Feature #13362
openUpdate dynamic gateway consumers when their interface is renamed
0%
Description
I set up a IPSEC tunnel using VTI mode. Created the Static route and pointed it out the correct gateway. Approx 3 days later the remote user reported that p2 was not passing any traffic. I took a look at the static route and it was greyed out and the GW interface was not present. I edited the static route and selected the VTI as the GW and the tunnel was usable again.
Specs:
This FW is in a HA pair and is currently the master.
Netgate 1541
22.09-DEVELOPMENT (amd64)
built on Thu Jul 14 06:15:53 UTC 2022
FreeBSD 12.3-STABLE
Backup Node Specs:
Netgate 1541
22.09-DEVELOPMENT (amd64)
built on Wed Jul 06 06:14:49 UTC 2022
FreeBSD 12.3-STABLE
As of right now the tunnel is active with no issues and I will continue to monitor.
Related issues
Updated by Brad Davis about 2 years ago
- Assignee set to Reid Linnemann
- Target version set to 23.01
- Affected Plus Version set to 22.11
Updated by Marcos M about 2 years ago
- Project changed from pfSense Plus to pfSense
- Description updated (diff)
- Category changed from Routing to Routing
- Status changed from New to Feedback
- Affected Plus Version deleted (
22.11)
If the gateway selection was empty, that could mean the gateway was disabled/renamed at some point. If this happened on the secondary node, it could have been a config sync while maintenance was happening on the primary.
Updated by Jim Pingle almost 2 years ago
- Status changed from Feedback to New
- Target version deleted (
23.01)
If an interface with dynamic gateways is renamed, the dynamic gateways also change names to follow the interface, but there is no code to check if some items using that gateway (routes, rules, groups) needs to follow when that happens.
Updated by Reid Linnemann almost 2 years ago
That sounds like the most likely culprit. We should target an enhancement for 23.05 I think.
Updated by Jim Pingle almost 2 years ago
- Tracker changed from Bug to Feature
- Subject changed from Static route gateway removes itself. to Update dynamic gateway consumers when their interface is renamed
- Target version set to 2.7.0
- Plus Target Version set to 23.05
Updated by Reid Linnemann almost 2 years ago
- Related to Bug #13723: dpinger doesn't renew Gateway Monitoring IP address for IPsec VTi after changing IPsec VTi subnet added
Updated by Jim Pingle over 1 year ago
- Plus Target Version changed from 23.05 to 23.09
Doesn't look likely that we'll have time to finish this for 23.05. Moving forward to the next release target.
Updated by Jim Pingle over 1 year ago
- Target version changed from 2.7.0 to CE-Next
Updated by Jim Pingle about 1 year ago
- Plus Target Version changed from 23.09 to 24.01
Updated by Jim Pingle about 1 year ago
- Plus Target Version changed from 24.01 to 24.03
Updated by Jim Pingle 7 months ago
- Plus Target Version changed from 24.03 to 24.07
Updated by Jim Pingle 5 months ago
- Plus Target Version changed from 24.07 to 24.08
Updated by Jim Pingle 5 days ago
- Plus Target Version changed from 24.08 to 24.11
Updated by Jim Pingle 2 days ago
- Plus Target Version changed from 24.11 to 25.01