Project

General

Profile

Actions

Feature #13362

open

Update dynamic gateway consumers when their interface is renamed

Added by Fredrick Pettiford over 1 year ago. Updated 14 days ago.

Status:
New
Priority:
Normal
Category:
Routing
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
24.07
Release Notes:
Default

Description

I set up a IPSEC tunnel using VTI mode. Created the Static route and pointed it out the correct gateway. Approx 3 days later the remote user reported that p2 was not passing any traffic. I took a look at the static route and it was greyed out and the GW interface was not present. I edited the static route and selected the VTI as the GW and the tunnel was usable again.

Specs:
This FW is in a HA pair and is currently the master.

Netgate 1541

22.09-DEVELOPMENT (amd64)
built on Thu Jul 14 06:15:53 UTC 2022
FreeBSD 12.3-STABLE

Backup Node Specs:
Netgate 1541

22.09-DEVELOPMENT (amd64)
built on Wed Jul 06 06:14:49 UTC 2022
FreeBSD 12.3-STABLE

As of right now the tunnel is active with no issues and I will continue to monitor.


Related issues

Related to Bug #13723: dpinger doesn't renew Gateway Monitoring IP address for IPsec VTi after changing IPsec VTi subnetConfirmedReid Linnemann

Actions
Actions #1

Updated by Brad Davis over 1 year ago

  • Assignee set to Reid Linnemann
  • Target version set to 23.01
  • Affected Plus Version set to 22.11
Actions #2

Updated by Marcos M over 1 year ago

  • Project changed from pfSense Plus to pfSense
  • Description updated (diff)
  • Category changed from Routing to Routing
  • Status changed from New to Feedback
  • Affected Plus Version deleted (22.11)

If the gateway selection was empty, that could mean the gateway was disabled/renamed at some point. If this happened on the secondary node, it could have been a config sync while maintenance was happening on the primary.

Actions #3

Updated by Jim Pingle over 1 year ago

  • Status changed from Feedback to New
  • Target version deleted (23.01)

If an interface with dynamic gateways is renamed, the dynamic gateways also change names to follow the interface, but there is no code to check if some items using that gateway (routes, rules, groups) needs to follow when that happens.

Actions #4

Updated by Reid Linnemann over 1 year ago

That sounds like the most likely culprit. We should target an enhancement for 23.05 I think.

Actions #5

Updated by Jim Pingle over 1 year ago

  • Tracker changed from Bug to Feature
  • Subject changed from Static route gateway removes itself. to Update dynamic gateway consumers when their interface is renamed
  • Target version set to 2.7.0
  • Plus Target Version set to 23.05
Actions #6

Updated by Reid Linnemann about 1 year ago

  • Related to Bug #13723: dpinger doesn't renew Gateway Monitoring IP address for IPsec VTi after changing IPsec VTi subnet added
Actions #7

Updated by Jim Pingle 11 months ago

  • Plus Target Version changed from 23.05 to 23.09

Doesn't look likely that we'll have time to finish this for 23.05. Moving forward to the next release target.

Actions #8

Updated by Jim Pingle 9 months ago

  • Target version changed from 2.7.0 to CE-Next
Actions #9

Updated by Jim Pingle 6 months ago

  • Plus Target Version changed from 23.09 to 24.01
Actions #10

Updated by Jim Pingle 6 months ago

  • Plus Target Version changed from 24.01 to 24.03
Actions #11

Updated by Jim Pingle 14 days ago

  • Plus Target Version changed from 24.03 to 24.07
Actions

Also available in: Atom PDF