Project

General

Profile

Actions
Copy link

Bug #15694

closed

State Killing on Gateway Recovery fails for the default gateway group with the "Kill all" option selected

Added by Marc Goldburg 3 months ago. Updated about 1 month ago.

Status:
Resolved
Priority:
Normal
Assignee:
Marcos M
Category:
Multi-WAN
Target version:
2.8.0
Start date:
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
24.11
Release Notes:
Default
Affected Version:
Affected Architecture:
All

Description

Simple WAN failover/failback config with a primary WAN and a secondary. Failover/failback works as expected overall, however states on the secondary are not killed on failback despite "Kill all states for lower-priority gateways" being selected.

Behavior is observed with two failover configs: "automatic" failover, and a gateway group with the primary as Tier 1 and the secondary as Tier 2.

  • Kill all states for lower-priority gateways is selected in Gateway Monitoring
  • Global system Firewall State Policy is Interface Bound States
  • All firewall rules have State Policy of "Use global default" and Gateway set to Default

More details -- screenshots, pfctl output -- in the first two posts here: https://forum.netgate.com/topic/189805/failback-state-killing-with-automatic-failover

Actions
Copy link
 #1

Updated by Marc Goldburg 3 months ago

Resolved by this @marcosm patch: https://forum.netgate.com/post/1182417

Actions
Copy link
 #2

Updated by Marcos M 3 months ago

  • Subject changed from State killing on gateway recovery (failback) not working to State killing on gateway recovery fails for the default gateway group with `"Kill all`" selected
  • Status changed from New to Resolved
  • Assignee set to Marcos M
  • Target version set to 2.8.0
  • % Done changed from 0 to 100
  • Affected Plus Version changed from 24.03 to 24.08

Fixed with 352e16b8ff56f5b62fdbc7544b29cb27355a9468.

The issue only affects the default gateway group (i.e. not policy routing) and does not affect the option "Only kill states with the same address family as the gateway group".

Actions
Copy link
 #3

Updated by Marcos M 3 months ago

  • Project changed from pfSense Plus to pfSense
  • Category changed from Multi-WAN to Multi-WAN
  • Affected Plus Version deleted (24.08)
  • Plus Target Version set to 24.08
Actions
Copy link
 #4

Updated by Jim Pingle about 2 months ago

  • Subject changed from State killing on gateway recovery fails for the default gateway group with `"Kill all`" selected to State killing on Gateway Recovery option fails for the default gateway group with "Kill all" selected
Actions
Copy link
 #5

Updated by Jim Pingle about 2 months ago

  • Subject changed from State killing on Gateway Recovery option fails for the default gateway group with "Kill all" selected to State Killing on Gateway Recovery option fails for the default gateway group with "Kill all" selected
Actions
Copy link
 #6

Updated by Jim Pingle about 2 months ago

  • Plus Target Version changed from 24.08 to 24.11
Actions
Copy link
 #7

Updated by Marcos M about 1 month ago

  • Subject changed from State Killing on Gateway Recovery option fails for the default gateway group with "Kill all" selected to State Killing on Gateway Recovery fails for the default gateway group with the "Kill all" option selected
Actions
Copy link

Also available in: Atom PDF