Actions
Bug #12995
closed
Installing stunnel only on the primary HA node leads to php crashes and sync issues
Status:
Resolved
Priority:
Normal
Assignee:
Viktor Gurov
Category:
stunnel
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:
Description
Tested on 22.05.a.20220328.0600.
- Install stunnel on primary node
- Force xmlrpc sync
sync fails and the secondary node reports the following crash:
PHP ERROR: Type: 64, File: /usr/local/www/xmlrpc.php(147) : eval()'d code, Line: 1, Message: require_once(): Failed opening required '/usr/local/pkg/stunnel.inc' (include_path='.:/etc/inc:/usr/local/pfSense/include:/usr/local/pfSense/include/www:/usr/local/www:/usr/local/captiveportal:/usr/local/pkg:/usr/local/www/classes:/usr/local/www/classes/Form:/usr/local/share/pear:/usr/local/share/openssl_x509_crl/') @ 2022-03-28 19:47:33
Installing stunnel on the secondary then forcing a sync then shows:
XMLRPC sync successfully completed with https://10.254.1.2:443/xmlrpc.php. Processing down interface states Running plugins Done Building high availability sync information Building high availability sync information Building high availability sync information The Netgate pfSense Plus software configuration version of the other member could not be determined. Skipping synchronization to avoid causing a problem! The Netgate pfSense Plus software configuration version of the other member could not be determined. Skipping synchronization to avoid causing a problem! Signaling CARP reload signal... XMLRPC sync successfully completed with https://10.254.1.2:443/xmlrpc.php. Building high availability sync information Building high availability sync information The Netgate pfSense Plus software configuration version of the other member could not be determined. Skipping synchronization to avoid causing a problem! The Netgate pfSense Plus software configuration version of the other member could not be determined. Skipping synchronization to avoid causing a problem! Building high availability sync information Signaling CARP reload signal... XMLRPC sync successfully completed with https://10.254.1.2:443/xmlrpc.php. Building high availability sync information Signaling CARP reload signal... XMLRPC sync successfully completed with https://10.254.1.2:443/xmlrpc.php.
and on system logs (likely from syncs not yet timed out):
Mar 28 19:50:37 php-fpm 1294 /rc.filter_synchronize: Beginning XMLRPC sync data to https://10.254.1.2:443/xmlrpc.php. Mar 28 19:51:37 php-fpm 1294 /rc.filter_synchronize: A communications error occurred while attempting to call XMLRPC method host_firmware_version: Request timed out due to default_socket_timeout php.ini setting Mar 28 19:51:37 php-fpm 1294 /rc.filter_synchronize: New alert found: A communications error occurred while attempting to call XMLRPC method host_firmware_version: Request timed out due to default_socket_timeout php.ini setting Mar 28 19:51:37 php-fpm 1294 /rc.filter_synchronize: XMLRPC versioncheck: -- 22.6 Mar 28 19:51:37 php-fpm 1294 /rc.filter_synchronize: The Netgate pfSense Plus software configuration version of the other member could not be determined. Skipping synchronization to avoid causing a problem! Mar 28 19:54:01 check_reload_status 1323 Syncing firewall
Updated by Marcos M over 3 years ago
After the nodes are in sync, xmlrpc syn completes successfully.
Updated by Viktor Gurov over 3 years ago
- Project changed from pfSense to pfSense Packages
- Category changed from XMLRPC to stunnel
- Assignee set to Viktor Gurov
- Release Notes deleted (
Default)
Updated by Jim Pingle over 3 years ago
- Status changed from New to Pull Request Review
Updated by Viktor Gurov over 3 years ago
- Status changed from Pull Request Review to Feedback
Updated by Marcos M over 3 years ago
- Status changed from Feedback to Resolved
Tested on 22.05.a.20220403.0600; works as expected.
Actions