Bug #16359
open
Cannot (re)install a configuration where WAN is a VLAN defined on a LAGG using the new Netgate installer
0%
Description
We have severall installations in failover mode where both WAN and LAN are protected using a LAGG.
Their configuration file (config.xml) has, for example, lagg0.66 assigned to WAN and some other VLAN assigned to LAN.
However, the Netgate Installer has no provision to create a LAGG.
Even if I copy the configuration file to the Netgate installer (under the name config.xml ;) and manage to trick the installer into downloading the CE 2.8.0, the resulting installation will not boot once the installer copies the original config file.
Right now, my understanding is that I can upgrade such a configuration from 2.7.2 to 2.8.0 (and I did so successfully in one instance) and that I have no way to reinstall this 2.8.0 from the distribution media.
How can we restore such installations ?
Regards
Updated by Kris Phillips about 1 month ago
- Status changed from New to Confirmed
I can confirm that LAGG interfaces are not supported in the Netgate Installer at this time.
However, with most LAGG interfaces, you can "drop down" the LAGG to a single interface within the LAGG, if it's LACP. Many switches will allow for connected devices that don't negotiate LACP to operate as a trunk or general port without the LAGG.
We should add this ability, however, for customers with most advanced setups.
Marking as Confirmed.
Updated by Serge Caron about 1 month ago
Hello Kris,
Thank you for your prompt reply. LACP is not used in this configuration.
Unfortunately, the Netgate Installer was not able to produce a bootable system from the configuration file in which this LAGG is defined.
The documentation [[https://docs.netgate.com/pfsense/en/latest/backup/restore.html]] seems to indicate that restoring the original configuration in a new install will work but does not document the "Reinstall Packages" button on the "Diagnostics / Backup & Restore / Backup & Restore" page in the GUI.
Pending the review of the Netgate Installer, what is the recommended course of actions ?
Regards,
Updated by Kris Phillips 26 days ago
Serge Caron wrote in #note-2:
Hello Kris,
Thank you for your prompt reply. LACP is not used in this configuration.
Unfortunately, the Netgate Installer was not able to produce a bootable system from the configuration file in which this LAGG is defined.
The documentation [[https://docs.netgate.com/pfsense/en/latest/backup/restore.html]] seems to indicate that restoring the original configuration in a new install will work but does not document the "Reinstall Packages" button on the "Diagnostics / Backup & Restore / Backup & Restore" page in the GUI.
Pending the review of the Netgate Installer, what is the recommended course of actions ?
Regards,
Hello Serge,
What kind of LAGG are you utilizing here?
Updated by Serge Caron 25 days ago
Hello Kris,
First, this is a "belt and suspenders" configuration used to protect critical systems (HVAC, lighting, access, etc.), all of which are on separate VLANs to allow technicians to do their maintenance without affecting each other's systems.
It is basically a "router on a stick" and WAN performance is not a concern.
Next, the LAGG itself is in FailOver mode: it is connected to two (usually Cisco) switches.
This allows for maintenance of the switch itself. We moved from LACP some time ago because ot its implicit reliance on a single switch.
Needless to say, maintenance of the pfSense unit is carefully planned ;-)
This unit is a single point of failure. Since opening this ticket, I ordered a backup to develop a proper disaster recovery plan.
Regards,