https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162010-09-04T19:33:32ZpfSense bugtrackerpfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31342010-09-04T19:33:32Zivan primusivan.primorac@gmail.com
<ul></ul><p>After searching through logs and pfctl / netstat output I have found that after pppoe address renewal static route to monitor ip is no more in the routing table. In system log I can find this error:</p>
<p>Sep 3 11:20:47 php: /system_gateways.php: The command '/sbin/route delete -host '209.85.135.99'' returned exit code '1', the output was 'route: writing to routing socket: No such process delete host 209.85.135.99: not in table'</p>
<p>this is routing table after pppoe address renewal:</p>
<p>89.201.224.1 link#12 UH 0 0 pppoe0<br />89.201.228.101 link#12 UHS 0 0 lo0<br />127.0.0.1 link#5 UH 0 35 lo0<br />127.0.0.2 127.0.0.1 UHS 0 0 lo0<br />192.168.167.8/29 link#8 U 0 0 re0_vl<br />192.168.167.9 link#8 UHS 0 0 lo0<br />192.168.168.0/30 link#7 U 0 26093432 re0_vl<br />192.168.168.1 link#7 UHS 0 0 lo0<br />192.168.168.16/29 link#2 U 0 0 rl0<br />192.168.168.17 link#2 UHS 0 0 lo0<br />213.147.96.3 192.168.168.18 UGHS 4 128796 rl0<br />213.147.96.4 192.168.167.10 UGHS 4 128796 re0_vl</p>
<p>This is routing table after manualy editing and saving any of the gateways:</p>
<p>89.201.224.1 link#12 UH 0 0 pppoe0<br />89.201.228.101 link#12 UHS 0 0 lo0<br />127.0.0.1 link#5 UH 0 35 lo0<br />127.0.0.2 127.0.0.1 UHS 0 0 lo0<br />192.168.167.8/29 link#8 U 0 0 re0_vl<br />192.168.167.9 link#8 UHS 0 0 lo0<br />192.168.168.0/30 link#7 U 0 26124466 re0_vl<br />192.168.168.1 link#7 UHS 0 0 lo0<br />192.168.168.16/29 link#2 U 0 0 rl0<br />192.168.168.17 link#2 UHS 0 0 lo0<br /><strong>209.85.135.99 89.201.224.1 UGHS 0 55 pppoe0</strong><br />213.147.96.3 192.168.168.18 UGHS 4 55 rl0<br />213.147.96.4 192.168.167.10 UGHS 4 55 re0_vl</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31352010-09-04T19:47:08Zivan primusivan.primorac@gmail.com
<ul></ul><p>I think I need to refine this issue, because problems after upgrade and pppoe address renewal are simular but not the same. After upgrade, pppoe gateway are not shown in the gateway list at all, while in pppoe address renewal, it is shown, but marked as offline. Workaround from first post, is the same for both cases.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31442010-09-06T06:13:03ZErmal Luçieri@pfsense.org
<ul></ul><p>Can you give more details about your configuration.<br />As verbose as possible will be better.<br />For example.<br />All configuration, ifconfig/netstat -rn/ps -ax output, /tmp/apinger* /var/etc/apinger*, /tmp/rules.debug, screenshots.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31452010-09-06T07:05:51Zivan primusivan.primorac@gmail.com
<ul></ul><p>This is system output while it is not routinh trough pppoe</p>
<ol>
<li>uname -an<br />FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE #1: Thu Sep 2 00:14:57 EDT 2010 i386</li>
</ol>
<p>########################################</p>
<ol>
<li>ifconfig <br />re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500<br /> options=389b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_UCAST,WOL_MCAST,WOL_MAGIC><br /> ether 00:1c:c0:d8:dd:45<br /> inet6 fe80::21c:c0ff:fed8:dd45%re0 prefixlen 64 scopeid 0x1 <br /> nd6 options=3<PERFORMNUD,ACCEPT_RTADV><br /> media: Ethernet autoselect (1000baseT <full-duplex>)<br /> status: active<br />rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500<br /> options=8<VLAN_MTU><br /> ether 00:0e:2e:8e:4c:d3<br /> inet 192.168.168.17 netmask 0xfffffff8 broadcast 192.168.168.23<br /> inet6 fe80::20e:2eff:fe8e:4cd3%rl0 prefixlen 64 scopeid 0x2 <br /> nd6 options=3<PERFORMNUD,ACCEPT_RTADV><br /> media: Ethernet autoselect (100baseTX <full-duplex>)<br /> status: active<br />pfsync0: flags=0<> metric 0 mtu 1460<br /> syncpeer: 224.0.0.240 maxupd: 128<br />enc0: flags=0<> metric 0 mtu 1536<br />lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384<br /> options=3<RXCSUM,TXCSUM><br /> inet 127.0.0.1 netmask 0xff000000 <br /> inet6 ::1 prefixlen 128 <br /> inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5 <br /> nd6 options=3<PERFORMNUD,ACCEPT_RTADV><br />pflog0: flags=100<PROMISC> metric 0 mtu 33200<br />re0_vlan50: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500<br /> options=3<RXCSUM,TXCSUM><br /> ether 00:1c:c0:d8:dd:45<br /> inet6 fe80::21c:c0ff:fed8:dd45%re0_vlan50 prefixlen 64 scopeid 0x7 <br /> inet 192.168.168.1 netmask 0xfffffffc broadcast 192.168.168.3<br /> nd6 options=3<PERFORMNUD,ACCEPT_RTADV><br /> media: Ethernet autoselect (1000baseT <full-duplex>)<br /> status: active<br /> vlan: 50 parent interface: re0<br />re0_vlan56: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500<br /> options=3<RXCSUM,TXCSUM><br /> ether 00:1c:c0:d8:dd:45<br /> inet6 fe80::21c:c0ff:fed8:dd45%re0_vlan56 prefixlen 64 scopeid 0x8 <br /> inet 192.168.167.9 netmask 0xfffffff8 broadcast 192.168.167.15<br /> nd6 options=3<PERFORMNUD,ACCEPT_RTADV><br /> media: Ethernet autoselect (1000baseT <full-duplex>)<br /> status: active<br /> vlan: 56 parent interface: re0<br />re0_vlan57: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500<br /> options=3<RXCSUM,TXCSUM><br /> ether 00:1c:c0:d8:dd:45<br /> inet6 fe80::21c:c0ff:fed8:dd45%re0_vlan57 prefixlen 64 scopeid 0x9 <br /> nd6 options=3<PERFORMNUD,ACCEPT_RTADV><br /> media: Ethernet autoselect (1000baseT <full-duplex>)<br /> status: active<br /> vlan: 57 parent interface: re0<br />re0_vlan58: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500<br /> options=3<RXCSUM,TXCSUM><br /> ether 00:1c:c0:d8:dd:45<br /> inet6 fe80::21c:c0ff:fed8:dd45%re0_vlan58 prefixlen 64 scopeid 0xa <br /> nd6 options=3<PERFORMNUD,ACCEPT_RTADV><br /> media: Ethernet autoselect (1000baseT <full-duplex>)<br /> status: active<br /> vlan: 58 parent interface: re0<br />re0_vlan40: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500<br /> options=3<RXCSUM,TXCSUM><br /> ether 00:1c:c0:d8:dd:45<br /> inet6 fe80::21c:c0ff:fed8:dd45%re0_vlan40 prefixlen 64 scopeid 0xb <br /> inet 10.30.0.18 netmask 0xfffffff8 broadcast 10.30.0.23<br /> nd6 options=3<PERFORMNUD,ACCEPT_RTADV><br /> media: Ethernet autoselect (1000baseT <full-duplex>)<br /> status: active<br /> vlan: 40 parent interface: re0<br />pppoe0: flags=88d1<UP,POINTOPOINT,RUNNING,NOARP,SIMPLEX,MULTICAST> metric 0 mtu 1462<br /> inet6 fe80::21c:c0ff:fed8:dd45%pppoe0 prefixlen 64 scopeid 0xc <br /> inet 89.201.232.62 --> 89.201.224.1 netmask 0xffffffff <br /> nd6 options=3<PERFORMNUD,ACCEPT_RTADV></li>
</ol>
<p>################################################</p>
<ol>
<li>netstat -rn<br />Routing tables</li>
</ol>
<p>Internet:<br />Destination Gateway Flags Refs Use Netif Expire<br />default 192.168.167.10 UGS 5 309231 re0_vl<br />10.26.0.0/24 10.30.0.17 UGS 1 4138447 re0_vl<br />10.26.4.0/22 10.30.0.17 UGS 0 7149494 re0_vl<br />10.26.8.0/22 10.30.0.17 UGS 0 6864077 re0_vl<br />10.26.12.0/22 10.30.0.17 UGS 0 4867166 re0_vl<br />10.26.16.0/22 10.30.0.17 UGS 0 3803211 re0_vl<br />10.26.20.0/22 10.30.0.17 UGS 0 22155731 re0_vl<br />10.26.24.0/22 10.30.0.17 UGS 0 10511034 re0_vl<br />10.26.28.0/22 10.30.0.17 UGS 0 1269479 re0_vl<br />10.26.32.0/22 10.30.0.17 UGS 0 0 re0_vl<br />10.30.0.16/29 link#11 U 2 302234 re0_vl<br />10.30.0.18 link#11 UHS 0 0 lo0<br />89.201.224.1 link#12 UH 0 0 pppoe0<br />89.201.232.62 link#12 UHS 0 0 lo0<br />127.0.0.1 link#5 UH 0 35 lo0<br />127.0.0.2 127.0.0.1 UHS 0 0 lo0<br />192.168.167.8/29 link#8 U 0 0 re0_vl<br />192.168.167.9 link#8 UHS 0 0 lo0<br />192.168.168.0/30 link#7 U 0 43691931 re0_vl<br />192.168.168.1 link#7 UHS 0 0 lo0<br />192.168.168.16/29 link#2 U 0 0 rl0<br />192.168.168.17 link#2 UHS 0 0 lo0<br />213.147.96.3 192.168.168.18 UGHS 4 56516 rl0<br />213.147.96.4 192.168.167.10 UGHS 4 56516 re0_vl</p>
<p>###############################################</p>
<ol>
<li>ps aux<br />USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND<br />root 11 195.4 0.0 0 16 ?? RL Thu10PM 9798:36.07 [idle]<br />root 12 4.8 0.0 0 128 ?? WL Thu10PM 195:02.28 [intr]<br />root 52784 0.9 4.1 44404 20376 ?? S Fri12PM 0:08.58 /usr/local/bin/php<br />root 26421 0.1 3.5 43380 17156 ?? S Thu10PM 0:05.87 /usr/local/bin/php<br />root 0 0.0 0.0 0 48 ?? DLs Thu10PM 0:00.75 [kernel]<br />root 1 0.0 0.1 1888 432 ?? ILs Thu10PM 0:00.03 /sbin/init --<br />root 2 0.0 0.0 0 8 ?? DL Thu10PM 0:16.90 [g_event]<br />root 3 0.0 0.0 0 8 ?? DL Thu10PM 0:11.16 [g_up]<br />root 4 0.0 0.0 0 8 ?? DL Thu10PM 0:06.86 [g_down]<br />root 5 0.0 0.0 0 8 ?? DL Thu10PM 0:00.00 [crypto]<br />root 6 0.0 0.0 0 8 ?? DL Thu10PM 0:00.00 [crypto returns]<br />root 7 0.0 0.0 0 8 ?? DL Thu10PM 0:00.00 [sctp_iterator]<br />root 8 0.0 0.0 0 8 ?? DL Thu10PM 0:28.09 [pfpurge]<br />root 9 0.0 0.0 0 8 ?? DL Thu10PM 0:00.00 [xpt_thrd]<br />root 10 0.0 0.0 0 8 ?? DL Thu10PM 0:00.00 [audit]<br />root 13 0.0 0.0 0 16 ?? DL Thu10PM 1:27.18 [ng_queue]<br />root 14 0.0 0.0 0 8 ?? DL Thu10PM 14:58.77 [yarrow]<br />root 15 0.0 0.0 0 160 ?? DL Thu10PM 0:07.30 [usb]<br />root 16 0.0 0.0 0 8 ?? DL Thu10PM 0:00.35 [pagedaemon]<br />root 17 0.0 0.0 0 8 ?? DL Thu10PM 0:00.00 [vmdaemon]<br />root 18 0.0 0.0 0 8 ?? DL Thu10PM 0:00.51 [idlepoll]<br />root 19 0.0 0.0 0 8 ?? DL Thu10PM 0:00.01 [pagezero]<br />root 20 0.0 0.0 0 8 ?? DL Thu10PM 0:01.59 [bufdaemon]<br />root 21 0.0 0.0 0 8 ?? DL Thu10PM 0:15.22 [syncer]<br />root 22 0.0 0.0 0 8 ?? DL Thu10PM 0:01.77 [vnlru]<br />root 23 0.0 0.0 0 8 ?? DL Thu10PM 0:02.10 [softdepflush]<br />root 24 0.0 0.0 0 8 ?? DL Thu10PM 0:02.36 [flowcleaner]<br />root 35 0.0 0.0 0 8 ?? DL Thu10PM 0:00.36 [md0]<br />root 363 0.0 0.1 1888 532 ?? Is Thu10PM 0:00.03 /sbin/devd<br />root 729 0.0 0.2 3316 1036 ?? Is Thu10PM 0:00.33 minicron 240 /var/run/ping_hosts.pid /usr/local/bin/ping_hosts.sh<br />root 2298 0.0 0.2 3316 1036 ?? Is Thu10PM 0:00.02 minicron 3600 /var/run/expire_accounts.pid /etc/rc.exipireaccounts<br />root 2893 0.0 0.2 3316 1036 ?? Is Thu10PM 0:00.00 minicron 86400 /var/run/update_alias_url_data.pid /etc/rc.update_alias_url_data<br />root 3166 0.0 0.3 6092 1460 ?? SNs Thu10PM 0:08.47 /usr/local/sbin/check_reload_status<br />root 7924 0.0 0.7 7992 3516 ?? Ss 10:47AM 0:00.11 sshd: root@pts/0 (sshd)<br />root 8415 0.0 0.2 3316 976 ?? Is 10:47AM 0:00.01 /usr/local/sbin/sshlockout_pf<br />root 9561 0.0 0.6 5272 3100 ?? Is Thu10PM 0:00.00 /usr/sbin/sshd<br />root 10808 0.0 0.3 3448 1464 ?? Ss Thu10PM 4:35.76 /usr/sbin/syslogd <del>c -f /var/etc/syslog.conf<br />_ntp 11743 0.0 0.3 3316 1344 ?? I Thu10PM 0:00.71 ntpd: ntp engine (ntpd)<br />root 11804 0.0 0.3 3316 1340 ?? Ss Thu10PM 0:00.40 ntpd: [priv] (ntpd)<br />root 12670 0.0 0.3 3436 1432 ?? Is Thu10PM 0:00.03 /usr/sbin/inetd -wW -R 0 -a 127.0.0.1 /var/etc/inetd.conf<br />root 16775 0.0 0.9 9488 4556 ?? Ss 12:00AM 0:01.24 /usr/local/sbin/mpd5 -b -k -d /var/etc -f mpd_opt4.conf -p /var/run/pppoe_opt4.pid -s ppp pppoeclie<br />root 25308 0.0 1.2 8604 5800 ?? S Thu10PM 0:14.34 /usr/local/sbin/lighttpd -f /var/etc/lighty-webConfigurator.conf<br />root 25585 0.0 2.1 42356 10228 ?? Is Thu10PM 0:00.13 /usr/local/bin/php<br />root 26110 0.0 2.1 42356 10264 ?? Is Thu10PM 0:00.14 /usr/local/bin/php<br />root 26422 0.0 3.7 44404 18344 ?? I Thu10PM 0:04.65 /usr/local/bin/php<br />root 28661 0.0 4.1 44404 20276 ?? S Fri12PM 0:18.21 /usr/local/bin/php<br />nobody 31046 0.0 0.5 4528 2420 ?? I Thu10PM 0:00.00 /usr/local/sbin/dnsmasq --local-ttl 1 --all-servers --dns-forward-max=5000 --cache-size=10000<br />root 37107 0.0 0.3 3316 1344 ?? Ss 7:07PM 0:28.09 /usr/local/sbin/apinger -c /var/etc/apinger.conf<br />root 37356 0.0 0.4 4480 1804 ?? I 7:07PM 0:00.92 /usr/local/bin/rrdtool -<br />root 45311 0.0 0.3 3404 1380 ?? Is Thu10PM 0:00.88 /usr/sbin/cron -s<br />root 50600 0.0 0.1 1564 592 ?? SN 10:50AM 0:00.00 sleep 60<br />root 11009 0.0 0.2 3376 1180 v0 Is+ Thu10PM 0:00.00 /usr/libexec/getty Pc ttyv0<br />root 11581 0.0 1.4 10008 7124 v0</del> S Thu10PM 1:38.76 /usr/sbin/tcpdump <del>s 256 -v -l -n -e -ttt -i pflog0<br />root 11586 0.0 0.2 3316 924 v0</del> S Thu10PM 2:07.18 logger <del>t pf -p local0.info<br />root 39962 0.0 0.3 3656 1500 v0</del> SN Thu10PM 1:38.10 /bin/sh /var/db/rrd/updaterrd.sh<br />root 8711 0.0 0.3 3656 1536 0 Is 10:47AM 0:00.01 -sh (sh)<br />root 9447 0.0 0.3 3656 1540 0 I 10:47AM 0:00.01 /bin/sh /etc/rc.initial<br />root 11980 0.0 0.5 4696 2384 0 S 10:47AM 0:00.03 /bin/tcsh</li>
</ol>
<p>#############################################</p>
<ol>
<li>cat /tmp/apinger.status<br />213.147.96.3|192.168.168.17|gw_met2|56610|56602|1283770306|14.477ms|0.0%|none<br />10.30.0.17|10.30.0.18|gw_lan|56610|56382|1283770306|28.486ms|2.0%|none<br />213.147.96.4|192.168.167.9|gw_wan|56610|56253|1283770306|14.550ms|6.0%|none<br />209.85.135.99|89.201.226.164|GW_OPT4|56610|17484|1283731200|55.276ms|100.0%|down</li>
</ol>
<p>############################################</p>
<ol>
<li>cat /var/log/apinger.log <br />Sep 2 22:48:07 guard apinger: Starting Alarm Pinger, apinger(16429)<br />Sep 2 22:48:17 guard apinger: ALARM: gw_met2(213.147.96.3) <b>* down <strong></b><br />Sep 2 22:48:40 guard apinger: alarm canceled: gw_met2(213.147.96.3) <b></strong> down <strong></b><br />Sep 2 22:52:40 guard apinger: Exiting on signal 15.<br />Sep 2 22:52:40 guard apinger: Starting Alarm Pinger, apinger(11020)<br />Sep 2 22:52:56 guard apinger: Exiting on signal 15.<br />Sep 2 22:52:56 guard apinger: Starting Alarm Pinger, apinger(20471)<br />Sep 3 00:00:10 guard apinger: ALARM: GW_OPT4(209.85.135.99) <b></strong> down <strong></b><br />Sep 3 07:59:02 guard apinger: ALARM: gw_wan(213.147.96.4) <b></strong> loss <strong></b><br />Sep 3 07:59:53 guard apinger: alarm canceled: gw_wan(213.147.96.4) <b></strong> loss <strong></b><br />Sep 3 08:01:46 guard apinger: ALARM: gw_wan(213.147.96.4) <b></strong> loss <strong></b><br />Sep 3 08:02:41 guard apinger: alarm canceled: gw_wan(213.147.96.4) <b></strong> loss <strong></b><br />Sep 3 08:06:52 guard apinger: ALARM: gw_wan(213.147.96.4) <b></strong> loss <strong></b><br />Sep 3 08:07:46 guard apinger: alarm canceled: gw_wan(213.147.96.4) <b></strong> loss <strong></b><br />Sep 3 08:15:30 guard apinger: ALARM: gw_wan(213.147.96.4) <b></strong> loss <strong></b><br />Sep 3 08:17:26 guard apinger: alarm canceled: gw_wan(213.147.96.4) <b></strong> loss <strong></b><br />Sep 3 11:20:47 guard apinger: Exiting on signal 15.<br />Sep 3 11:20:47 guard apinger: Starting Alarm Pinger, apinger(41621)<br />Sep 3 11:20:53 guard apinger: Exiting on signal 15.<br />Sep 3 11:20:53 guard apinger: Starting Alarm Pinger, apinger(50764)<br />Sep 3 23:58:35 guard apinger: ALARM: GW_OPT4(209.85.135.99) <b></strong> down <strong></b><br />Sep 4 18:05:31 guard apinger: ALARM: gw_met2(213.147.96.3) <b></strong> down <strong></b><br />Sep 4 18:05:31 guard apinger: ALARM: gw_wan(213.147.96.4) <b></strong> down <strong></b><br />Sep 4 18:06:01 guard apinger: alarm canceled: gw_met2(213.147.96.3) <b></strong> down <strong></b><br />Sep 4 18:06:01 guard apinger: alarm canceled: gw_wan(213.147.96.4) <b></strong> down <strong></b><br />Sep 4 23:24:03 guard apinger: Exiting on signal 15.<br />Sep 4 23:24:03 guard apinger: Starting Alarm Pinger, apinger(58033)<br />Sep 4 23:58:38 guard apinger: ALARM: GW_OPT4(209.85.135.99) <b></strong> down <strong></b><br />Sep 5 19:04:48 guard apinger: Exiting on signal 15.<br />Sep 5 19:04:48 guard apinger: Starting Alarm Pinger, apinger(42495)<br />Sep 5 19:07:24 guard apinger: Exiting on signal 15.<br />Sep 5 19:07:24 guard apinger: Starting Alarm Pinger, apinger(37107)<br />Sep 6 00:00:11 guard apinger: ALARM: GW_OPT4(209.85.135.99) <b></strong> down *</b></li>
</ol>
<p>############################################</p>
<p>cat /var/log/system.log</p>
<p>Sep 6 00:00:05 guard ppp: [opt4] Bundle: Status update: up 1 link, total bandwidth 64000 bps<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: Open event<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: state change Initial --> Starting<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: LayerStart<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: Up event<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: state change Starting --> Req-Sent<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: SendConfigReq #1<br />Sep 6 00:00:05 guard ppp: [opt4] IPADDR 0.0.0.0<br />Sep 6 00:00:05 guard ppp: [opt4] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: rec'd Configure Request #0 (Req-Sent)<br />Sep 6 00:00:05 guard ppp: [opt4] IPADDR 89.201.224.1<br />Sep 6 00:00:05 guard ppp: [opt4] 89.201.224.1 is OK<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: SendConfigAck #0<br />Sep 6 00:00:05 guard ppp: [opt4] IPADDR 89.201.224.1<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: state change Req-Sent --> Ack-Sent<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: rec'd Configure Reject #1 (Ack-Sent)<br />Sep 6 00:00:05 guard ppp: [opt4] COMPPROTO VJCOMP, 16 comp. channels, no comp-cid<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: SendConfigReq <a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a><br />Sep 6 00:00:05 guard ppp: [opt4] IPADDR 0.0.0.0<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: rec'd Configure Nak <a class="issue tracker-1 status-3 priority-4 priority-default closed parent" title="Bug: Gateway not added when switching from DHCP to static (Resolved)" href="https://redmine.pfsense.org/issues/2">#2</a> (Ack-Sent)<br />Sep 6 00:00:05 guard ppp: [opt4] IPADDR 89.201.232.62<br />Sep 6 00:00:05 guard ppp: [opt4] 89.201.232.62 is OK<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: SendConfigReq <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a><br />Sep 6 00:00:05 guard ppp: [opt4] IPADDR 89.201.232.62<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: rec'd Configure Ack <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: VPN negation rules not added in 2.0 (Resolved)" href="https://redmine.pfsense.org/issues/3">#3</a> (Ack-Sent)<br />Sep 6 00:00:05 guard ppp: [opt4] IPADDR 89.201.232.62<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: state change Ack-Sent --> Opened<br />Sep 6 00:00:05 guard ppp: [opt4] IPCP: LayerUp<br />Sep 6 00:00:05 guard ppp: [opt4] 89.201.232.62 -> 89.201.224.1<br />Sep 6 00:00:05 guard ppp: [opt4] IFACE: Up event<br />Sep 6 00:00:07 guard check_reload_status: rc.newwanip starting<br />Sep 6 00:00:08 guard php: : rc.newwanip: Informational is starting pppoe0.<br />Sep 6 00:00:08 guard php: : rc.newwanip: on (IP address: 89.201.232.62) (interface: opt4) (real interface: pppoe0).<br />Sep 6 00:00:11 guard apinger: ALARM: GW_OPT4(209.85.135.99) <b>* down *</b><br />Sep 6 00:00:14 guard check_reload_status: updating dyndns<br />Sep 6 00:00:16 guard check_reload_status: reloading filter<br />Sep 6 00:00:17 guard php: : MONITOR: GW_OPT4 has high latency, removing from routing group<br />Sep 6 00:00:17 guard last message repeated 3 times<br />Sep 6 00:00:19 guard check_reload_status: Rewriting resolv.conf<br />Sep 6 00:00:27 guard check_reload_status: reloading filter<br />Sep 6 00:00:28 guard php: : MONITOR: GW_OPT4 has high latency, removing from routing group<br />Sep 6 00:00:28 guard last message repeated 3 times</p>
<p>########################################</p>
<ol>
<li>cat /tmp/rules.debug<br />#System aliases</li>
</ol>
<p>loopback = "{ lo0 }" <br />WAN = "{ re0_vlan56 }" <br />LAN = "{ re0_vlan40 }" <br />GLAN = "{ re0_vlan50 }" <br />MET2 = "{ rl0 }" <br />OPTIM1 = "{ pppoe0 }"</p>
<p>#SSH Lockout Table<br />table <sshlockout> persist<br />#Snort2C table<br />table <snort2c></p>
<p>table <virusprot></p>
<ol>
<li>User Aliases <br />table <it_pcs> { 10.26.4.129 10.26.4.132 10.26.4.133 } <br />it_pcs = "<it_pcs>" <br />std_ports_in = "{ 21 80 110 143 443 993 995 7443 1935 8080 8888 }" <br />std_ports_out = "{ 22 23 25 53 123 500 1000 1194 1723 1972 3389 4500 5000 5900 10000 10010 11160 3322 20400 2082 11496 1352 3900 65505 65510 }"</li>
</ol>
<ol>
<li>Gateways<br />GWgw_met2 = " route-to ( rl0 192.168.168.18 ) " <br />GWgw_lan = " route-to ( re0_vlan40 10.30.0.17 ) " <br />GWgw_wan = " route-to ( re0_vlan56 192.168.167.10 ) " <br />GWGW_OPT4 = " route-to ( pppoe0 89.201.224.1 ) " <br />GWggw_lan_in = " route-to { ( re0_vlan56 192.168.167.10 ) } " <br />GWggw_lan_out = " route-to { ( re0_vlan56 192.168.167.10 ) } " <br />GWggw_glan_in = " route-to { ( re0_vlan56 192.168.167.10 ) } " <br />GWggw_glan_out = " route-to { ( re0_vlan56 192.168.167.10 ) } "</li>
</ol>
<p>set loginterface re0_vlan56<br />set loginterface re0_vlan40<br />set loginterface re0_vlan50<br />set loginterface rl0<br />set loginterface pppoe0<br />set optimization aggressive<br />set limit states 47000</p>
<p>set skip on pfsync0</p>
<p>nat-anchor "natearly/*" <br />nat-anchor "natrules/*"</p>
<ol>
<li>Outbound NAT rules</li>
</ol>
<ol>
<li>Subnets to NAT <br />table <tonatsubnets> { 10.26.0.0/24 10.26.12.0/22 10.26.16.0/22 10.26.20.0/22 10.26.24.0/22 10.26.28.0/22 10.26.32.0/22 10.26.4.0/22 10.26.8.0/22 10.30.0.16/29 192.168.168.0/30 }<br />nat on $WAN from <tonatsubnets> port 500 to any port 500 -> 192.168.167.9/32 port 500<br />nat on $WAN from <tonatsubnets> to any -> 192.168.167.9/32 port 1024:65535</li>
</ol>
<p>nat on $MET2 from <tonatsubnets> port 500 to any port 500 -> 192.168.168.17/32 port 500<br />nat on $MET2 from <tonatsubnets> to any -> 192.168.168.17/32 port 1024:65535</p>
<p>nat on $OPTIM1 from <tonatsubnets> port 500 to any port 500 -> 89.201.232.62/32 port 500<br />nat on $OPTIM1 from <tonatsubnets> to any -> 89.201.232.62/32 port 1024:65535</p>
<ol>
<li>Load balancing anchor<br />rdr-anchor "relayd/*" </li>
<li>TFTP proxy<br />rdr-anchor "tftp-proxy/*" <br />table <direct_networks> { 192.168.167.8/29 10.30.0.16/29 192.168.168.0/30 192.168.168.16/29 89.201.232.62/32 }</li>
<li>NAT Inbound Redirects<br />rdr on re0_vlan56 proto tcp from any to 192.168.167.9 port 3323 -> 192.168.168.2 port 3322<br />rdr on re0_vlan56 proto tcp from any to 192.168.167.9 port 8888 -> 192.168.168.2 port 80<br />rdr on re0_vlan56 proto tcp from any to 192.168.167.9 port 3389 -> 10.26.0.8</li>
<li>UPnPd rdr anchor<br />rdr-anchor "miniupnpd"</li>
</ol>
anchor "relayd/*" <br />anchor "firewallrules" <br />#---------------------------------------------------------------------------
<ol>
<li>default deny rules<br />#---------------------------------------------------------------------------<br />block in log all label "Default deny rule" <br />block out log all label "Default deny rule"</li>
</ol>
<ol>
<li>We use the mighty pf, we cannot be fooled.<br />block quick proto { tcp, udp } from any port = 0 to any<br />block quick proto { tcp, udp } from any to any port = 0</li>
</ol>
<ol>
<li>Block all IPv6<br />block in quick inet6 all<br />block out quick inet6 all</li>
</ol>
<ol>
<li>snort2c<br />block quick from <snort2c> to any label "Block snort2c hosts" <br />block quick from any to <snort2c> label "Block snort2c hosts"</li>
</ol>
<ol>
<li>package manager early specific hook<br />anchor "packageearly"</li>
</ol>
<ol>
<li>carp<br />anchor "carp"</li>
</ol>
<ol>
<li>SSH lockout<br />block in log quick proto tcp from <sshlockout> to any port 3322 label "sshlockout" <br />block in quick from <virusprot> to any label "virusprot overload table" <br />antispoof for re0_vlan56<br />antispoof for re0_vlan40<br />antispoof for re0_vlan50<br />antispoof for rl0<br />table <bogons> persist file "/etc/bogons" </li>
<li>block bogon networks</li>
<li><a class="external" href="http://www.cymru.com/Documents/bogon-bn-nonagg.txt">http://www.cymru.com/Documents/bogon-bn-nonagg.txt</a><br />anchor "opt4bogons" <br />block in log quick on $OPTIM1 from <bogons> to any label "block bogon networks from OPTIM1" <br />antispoof for pppoe0</li>
<li>block anything from private networks on interfaces with the option set<br />antispoof for $OPTIM1<br />block in log quick on $OPTIM1 from 10.0.0.0/8 to any label "block private networks from wan block 10/8" <br />block in log quick on $OPTIM1 from 127.0.0.0/8 to any label "block private networks from wan block 127/8" <br />block in log quick on $OPTIM1 from 172.16.0.0/12 to any label "block private networks from wan block 172.16/12" <br />block in log quick on $OPTIM1 from 192.168.0.0/16 to any label "block private networks from wan block 192.168/16" <br />anchor "spoofing"</li>
</ol>
<ol>
<li>loopback<br />anchor "loopback" <br />pass in on $loopback all label "pass loopback" <br />pass out on $loopback all label "pass loopback"</li>
</ol>
anchor "firewallout"
<ol>
<li>let out anything from the firewall host itself and decrypted IPsec traffic<br />pass out all keep state allow-opts label "let out anything from firewall host itself" <br />pass out route-to ( re0_vlan56 192.168.167.10 ) from 192.168.167.9 to !192.168.167.8/29 keep state allow-opts label "let out anything from firewall host itself" <br />pass out route-to ( rl0 192.168.168.18 ) from 192.168.168.17 to !192.168.168.16/29 keep state allow-opts label "let out anything from firewall host itself" <br />pass out route-to ( pppoe0 89.201.224.1 ) from 89.201.232.62 to !89.201.232.62/32 keep state allow-opts label "let out anything from firewall host itself" </li>
<li>make sure the user cannot lock himself out of the webConfigurator or SSH<br />anchor "anti-lockout" <br />pass in quick on re0_vlan40 from any to (re0_vlan40) keep state label "anti-lockout rule"</li>
</ol>
<ol>
<li>User-defined rules follow<br />pass on { re0_vlan56 re0_vlan40 rl0 pppoe0 } proto tcp from any to any port 10010 flags S/SA keep state label "USER_RULE" <br />pass on { re0_vlan56 re0_vlan40 rl0 pppoe0 } proto tcp from any to any port 3322 flags S/SA keep state label "USER_RULE" <br />pass in quick on $WAN reply-to ( re0_vlan56 192.168.167.10 ) proto tcp from any to 192.168.168.2 port 3322 label "USER_RULE: NAT " <br />pass in quick on $WAN reply-to ( re0_vlan56 192.168.167.10 ) proto tcp from any to 192.168.168.2 port 80 label "USER_RULE: NAT " <br />pass in quick on $WAN reply-to ( re0_vlan56 192.168.167.10 ) proto tcp from any to 10.26.0.8 port 3389 label "USER_RULE: NAT " <br />pass in quick on $MET2 reply-to ( rl0 192.168.168.18 ) proto { tcp udp } from 88.198.227.140/24 to 10.26.0.0/16 keep state label "USER_RULE" <br />pass in quick on $GLAN proto { tcp udp } from 192.168.168.1/30 to <vpns> keep state label "NEGATE_ROUTE: Negate policy route for vpn(s)" <br />pass in quick on $GLAN $GWggw_glan_in proto { tcp udp } from 192.168.168.1/30 to any port $std_ports_in keep state label "USER_RULE" <br />pass in quick on $GLAN proto { tcp udp } from 192.168.168.1/30 to <vpns> keep state label "NEGATE_ROUTE: Negate policy route for vpn(s)" <br />pass in quick on $GLAN $GWggw_glan_out proto { tcp udp } from 192.168.168.1/30 to any port $std_ports_out keep state label "USER_RULE" <br />pass in quick on $GLAN proto esp from 192.168.168.1/30 to <vpns> keep state label "NEGATE_ROUTE: Negate policy route for vpn(s)" <br />pass in quick on $GLAN $GWggw_glan_out proto esp from 192.168.168.1/30 to any keep state label "USER_RULE" <br />pass in quick on $GLAN proto gre from 192.168.168.1/30 to <vpns> keep state label "NEGATE_ROUTE: Negate policy route for vpn(s)" <br />pass in quick on $GLAN $GWggw_glan_out proto gre from 192.168.168.1/30 to any keep state label "USER_RULE" <br />pass in quick on $LAN inet proto icmp from 10.26.0.0/16 to <vpns> keep state label "NEGATE_ROUTE: Negate policy route for vpn(s)" <br />pass in quick on $LAN $GWggw_lan_out inet proto icmp from 10.26.0.0/16 to any keep state label "USER_RULE" <br />pass in quick on $LAN $GWgw_met2 proto { tcp udp } from 10.26.0.0/16 to 88.198.227.0/24 keep state label "USER_RULE: lacroma internet radio" <br />pass in quick on $LAN proto { tcp udp } from 10.26.0.0/16 to <vpns> keep state label "NEGATE_ROUTE: Negate policy route for vpn(s)" <br />pass in quick on $LAN $GWggw_lan_in proto { tcp udp } from 10.26.0.0/16 to any port $std_ports_in keep state label "USER_RULE" <br />pass in quick on $LAN proto { tcp udp } from 10.26.0.0/16 to <vpns> keep state label "NEGATE_ROUTE: Negate policy route for vpn(s)" <br />pass in quick on $LAN $GWggw_lan_out proto { tcp udp } from 10.26.0.0/16 to any port $std_ports_out keep state label "USER_RULE"</li>
</ol>
<p>###############################################</p>
<ol>
<li>cat /var/etc/apinger*</li>
</ol>
<ol>
<li>pfSense apinger configuration file. Automatically Generated!</li>
</ol>
<ol>
<li>User and group the pinger should run as<br />user "root" <br />group "wheel"</li>
</ol>
<ol>
<li>Mailer to use (default: "/usr/lib/sendmail -t")<br />#mailer "/var/qmail/bin/qmail-inject"</li>
</ol>
<ol>
<li>Location of the pid-file (default: "/var/run/apinger.pid")<br />pid_file "/var/run/apinger.pid"</li>
</ol>
<ol>
<li>Format of timestamp (%s macro) (default: "%b %d %H:%M:%S")<br />#timestamp_format "%Y%m%d%H%M%S"</li>
</ol>
<p>status {
## File where the status information whould be written to<br /> file "/tmp/apinger.status"
## Interval between file updates
## when 0 or not set, file is written only when SIGUSR1 is received<br /> interval 10s<br />}</p>
########################################
<ol>
<li>RRDTool status gathering configuration</li>
<li>Interval between RRD updates<br />rrd interval 60s;</li>
</ol>
<ol>
<li>These parameters can be overriden in a specific alarm configuration<br />alarm default { <br /> command on "/usr/bin/touch /tmp/filter_dirty" <br /> command off "/usr/bin/touch /tmp/filter_dirty" <br /> combine 10s<br />}</li>
</ol>
<ol>
<li>"Down" alarm definition. </li>
<li>This alarm will be fired when target doesn't respond for 30 seconds.<br />alarm down "down" {<br /> time 10s<br />}</li>
</ol>
<ol>
<li>"Delay" alarm definition. </li>
<li>This alarm will be fired when responses are delayed more than 200ms</li>
<li>it will be canceled, when the delay drops below 100ms<br />alarm delay "delay" {<br /> delay_low 200ms<br /> delay_high 500ms<br />}</li>
</ol>
<ol>
<li>"Loss" alarm definition. </li>
<li>This alarm will be fired when packet loss goes over 20%</li>
<li>it will be canceled, when the loss drops below 10%<br />alarm loss "loss" {<br /> percent_low 10<br /> percent_high 20<br />}</li>
</ol>
<p>target default {
## How often the probe should be sent <br /> interval 1s</p>
<ol>
<li>How many replies should be used to compute average delay </li>
<li>for controlling "delay" alarms<br /> avg_delay_samples 10</li>
</ol>
<ol>
<li>How many probes should be used to compute average loss<br /> avg_loss_samples 50</li>
</ol>
<ol>
<li>The delay (in samples) after which loss is computed</li>
<li>without this delays larger than interval would be treated as loss<br /> avg_loss_delay_samples 20</li>
</ol>
<ol>
<li>Names of the alarms that may be generated for the target<br /> alarms "down","delay","loss"</li>
</ol>
<ol>
<li>Location of the RRD<br /> #rrd file "/var/db/rrd/apinger-%t.rrd" <br />}</li>
</ol>
<ol>
<li>Targets to probe</li>
<li>Each one defined with:</li>
<li>target <address> { <parameter>... }</li>
<li>The parameters are those described above in the "target default" section</li>
<li>plus the "description" parameter.</li>
<li>the <address> should be IPv4 or IPv6 address (not hostname!)<br />target "213.147.96.3" {<br /> description "gw_met2" <br /> srcip "192.168.168.17" <br /> alarms override "loss","delay","down";<br /> rrd file "/var/db/rrd/gw_met2-quality.rrd" <br />}</li>
</ol>
<p>target "10.30.0.17" {<br /> description "gw_lan" <br /> srcip "10.30.0.18" <br /> alarms override "loss","delay","down";<br /> rrd file "/var/db/rrd/gw_lan-quality.rrd" <br />}</p>
<p>target "213.147.96.4" {<br /> description "gw_wan" <br /> srcip "192.168.167.9" <br /> alarms override "loss","delay","down";<br /> rrd file "/var/db/rrd/gw_wan-quality.rrd" <br />}</p>
<p>target "209.85.135.99" {<br /> description "GW_OPT4" <br /> srcip "89.201.226.164" <br /> alarms override "loss","delay","down";<br /> rrd file "/var/db/rrd/GW_OPT4-quality.rrd" <br />}</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31462010-09-06T07:18:13Zivan primusivan.primorac@gmail.com
<ul></ul><p>Just to mention again: this is not hardware problem or link problem. I have 3 firewalls with different hardware, different Internet providers and same situation.<br />I hope we can catch this bug because it is in core functionality. There are 2 or 3 references on PF forum of this bug.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31472010-09-06T09:05:43ZErmal Luçieri@pfsense.org
<ul></ul><p>Does your pppoe address change during renewal or it stays the same?</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31492010-09-06T13:08:42Zivan primusivan.primorac@gmail.com
<ul></ul><p>yes...it changes</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31502010-09-06T13:13:18Zivan primusivan.primorac@gmail.com
<ul></ul><p>I will check this new change on /etc/inc/gwlb.inc and report back</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31512010-09-06T13:35:29Zivan primusivan.primorac@gmail.com
<ul></ul><p>Ermal...nothing have changed.<br />After restart there is no reference of pppoe gateway in system logs, like it does not exists.<br />On status_gateways.php GW_OPT4 is not on the list.<br />But in system_gateways.php pppoe gateway GW_OPT4 is on the list. <br />Everything will be ok if I edit any of the gateways and reload filters.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31552010-09-07T08:27:11Zivan primusivan.primorac@gmail.com
<ul></ul><p>After testing I have find out that:<br />- after disconnecting pppoe interface, static route to monitor is is correctly deleted<br />- after connecting again, static route to monitor is is not added<br />I think something is wrong in /usr/local/sbin/ppp-linkup ?</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31562010-09-07T08:37:16Zivan primusivan.primorac@gmail.com
<ul></ul>´´´
<ol>
<li>cat /usr/local/sbin/ppp-linkup<br />#!/bin/sh</li>
</ol>
<ol>
<li>unset CGI environment variables so as not to confuse PHP<br />unset CONTENT_TYPE GATEWAY_INTERFACE REMOTE_USER REMOTE_ADDR AUTH_TYPE<br />unset HTTP_USER_AGENT CONTENT_LENGTH SCRIPT_FILENAME HTTP_HOST<br />unset SERVER_SOFTWARE HTTP_REFERER SERVER_PROTOCOL REQUEST_METHOD<br />unset SERVER_PORT SCRIPT_NAME SERVER_NAME</li>
</ol>
<ol>
<li>write nameservers to file<br />if [ $6 = "dns1" ]; then<br /> echo $7 > /var/etc/nameserver_$1<br /> /sbin/route add $7 $4<br />fi</li>
</ol>
<p>if [ $8 = "dns2" ]; then<br /> echo $9 >> /var/etc/nameserver_$1<br /> /sbin/route add $9 $4<br />fi</p>
<ol>
<li>let the configuration system know that the ip has changed.<br />/bin/echo $1 > /tmp/rc.newwanip # <strong>this file is newer written and this is opt if ... not wan</strong><br />/bin/echo $4 > /tmp/$1_router<br />/usr/bin/touch /tmp/$1up<br />exit 0<br />´´´<br />In this file there is no code to add route to monitor ip</li>
</ol> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31632010-09-07T17:23:47Zivan primusivan.primorac@gmail.com
<ul></ul><p>This last commit didn't help also c3b1ba3fcd6284d2a36b23c5938a3fee4f520cdf <br />This pppoe interface is on vlan OPT4 interface.<br />When I do manual disconnect than connect, static route to monitor ip is gone. Is it because of delay while pppoe link is established?<br />But when I edit any of the gateways, static route to monitor ip is there again.<br />What is happening in "edit gw" procedure and not happening when pppoe interface automaticly renews ip?<br />I will try to find traces, but still learning pfsense code structure.<br />Thanks for your help.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31642010-09-07T17:34:28ZErmal Luçieri@pfsense.org
<ul></ul><p>Its the same thing.<br />setup_gateway_monitoring() is getting called.</p>
<p>Probably you need to test with a newer snapshots since now the reload will be quite fast as soon as the links comes up.<br />Not delayed some seconds as before.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31652010-09-07T17:50:02Zivan primusivan.primorac@gmail.com
<ul></ul><p>I have removed all routing groups to make it simple. <br />Than I edit and saved settings of pppoe interface and route to monitor ip is back.<br />Than I disconnected and connected pppoe interface, and static route is gone.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31662010-09-07T17:51:38Zivan primusivan.primorac@gmail.com
<ul></ul><p>using latest snapshot 06.09</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31692010-09-07T19:36:17Zivan primusivan.primorac@gmail.com
<ul></ul><p>I can't see setup_gateways_monitor() function being called from system_gateways_edit.php, page where static routes are added correctly.<br />If it is not included there from gwlb.inc, than it probably should be common function system wide.<br />Still digging and hoping for some help</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31702010-09-07T19:53:15Zivan primusivan.primorac@gmail.com
<ul></ul><p>setup_gateways_monitor is called from /etc/rc.bootup /etc/newwanip /etc/inc/upgrade_config.inc<br />All 3 prrocedures does not add static route to monitor ip of dynamic gateway.<br />Only thing that works for me is system_gateways_edit.php, page that don't seems to call that function.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31742010-09-08T04:49:30ZErmal Luçieri@pfsense.org
<ul></ul><p>Just another question.<br />The static route you speak about is your static route, created through the gui or the one created by pfSense itself for its monitoring ips?</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31752010-09-08T04:51:22Zivan primusivan.primorac@gmail.com
<ul></ul><p>static route created by pfsense to monitor ip of pppoe interface</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31762010-09-08T08:12:50Zivan primusivan.primorac@gmail.com
<ul></ul><p>NOTE: function setup_gateways_monitor in gwdb.inc - it seems it is not configured to add route to monitor IP of dynamic gw: </p>
<pre><code>if ($gateway['gateway'] == "dynamic") {<br /> $gateway['monitor'] = "127.0.0.{$i}";<br /> $i++;<br /> }</code></pre>
<pre><code>.......</code></pre>
<pre><code>if($gateway['monitor'] == $gateway['gateway']) {<br /> /* if the gateway is the same as the monitor we do not add a
* route as this will break the routing table */<br /> continue;<br /> } else {<br /> if ($gateway['gateway'] != "dynamic" && is_ipaddr($gateway['gateway'])) {<br /> mwexec("/sbin/route delete -host " . escapeshellarg($gateway['monitor']));<br /> mwexec("/sbin/route add -host " . escapeshellarg($gateway['monitor']) .<br /> " " . escapeshellarg($gateway['gateway']));<br /> log_error("Removing static route for monitor {$gateway['monitor']} and adding a new route through {$gateway['gateway']}");<br /> }<br /> }</code></pre> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31912010-09-12T21:48:18ZChris Buechlercbuechler@gmail.com
<ul><li><strong>Priority</strong> changed from <i>Normal</i> to <i>High</i></li></ul><p>The commits associated with this ticket have caused a number of issues with dynamic gateways. See here for one: <br /><a class="external" href="http://forum.pfsense.org/index.php/topic,28212.0.html">http://forum.pfsense.org/index.php/topic,28212.0.html</a></p>
<p>Ermal - Jim emailed you other/additional info</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31972010-09-13T12:00:36ZErmal Luçieri@pfsense.org
<ul></ul><p>This should be ok now.<br />Since i committed another fix.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=31982010-09-13T13:53:40Zivan primusivan.primorac@gmail.com
<ul></ul><p>NOTE: I am testing it on different firewall with almost identical configuration. I can not crash first one.</p>
<p>Using 13.09 snapshot without latest Ermal's commit (not in repositry, but i will apply it later)<br />Upgrade started with folowing in status_gateways.php:</p>
<p>GW_WAN 85.114.48.109 85.114.48.109 Online <br />GW_WTMP 85.114.55.133 85.114.55.133 Online <br />DSL 95.178.192.1 Unknown Interface opt3 Dynamic Gateway</p>
<p>No static route to 209.85.135.99 which is monitor ip for DSL OPT3<br />After I reapply configuration of DSL interface, pfsense adds automaticly gateway named GW_OPT3 with its first hop as monitor ip. This seems to be naming inconsistemcy.</p>
<p>After I edit any of the gateways from system_gateways_edit.php, everything is ok. I have status:<br />GW_WAN 85.114.48.109 85.114.48.109 Online <br />GW_WTMP 85.114.55.133 85.114.55.133 Online <br />GW_OPT3 95.178.192.1 95.178.192.1 Online Interfaceopt3dynamic gateway</p>
<p>After manual pppoe reconnect I have following situation:<br />GW_WAN 85.114.48.109 85.114.48.109 Online <br />GW_WTMP 85.114.55.133 85.114.55.133 Online <br />GW_OPT3 95.178.192.1 95.178.192.1 Offline Interfaceopt3dynamic gateway</p>
<p>APPLYING LATEST PATCH: c65e1e0da7df7b367ff97e89dad16f602571cecb THAN REBOOT<br />Unfortunalely still no change. It shows status offline and doues not route through OPT3 interface (routes through default gw)<br />I haven't tried gw groups.</p>
<p>Packet capture on that interface shows:<br />19:51:16.858392 IP 95.178.201.200 > 95.178.192.1: ICMP echo request, id 51496, seq 26114, length 44<br />19:51:17.859840 IP 95.178.201.200 > 95.178.192.1: ICMP echo request, id 51496, seq 26370, length 44<br />19:51:18.861324 IP 95.178.201.200 > 95.178.192.1: ICMP echo request, id 51496, seq 26626, length 44</p>
<p><strong>INTREFACE IP IS: 95.178.207.135</strong></p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=32072010-09-14T07:32:05Zivan primusivan.primorac@gmail.com
<ul></ul><p>I can see for sure that after manual reconnect of pppoe interface, apinger is using old IP as source for ping packets. Thats why system marks gateway as OFFLINE and not using it.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=32112010-09-15T11:53:49ZMike Stupalov
<ul></ul><p>I wrote a bug <a class="issue tracker-1 status-6 priority-5 priority-high4 closed" title="Bug: Gateway groups not work anymore! (Rejected)" href="https://redmine.pfsense.org/issues/889">#889</a>, but it was closed as a duplicate of this bug.</p>
<p>But this problem is relevant for latest snapshot (Tue Sep 14 20:22:41 EDT 2010)</p>
<blockquote>
<p>all gateway groups have ceased to work.<br />All traffic goes through a router by default.</p>
</blockquote>
<p>When booting, the console can see the error message in the file /etc/inc/gwlb.inc in 8th row.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=32152010-09-15T15:08:18ZErmal Luçieri@pfsense.org
<ul></ul><p>Latest commits should fix issues reported.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=32162010-09-15T18:03:39Zivan primusivan.primorac@gmail.com
<ul></ul><p>testing latest snapshot 15.09 with latest commits by Ermal not included in latest snapshot.<br />Can't test post upgrade situation, but<br />- on reboot status_gateways.php shows:<br />GW_WAN 85.114.48.109 - Unknown <br />GW_WTMP 85.114.55.133 - Unknown <br />GW_OPT3 dynamic - Unknown Interfaceopt3dynamic<br />No monitor IP in the row.</p>
<p>- edit gateways in system_gateways_edit.php<br />got php warning: fsockopen(): unable to connect to unix:///var/run/check_reload_status:-1 (Connection refused) in /etc/inc/util.inc on line 143<br />All gateways are online</p>
<p>- manual reconnect of pppoe interface and <strong>STATUS OF DYNAMIC GW STAYS UP</strong><br />This is the most important thing for my fw. Still, initialy on reboot there is some error of filling/reading array of monitor IPs and telling apinger to return correct status of gateways.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=32172010-09-15T18:24:54Zivan primusivan.primorac@gmail.com
<ul></ul><p>Ermal, on reboot, apinger is not started. There is apinger proces - ps auxw.<br />It apears atfer I edit some gw</p>
<p>root 48126 0.0 0.1 3324 1360 ?? Ss 12:23AM 0:00.01 /usr/local/sbin/apinger -c /var/etc/apinger.conf</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=32182010-09-15T18:51:32Zivan primusivan.primorac@gmail.com
<ul></ul><p>It works even with alternate monitor ip on pppoe (static route is correctly added).<br />Thing that I noticed on manual reconnect: pppoe disconnects ok, but when I press connect button, it hangs (tested several times). When I reload status_interfaces.php it shows status connected.<br />Php warning is not connected with this issue, because it sometimes appears on other pages.<br />(fsockopen(): unable to connect to unix:///var/run/check_reload_status:-1 (Connection refused) in /etc/inc/util.inc on line 143) - probably should be some other issue - event error</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=32342010-09-19T17:03:11Zivan primusivan.primorac@gmail.com
<ul></ul><p>As of 18.09 snapshot I can confirm that this issue is resolved. Dynamic gateways are ok on upgrade / reboot / reconnect</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=32362010-09-19T17:50:48Zivan primusivan.primorac@gmail.com
<ul></ul><p>I recreated gateway groups and can confirm that there is still issue with status of gateways in group. Status of each gateway is "Gathering data". I saw simular reports in forum.<br />In system logs there is message: <br />php: : Gateways status could not be determined, considering all as up/active.</p>
<p>Another thing I can notice is that dynamic gateway is automaticly displayed as default. My wan static gateway is default too, so now I have 2 defult gateways displayed in system_gateways.php. Still, routing table shows ony one default route - through wan interface.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=32372010-09-20T06:54:18Zivan primusivan.primorac@gmail.com
<ul><li><strong>File</strong> <a href="/attachments/162">status_gateway_groups.php</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/162/status_gateway_groups.php">status_gateway_groups.php</a> added</li></ul><p>this is modified version of status_gateway_groups.php to show correct status of groups.<br />Ermal, please check and include if this is ok. It works for me</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=33512010-10-07T00:27:50ZMarcus Brown
<ul></ul><p>Ivan, can you test a current snapshot (without your modified status_gateway_groups.php) for this problem again? There have been a lot of changes recently.</p>
<p>Thanks.</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=33602010-10-08T19:07:03Zivan primusivan.primorac@gmail.com
<ul></ul><p>I tested it on 2 firewalls and everything seems to be ok. This issue actualy included few other connected issues. My opinion is that you can close this. Thanks for your help</p> pfSense - Bug #876: pppoe on OPT - on upgrade/reboot/reconnect is lost on gateway status listhttps://redmine.pfsense.org/issues/876?journal_id=33622010-10-09T05:24:30ZChris Buechlercbuechler@gmail.com
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Resolved</i></li></ul>