Bug #12867
closed
In some cases, incorrect subnet settings prevent static routes from being set correctly after a system restart.
0%
Description
After a simple analysis, it seems that the problem is in the following code range. I suspect it is pfSense_interface_setaddress, because I used the subnet result of /30 to check ifconfig and found that /32 was allocated.
[22.01-RELEASE][root@pfSense.home.arpa]/var/log: ifconfig igb2
igb2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: IPLCWan
options=e527bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
ether 00:25:90:ba:0f:f2
inet6 fe80::225:90ff:feba:ff2%igb2 prefixlen 64 scopeid 0x3
inet XXX.XXX.XXX.XXX netmask 0xffffffff broadcast XXX.XXX.XXX.XXX
inet XXX.XXX.XXX.XXX netmask 0xfffffffc broadcast XXX.XXX.XXX.XXX
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
[22.01-RELEASE][root@pfSense.home.arpa]/var/log: ifconfig igb2 inet XXX.XXX.XXX.XXX/30
[22.01-RELEASE][root@pfSense.home.arpa]/var/log: ifconfig igb2
igb2: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: IPLCWan
options=e527bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,WOL_MAGIC,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6>
ether 00:25:90:ba:0f:f2
inet6 fe80::225:90ff:feba:ff2%igb2 prefixlen 64 scopeid 0x3
inet XXX.XXX.XXX.XXX netmask 0xfffffffc broadcast XXX.XXX.XXX.XXX
inet XXX.XXX.XXX.XXX netmask 0xfffffffc broadcast XXX.XXX.XXX.XXX
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
switch ($wancfg['ipaddr']) {
case 'dhcp':
interface_dhcp_configure($interface);
break;
case 'pppoe':
case 'l2tp':
case 'pptp':
case 'ppp':
interface_ppps_configure($interface);
break;
default:
/* XXX: Kludge for now related to #3280 */
if (!in_array($tunnelif, array("gif", "gre", "ovp", "ips"))) {
if (is_ipaddrv4($wancfg['ipaddr']) && $wancfg['subnet'] <> "") {
pfSense_interface_setaddress($realif, "{$wancfg['ipaddr']}/{$wancfg['subnet']}");
}
}
break;
}Files
Updated by Jim Pingle over 3 years ago
- Status changed from New to Incomplete
- Priority changed from High to Low
There isn't enough information here. You haven't clearly defined the actual problem or the steps to reproduce it, only what you think the cause and solution might be. What is your defined interface address? What static route are you trying to add? What actually fails? What error messages do you see?
You need to discuss and diagnose this on the forum until a more accurate problem description and determination can be made: https://forum.netgate.com
Updated by RUI YUAN over 3 years ago
- File bug1.png bug1.png added
- File bug2.png bug2.png added
- File bug3.png bug3.png added
- File bug4.png bug4.png added
- File bug5.png bug5.png added
- File bug6.png bug6.png added
Jim Pingle wrote in #note-1:
There isn't enough information here. You haven't clearly defined the actual problem or the steps to reproduce it, only what you think the cause and solution might be. What is your defined interface address? What static route are you trying to add? What actually fails? What error messages do you see?
You need to discuss and diagnose this on the forum until a more accurate problem description and determination can be made: https://forum.netgate.com
I set up an interface and set up 2 IPs: IPV4 and Virtual Ips bug2.png
Then I execute reboot.
The gateway status after restart is:bug4.png
Then I check the gateway settings:bug3.png
Then I check the configuration of the interface: bug1.png
I found out that the netmask of the interface's ip address (ipv4 configuration) is not the correct fffffffc but the wrong ffffffff(bug1.png)
I set the netmask to be correct: bug5.png
Gateway works fine bug6.png
During startup:
Setting up static routes...
route: writing to routing socket: Network is unreachable
Updated by RUI YUAN over 3 years ago
Jim Pingle wrote in #note-1:
There isn't enough information here. You haven't clearly defined the actual problem or the steps to reproduce it, only what you think the cause and solution might be. What is your defined interface address? What static route are you trying to add? What actually fails? What error messages do you see?
You need to discuss and diagnose this on the forum until a more accurate problem description and determination can be made: https://forum.netgate.com
That is to say, I set interface netmask /30, but after restarting and reading config.xml, the mask will become /32 (ifconfig)
This is incorrect. I checked config.xml and the configuration inside is correct.
Updated by Jim Pingle over 3 years ago
I tried to recreate the problem and could not. My subnet mask was always applied correctly. There must be something else in your configuration causing the problem but there is still not enough information to go on.
Again, please take this to the forum as this is not the place to diagnose your problem. When you create a forum thread, include all of the information posted here, plus portions of the config.xml for the interface, VIP, and gateway configuration.
Updated by RUI YUAN over 3 years ago
Jim Pingle wrote in #note-4:
I tried to recreate the problem and could not. My subnet mask was always applied correctly. There must be something else in your configuration causing the problem but there is still not enough information to go on.
Again, please take this to the forum as this is not the place to diagnose your problem. When you create a forum thread, include all of the information posted here, plus portions of the config.xml for the interface, VIP, and gateway configuration.
I have found the problem by debugging, it is due to the L2TP client, in the interface_ppps_configure function
/* configure interface */
if (is_ipaddr($localips[$pid])) {
// Manually configure interface IP/subnet
pfSense_interface_setaddress($port, "{$localips[$pid]}/{$subnets[$pid]}"); // !!!!!here!!!!!
interfaces_bring_up($port);
} elseif (empty($localips[$pid])) {
$localips[$pid] = get_interface_ip($port); // try to get the interface IP from the port
}
This setting overrides the ip address of the interface, which is the crux of the problem.
I don't think the l2tp configuration should override the interface's ip address
Updated by Jim Pingle over 3 years ago
- Status changed from Incomplete to Not a Bug
The primary use case for L2TP is for L3 connectivity to an ISP, not as an L2TP VPN. For those using it as an ISP auth mechanism, the settings from the L2TP client are the priority.
In this case you configured it with conflicting information, so it did what it thought was best. Neither tactic is ideal from a user perspective (interface clobbering L2TP or L2TP clobbering the interface) but allowing the L2TP settings to have priority is in line with the intended use cases for L2TP.