Actions
Bug #13354
open
Tinc VPN causes constant gateway up/down events, packages restarts and filter reloads
Status:
New
Priority:
Normal
Assignee:
-
Category:
Tinc
Target version:
-
Start date:
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Affected Version:
Affected Plus Version:
Affected Architecture:
Description
The latest pfSense Plus version broke the tinc VPN: When tinc connects it generates an event:
Netgate pfSense Plus package system has detected an IP change or dynamic WAN reconnection - x.x.x.x -> x.x.x.x - Restarting packages.
and you can probably guess what happens next: Tinc is restarted, causes a down event and then everything starts again. As the filter reload still causes latency spikes and packet loss (that was supposed to be fixed aswell, of course it isn't) that basically brings the entire network to a halt every few seconds.
My tinc interface up script looks like this:
ifconfig $INTERFACE x.x.x.x netmask 255.255.255.0 ifconfig $INTERFACE group pkg_tinc ifconfig tap0.2 create ifconfig tap0.2 y.y.y.y netmask 255.255.255.0 vlan 2 vlandev $INTERFACE ifconfig tap0 down ifconfig tap0.2 down
interface down looks like this:
ifconfig tap0 down ifconfig tap0.2 down
Host up:
ifconfig tap0 up ifconfig tap0.2 up
Host down:
ifconfig tap0 down ifconfig tap0.2 down
Commenting out
restart_packages()
in /etc/rc.newwanip stops this madness, a better solution would probably be something like
if (substr($interface, 0, 3) != "tap") {
restart_packages();
}
just in case someone also wants to work around this on their own. Ideally it is checked if that interface is part of the pkg_tinc-group and then the restart of tinc is skipped, that should be already sufficient to fix this.
Updated by Jim Pingle over 2 years ago
- Project changed from pfSense to pfSense Packages
- Category changed from VPN (Multiple Types) to Tinc
- Release Notes deleted (
Default)
Actions