Bug #4607
closed
Bridge+CARP crashes/freezes pfSense
Added by Vasco Freire over 9 years ago.
Updated about 7 years ago.
Description
When using the following configuration:
- 1 physical ethernet port with VLANs;
- CARP with virtual address on one of the VLANs;
- OpenVPN tunnel;
- bridge between the OpenVPN interface and the VLAN interface;
pfSense crashes/freezes after a few seconds (sometimes after 5 seconds, sometimes after a minute or more). No response to pings, the machine is frozen on the console.
When I disable CARP on the VLAN interface, leaving the bridge enabled, the problem disappears.
Using Hyper-V virtual machine on Windows Server 2012 R2, pfSense 2.2.1.
May be related to the following pfSense/FreeBSD bugs:
The pfSense issue #910 is marked as resolved (with a patch), but it's quite old. Maybe the problem reappeared in later versions?
Files
- Subject changed from Bridge+CARP+VLANs crashes/freezes pfSense to Bridge+CARP crashes/freezes pfSense
- Status changed from New to Confirmed
- Assignee set to Ermal Luçi
- Target version set to 2.2.3
- Affected Version changed from 2.2.1 to 2.2
- Affected Architecture added
- Affected Architecture deleted (
amd64)
It doesn't appear specific to VLANs. A CARP IP on an interface that's a member of the bridge, or on the bridge itself, will cause this to happen once some traffic beyond a trivial amount is flowing.
#910 was an issue in a much older, much different base OS and had different symptoms so don't think it's related. It's the same root cause as FreeBSD PR 187451 I expect.
Still an issue after recent related changes. One clarification - it only happens when hosts are using the CARP IP as their gateway IP. Point them to the interface IP and it's fine. Change that to CARP and it freezes quickly once pushing a bit of traffic (speedtest-cli or similar from a system behind the bridge will trigger within seconds). Attached config one example.
- Status changed from Confirmed to Feedback
Patches committed to solve this.
Is the patch publicly available?
it's in 2.2.3 snapshots @ snapshots.pfsense.org.
it appears this works fine in 2.2.3. It's at least not replicable in the same way it is in previous releases. Vasco, if you can also confirm it'd be appreciated.
- Status changed from Feedback to Resolved
fixed, original problem case is no longer replicable, things otherwise seem fine on a system that's been running in a formerly-afffected config for upwards of a week.
My setup was affected by this since I tried 2.2-RC (https://forum.pfsense.org/index.php?topic=85285.0)
I tried again today with 2.2.2 and had the same issue. Then I found this issue, updated to the latest snapshot and it doesn't crash anymore.
Thanks !
Sorry, didn't have the opportunity to test the fix yet (encountered the problem on a production installation), but am glad to hear that the problem is apparently fixed. Will test as soon as possible.
Thank you so much guys...
Thanks 2.2.3 is working smoothly now .
Is the patch for this still included in 2.4? I'm getting freezes that sound eerily similar to the issue described here when using bridges and CARP.
Also available in: Atom
PDF
Updated by 
Updated by Ermal Luçi 
Updated by 
Updated by 
Updated by 
Updated by Anonymous