00 43 53 43 32 31 30 36 30 35 38 35 30
31 35 31 20 32 31 30 36 32 39 20 20 00 00 00 CF
81 00 11 6E 5B 4F E4 0E A6 EA 14 2A 2B EF 26 1D
7E 13 B8 00 00 00 00 00 00 00 00 00 07 34 AF 8C
bridge0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LionNetBridge
ether 46:30:5a:ce:0f:ac
inet 99.72.x.x netmask 0xffffffc0 broadcast 99.72.z.z
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 2000 timeout 1200
root id 00:00:00:00:00:00 priority 32768 ifcost 0 port 0
member: igc1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 2 priority 128 path cost 2000000
member: ix0 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 5 priority 128 path cost 2000
member: ix1 flags=143<LEARNING,DISCOVER,AUTOEDGE,AUTOPTP>
ifmaxaddr 0 port 6 priority 128 path cost 2000
groups: bridge
nd6 options=1<PERFORMNUD>
Actions