Bug #9489
closed
pfsense with ha closing sessions when apply any rule, xmlrpc erros are shown
0%
Description
Cloned from:
https://forum.netgate.com/topic/131916/pfsense-with-ha-closing-sessions-when-apply-any-rule
On XG-7100,
- sync interface ping, port 443 is open, ...
- xmlrpc works (the config sync does work at stage #1)
- xmlrpc errors are shown after a while (restore_config_section and host_firmware_version are shown as failed)
- sessions get closed on apply any change in the modification
Please note that only once the apply button has been pressed, and 2 "Syncing firewall" has been logged in 2 seconds span.
Logs from master:
Apr 29 01:48:44 pf1-lipi check_reload_status: Syncing firewall
Apr 29 01:48:45 pf1-lipi php-fpm348: /rc.filter_synchronize: Beginning XMLRPC sync data to https://10.11.8.232:443/xmlrpc.php.
Apr 29 01:48:46 pf1-lipi php-fpm348: /rc.filter_synchronize: XMLRPC reload data success with https://10.11.8.232:443/xmlrpc.php (pfsense.host_firmware_version).
Apr 29 01:48:46 pf1-lipi php-fpm348: /rc.filter_synchronize: XMLRPC versioncheck: 18.9 -- 18.9
Apr 29 01:48:46 pf1-lipi php-fpm348: /rc.filter_synchronize: Beginning XMLRPC sync data to https://10.11.8.232:443/xmlrpc.php.
Apr 29 01:48:46 pf1-lipi check_reload_status: Syncing firewall
Apr 29 01:48:47 pf1-lipi php-fpm5542: /rc.filter_synchronize: Beginning XMLRPC sync data to https://10.11.8.232:443/xmlrpc.php.
Apr 29 01:48:57 pf1-lipi check_reload_status: Reloading filter
Apr 29 01:49:25 pf1-lipi sshd51791: user admin login class [preauth]
Apr 29 01:49:25 pf1-lipi sshd51791: user admin login class [preauth]
Apr 29 01:49:25 pf1-lipi sshd51791: user admin login class [preauth]
[login as my session get disconnected]
Apr 29 01:49:46 pf1-lipi php-fpm348: /rc.filter_synchronize: A communications error occurred while attempting to call XMLRPC method restore_config_section:
Apr 29 01:49:46 pf1-lipi php-fpm348: /rc.filter_synchronize: New alert found: A communications error occurred while attempting to call XMLRPC method restore_config_section:
Apr 29 01:49:46 pf1-lipi php-fpm348: /rc.filter_synchronize: Beginning XMLRPC sync data to https://10.11.8.232:443/xmlrpc.php.
Apr 29 01:49:47 pf1-lipi php-fpm5542: /rc.filter_synchronize: A communications error occurred while attempting to call XMLRPC method host_firmware_version:
Apr 29 01:49:47 pf1-lipi php-fpm5542: /rc.filter_synchronize: New alert found: A communications error occurred while attempting to call XMLRPC method host_firmware_version:
Apr 29 01:49:47 pf1-lipi php-fpm5542: /rc.filter_synchronize: Beginning XMLRPC sync data to https://10.11.8.232:443/xmlrpc.php.
Apr 29 01:50:46 pf1-lipi php-fpm348: /rc.filter_synchronize: A communications error occurred while attempting to call XMLRPC method restore_config_section:
Apr 29 01:50:46 pf1-lipi php-fpm348: /rc.filter_synchronize: New alert found: A communications error occurred while attempting to call XMLRPC method restore_config_section:
Apr 29 01:50:47 pf1-lipi php-fpm5542: /rc.filter_synchronize: A communications error occurred while attempting to call XMLRPC method host_firmware_version:
Apr 29 01:50:47 pf1-lipi php-fpm5542: /rc.filter_synchronize: New alert found: A communications error occurred while attempting to call XMLRPC method host_firmware_version:
Apr 29 01:50:47 pf1-lipi php-fpm5542: /rc.filter_synchronize: XMLRPC versioncheck: -- 18.9
Apr 29 01:50:47 pf1-lipi php-fpm5542: /rc.filter_synchronize: The pfSense software configuration version of the other member could not be determined. Skipping synchronization to avoid causing a problem!
How to reproduce:
1) setup a cluster in HA
2) apply any configuration change (even disable one rule and enable it again, then press apply)
3) errors are shown both in UI and logs
Updated by 
Updated by