Bug #6222
closedCARP VIP config upgrade problem in gateway groups, GRE and gif
0%
Description
I had worked configuration: 2clusters PeerToPeer 2cluster CARP OpenVPN. Interface: GW GROUP Wan1FailoverWan2.
After upgrade from 2.2.6 to 2.3 At Server side I must changed Interface to LAN Carp IP and do PortForward from my both WANs. When I choice GW Group client cannot connect to this server.
After upgrade from 2.2.6 to 2.3 At Client side I don't have any problems when I upgrade only Node2 and set it as MasterNode. Client have Interface: GW GROUP Wan1FailoverWan2. The problem was when I upgrade also Node1 to 2.3. Then OpenVPN client flapping between Node1 (master carp) and Node2 (backup carp).
When I changed Interface from GW Group Wan1FailoverWan2 to Wan1 CARP VIP configuration working fine. OpenVPN client connect only from MASTER Node.
Updated by Grzegorz Sliwa over 8 years ago
Problem SOLVED.
After upgrade to 2.3 Gateway Entry at Gateway Groups was changed from GW_Wan1 : 1.1.1.1 (WAN1 CARP IP) to Interface Address.
Change it to CARP IP resolved my problem.
Updated by Chris Buechler over 8 years ago
- Category set to Configuration Upgrade
- Assignee set to Chris Buechler
- Target version set to 2.3.1
- Affected Version set to 2.3
Grzegorz: could you please post the diff from your config history? Diag>Backup/restore, Config history tab. Choose the left radio button for the last config before you fixed the gateway group, and the right radio button for the revision where you fixed it, and click Diff.
The config upgrade code went wrong somewhere and that'll help show where.
You can check the "Private" box on the diff comment so it's not public, though that's not sensitive info anyway.
Updated by Grzegorz Sliwa over 8 years ago
I cannot find 'Private' box :)
@Configuration Diff from 4/21/16 07:13:48 to 4/21/16 08:04:23 --- /conf/backup/config-1461215628.xml 2016-04-21 07:57:53.349016000 +0200 +++ /conf/config.xml 2016-04-21 08:04:23.680844000 +0200 @@ -8247,7 +8247,7 @@ <gateway_group> <name>Wan1FailoverWan2</name> - <item>GW_WAN|1|wan_vip1</item> - <item>GW_WAN2|2|opt1_vip12</item> - <trigger>downlosslatency</trigger> + <item>GW_WAN|1|_vip571464871dacd</item> + <item>GW_WAN2|2|_vip571464871dae9</item> + <trigger>0</trigger> <descr><![CDATA[Wan1FailoverWan2]]></descr> </gateway_group> <gateway_group> <name>Wan2FailoverWan1</name> - <item>GW_WAN|2|wan_vip1</item> - <item>GW_WAN2|1|opt1_vip2</item> - <trigger>downlosslatency</trigger> + <item>GW_WAN|2|_vip571464871dacd</item> + <item>GW_WAN2|1|_vip571464871dae9</item> + <trigger>0</trigger> <descr><![CDATA[Wan2FailoverWan1]]></descr> </gateway_group> </gateways> @@ -9816,14 +9816,14 @@ <mode>p2p_tls</mode> <protocol>UDP</protocol> <dev_mode>tun</dev_mode> - <ipaddr>111.111.111.111</ipaddr> - <interface>_vip571464871dacd</interface> + <ipaddr></ipaddr> + <interface>Wan1FailoverWan2</interface> <local_port>1194</local_port>
Updated by Chris Buechler over 8 years ago
- Subject changed from GW Group OpenVPN CARP problem to GW Group CARP VIP config upgrade problem
- Status changed from New to Confirmed
Thanks, that shows the issue.
I thought that private box showed up on comments for everyone, as I know people use it on new tickets on occasion, but it must not.
Updated by Chris Buechler over 8 years ago
- Subject changed from GW Group CARP VIP config upgrade problem to CARP VIP config upgrade problem in gateway groups, GRE and gif
- Status changed from Confirmed to Feedback
adding GRE and gif with same issue here.
fix pushed