Re: AW: [pfSense Support] pfsense wrap and webconfigurator
Holger Bauer wrote: thanks for the answer, I'll do it ciao, Rodolfo You can't upgrade from that version to the latest as we changed the http-server that runs the webconfiguration. You have to reflash. Holger -Ursprüngliche Nachricht- Von: Rodolfo Vardelli [mailto:[EMAIL PROTECTED] Gesendet: Montag, 12. Dezember 2005 12:33 An: support@pfsense.com Betreff: [pfSense Support] pfsense wrap and webconfigurator I have just upgraded wrap from 94.12 to 96.2, webconfigurator doesn't start: Welcome to pfSense 0.96.2 on the 'wrap' platform... Starting device manager (devd)... done. Loading configuration... done. Updating configuration... done. Cleaning backup cache... done. Setting up extended sysctls... done. Syncing user passwords... done. Starting Secure Shell Services... done. Setting timezone... done. Starting syslog... done. Configuring LAN interface... done. Configuring WAN interface... done. Configuring OPT interfaces... done. Configuring CARP interfaces...done. Configuring firewall... aliases rules filtering done. Starting webConfigurator... failed! even restarting it with option 11 of menu, or using rc.restart_webgui the webconfigurator isn't starting ciao, Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] pfsense wrap and webconfigurator
I have just upgraded wrap from 94.12 to 96.2, webconfigurator doesn't start: Welcome to pfSense 0.96.2 on the 'wrap' platform... Starting device manager (devd)... done. Loading configuration... done. Updating configuration... done. Cleaning backup cache... done. Setting up extended sysctls... done. Syncing user passwords... done. Starting Secure Shell Services... done. Setting timezone... done. Starting syslog... done. Configuring LAN interface... done. Configuring WAN interface... done. Configuring OPT interfaces... done. Configuring CARP interfaces...done. Configuring firewall... aliases rules filtering done. Starting webConfigurator... failed! even restarting it with option 11 of menu, or using rc.restart_webgui the webconfigurator isn't starting ciao, Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] wrap 85.2
Bill Marquette wrote: Now I get this: Parse error: parse error, unexpected T_IF in /etc/inc/shaper.inc on line 129 regards N...don't do that :) I split the shaper code off into another file, you will break if you simply follow this. /etc/rc.conf_mount_rw touch /etc/inc/shaper.inc /etc/rc.conf_mount_ro update_file.sh /etc/inc/shaper.inc update_file.sh /etc/inc/filter.inc --Bill On 9/26/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: update_file.sh /etc/inc/filter.inc On 9/26/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich wrote: Where? So I can fix on my board regards Rodolfo Yep, there was a small typo in filter.inc. It's fixed now. Scott On 9/26/05, Bill Marquette <[EMAIL PROTECTED]> wrote: Oddly I haven't seen this on my wrap installs :-/ There was a broken commit of /etc/filter.inc that would have exhibited this behavior on a wrap, but that didn't make it into 0.85.2 (just confirmed on one of my installs) "Warning: touch(): Unable to create file /filter_dirty" makes me think we missed a global $g somewhere. --Bill On 9/26/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: This is not correct. WRAP's should be running on a memory mounted /tmp/ What does /etc/platform say?If it does not say wrap, pleae change it and reboot. Scott On 9/26/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: I have just upgrade from 84.6 to 85.2 (on wrap), modifying a firewall rule I got this error Warning: touch(): Unable to create file /filter_dirty because Read-only file system in /etc/inc/filter.inc on line 57 regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] wrap 85.2
Scott Ullrich wrote: Where? So I can fix on my board regards Rodolfo Yep, there was a small typo in filter.inc. It's fixed now. Scott On 9/26/05, Bill Marquette <[EMAIL PROTECTED]> wrote: Oddly I haven't seen this on my wrap installs :-/ There was a broken commit of /etc/filter.inc that would have exhibited this behavior on a wrap, but that didn't make it into 0.85.2 (just confirmed on one of my installs) "Warning: touch(): Unable to create file /filter_dirty" makes me think we missed a global $g somewhere. --Bill On 9/26/05, Scott Ullrich <[EMAIL PROTECTED]> wrote: This is not correct. WRAP's should be running on a memory mounted /tmp/ What does /etc/platform say?If it does not say wrap, pleae change it and reboot. Scott On 9/26/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: I have just upgrade from 84.6 to 85.2 (on wrap), modifying a firewall rule I got this error Warning: touch(): Unable to create file /filter_dirty because Read-only file system in /etc/inc/filter.inc on line 57 regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] wrap 85.2
Scott Ullrich wrote: # cat platform wrap regards Rodolfo This is not correct. WRAP's should be running on a memory mounted /tmp/ What does /etc/platform say?If it does not say wrap, pleae change it and reboot. Scott On 9/26/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: I have just upgrade from 84.6 to 85.2 (on wrap), modifying a firewall rule I got this error Warning: touch(): Unable to create file /filter_dirty because Read-only file system in /etc/inc/filter.inc on line 57 regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AW: AW: [pfSense Support] wrap 85.2
Holger Bauer wrote: H, the second machine is master I have tried adding a rule to master and backup got this rule without problem, I am not sure if carp sync works well, I tried rebooting the master and backup became master without problem, but cpu remained at 100% regards Rodolfo Can you try to upgrade the second machine to 0.85.2 as well? I doubt that the latest changes (not only pfsense related changes but freebsd carp as well) prevent two machines with different versions to sync properly but this is something you should try next. Holger -Ursprüngliche Nachricht- Von: Rodolfo Vardelli [mailto:[EMAIL PROTECTED] Gesendet: Montag, 26. September 2005 13:22 An: support@pfsense.com Betreff: Re: AW: [pfSense Support] wrap 85.2 Holger Bauer wrote: After reboot (third), carp interface goes up (as backup). The interface is a wan interface, but I have a router in front of it and not a modem Take care that this was an upgrade from 84.6 (working nicely) to 85.2 Now primary is a 84.6, secondary is 85.2 regards Rodolfo Just a question (and maybe something I've overread in your original mail). You have pppoe on WAN. Is your CARP-Interface for WAN or for LAN? pppoe and dchp interfaces won't work together with CARP. You need at least 3 static IPs on WAN for this to work (1 for the master, 1 for the backup and 1 that can be shared). If your CARP IP is for LAN please post your LAN-settings of both boxes and your CARP-Interface config. Also make sure you have allowed the communication on the sync-interfaces so the machines can talk to each other. You also might look at the carp-tutorial, maybe you find something that's quite obvious by looking at it: http://pfsense.com/mirror.php?section=tutorials/carp/carp-cluster-new.htm Holger -Ursprüngliche Nachricht----- Von: Rodolfo Vardelli [mailto:[EMAIL PROTECTED] Gesendet: Montag, 26. September 2005 09:52 An: support@pfsense.com Betreff: [pfSense Support] wrap 85.2 Just some more info: cpu usage stay at 100% (it's the backup firewall), here is top output: last pid: 81653; load averages: 1.61, 1.50, 1.36up 0+00:59:28 09:47:25 23 processes: 1 running, 22 sleeping CPU states: 0.7% user, 0.0% nice, 1.4% system, 1.4% interrupt, 96.6% idle Mem: 8164K Active, 8056K Inact, 12M Wired, 4K Cache, 11M Buf, 89M Free Swap: PID USERNAME THR PRI NICE SIZERES STATETIME WCPU COMMAND 271 root1 760 1292K 860K select 0:01 0.00% syslogd 74788 root1 760 5576K 2608K select 0:01 0.00% sshd 356 _pflogd 1 -580 1536K 1176K bpf 0:01 0.00% pflogd 79956 root1 760 2256K 1488K RUN 0:01 0.00% top 357 root1 -580 3656K 1800K bpf 0:01 0.00% tcpdump 1231 root1 1310 2868K 1756K select 0:00 0.00% mpd A carp (carp1) interface stays at init and doesn't go in backup status. (master is up) regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: AW: [pfSense Support] wrap 85.2
Holger Bauer wrote: After reboot (third), carp interface goes up (as backup). The interface is a wan interface, but I have a router in front of it and not a modem Take care that this was an upgrade from 84.6 (working nicely) to 85.2 Now primary is a 84.6, secondary is 85.2 regards Rodolfo Just a question (and maybe something I've overread in your original mail). You have pppoe on WAN. Is your CARP-Interface for WAN or for LAN? pppoe and dchp interfaces won't work together with CARP. You need at least 3 static IPs on WAN for this to work (1 for the master, 1 for the backup and 1 that can be shared). If your CARP IP is for LAN please post your LAN-settings of both boxes and your CARP-Interface config. Also make sure you have allowed the communication on the sync-interfaces so the machines can talk to each other. You also might look at the carp-tutorial, maybe you find something that's quite obvious by looking at it: http://pfsense.com/mirror.php?section=tutorials/carp/carp-cluster-new.htm Holger -Ursprüngliche Nachricht----- Von: Rodolfo Vardelli [mailto:[EMAIL PROTECTED] Gesendet: Montag, 26. September 2005 09:52 An: support@pfsense.com Betreff: [pfSense Support] wrap 85.2 Just some more info: cpu usage stay at 100% (it's the backup firewall), here is top output: last pid: 81653; load averages: 1.61, 1.50, 1.36up 0+00:59:28 09:47:25 23 processes: 1 running, 22 sleeping CPU states: 0.7% user, 0.0% nice, 1.4% system, 1.4% interrupt, 96.6% idle Mem: 8164K Active, 8056K Inact, 12M Wired, 4K Cache, 11M Buf, 89M Free Swap: PID USERNAME THR PRI NICE SIZERES STATETIME WCPU COMMAND 271 root1 760 1292K 860K select 0:01 0.00% syslogd 74788 root1 760 5576K 2608K select 0:01 0.00% sshd 356 _pflogd 1 -580 1536K 1176K bpf 0:01 0.00% pflogd 79956 root1 760 2256K 1488K RUN 0:01 0.00% top 357 root1 -580 3656K 1800K bpf 0:01 0.00% tcpdump 1231 root1 1310 2868K 1756K select 0:00 0.00% mpd A carp (carp1) interface stays at init and doesn't go in backup status. (master is up) regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Virus checked by G DATA AntiVirusKit - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] wrap 85.2
Just some more info: cpu usage stay at 100% (it's the backup firewall), here is top output: last pid: 81653; load averages: 1.61, 1.50, 1.36up 0+00:59:28 09:47:25 23 processes: 1 running, 22 sleeping CPU states: 0.7% user, 0.0% nice, 1.4% system, 1.4% interrupt, 96.6% idle Mem: 8164K Active, 8056K Inact, 12M Wired, 4K Cache, 11M Buf, 89M Free Swap: PID USERNAME THR PRI NICE SIZERES STATETIME WCPU COMMAND 271 root1 760 1292K 860K select 0:01 0.00% syslogd 74788 root1 760 5576K 2608K select 0:01 0.00% sshd 356 _pflogd 1 -580 1536K 1176K bpf 0:01 0.00% pflogd 79956 root1 760 2256K 1488K RUN 0:01 0.00% top 357 root1 -580 3656K 1800K bpf 0:01 0.00% tcpdump 1231 root1 1310 2868K 1756K select 0:00 0.00% mpd A carp (carp1) interface stays at init and doesn't go in backup status. (master is up) regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] wrap 85.2
I have just upgrade from 84.6 to 85.2 (on wrap), modifying a firewall rule I got this error Warning: touch(): Unable to create file /filter_dirty because Read-only file system in /etc/inc/filter.inc on line 57 regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] space on device?
I got this error: Warning: copy(/cf/conf/backup/config-1126267275.xml): failed to open stream: No space left on device in /etc/inc/config.inc on line 1261 Warning: Cannot modify header information - headers already sent by (output started at /etc/inc/config.inc:1261) in /usr/local/www/firewall_rules_edit.php on line 305 CF is not full, but /cf/conf/backup is full of "old?" conf files would be nice to keep only 2 or 3 so to have enough space I tried to manually remove some of them, but I got an error about a read only file system. Do I have to mount it read/write? regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] testing 82.2
I am testing 82.2 on soekris 4801 I get this error msg: g_vfs_done():ad0a[WRITE(offset=28213248, length=8192)]error = 1 more than one regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Scott Ullrich ha scritto: tomorrow I'll try 82.2 or something newer regards Rodolfo On 9/1/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: now I am only waiting CF upgrade great work regards, Rodolfo Don't have to wait any longer... That was fixed last night and starting on 0.82 firmware upgrade for the Embedded images will be supported. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Scott Ullrich ha scritto: now I am only waiting CF upgrade great work regards, Rodolfo On 9/1/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Rodolfo Vardelli ha scritto: after more than 13 hour no interrupt storm, I can say that this rule solved the problem Good deal. We'll try to fix this with better pfsync rules if possible. Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Rodolfo Vardelli ha scritto: after more than 13 hour no interrupt storm, I can say that this rule solved the problem regards I have created a rule to block everything from LAN to LAN as first rule. Tomorrow I'll make some more test regards Rodolfo Perhaps block this rule on the LAN interface before the ALL all? On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: What was generating the traffic? it was a normal broadcast to port 137-138 in network 9.0 that for some strange reason pass to other network. regards, Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: I solved putting a blocking rule in lan to stop port 138. No more interrupt storm as you can see from top: last pid: 2266; load averages: 0.15, 0.05, 0.04up 0+00:29:37 18:33:12 22 processes: 1 running, 21 sleeping CPU states: 0.0% user, 0.8% nice, 3.1% system, 0.4% interrupt, 95.7% idle Mem: 13M Active, 7492K Inact, 10M Wired, 24K Cache, 9824K Buf, 86M Free Swap: regards, Rodolfo Any chance of doing a tcpdump and see if a packet appears to be stuck in a loop? Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: In my opinion the bug is still here. The light (that indicate traffics) of the NIC (wan1 and wan2), are still. And after I halt the secondary, and the webgui of primary is usuable, the traffic of the interfaces (1 and 2) is more than 100 Megabytes regards Rodolfo There was a bug in previous versions that would send the machine into a interrupt storm due to a route bug. Your on a later version than this so I really dont know what to say here. Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: sorry, I meant outbound load balancing regards Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards When you say load balancing do you mean arp balancing? Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
I have created a rule to block everything from LAN to LAN as first rule. Tomorrow I'll make some more test regards Rodolfo Perhaps block this rule on the LAN interface before the ALL all? On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: What was generating the traffic? it was a normal broadcast to port 137-138 in network 9.0 that for some strange reason pass to other network. regards, Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: I solved putting a blocking rule in lan to stop port 138. No more interrupt storm as you can see from top: last pid: 2266; load averages: 0.15, 0.05, 0.04up 0+00:29:37 18:33:12 22 processes: 1 running, 21 sleeping CPU states: 0.0% user, 0.8% nice, 3.1% system, 0.4% interrupt, 95.7% idle Mem: 13M Active, 7492K Inact, 10M Wired, 24K Cache, 9824K Buf, 86M Free Swap: regards, Rodolfo Any chance of doing a tcpdump and see if a packet appears to be stuck in a loop? Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: In my opinion the bug is still here. The light (that indicate traffics) of the NIC (wan1 and wan2), are still. And after I halt the secondary, and the webgui of primary is usuable, the traffic of the interfaces (1 and 2) is more than 100 Megabytes regards Rodolfo There was a bug in previous versions that would send the machine into a interrupt storm due to a route bug. Your on a later version than this so I really dont know what to say here. Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: sorry, I meant outbound load balancing regards Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards When you say load balancing do you mean arp balancing? Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Scott Ullrich ha scritto: What was generating the traffic? it was a normal broadcast to port 137-138 in network 9.0 that for some strange reason pass to other network. regards, Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: I solved putting a blocking rule in lan to stop port 138. No more interrupt storm as you can see from top: last pid: 2266; load averages: 0.15, 0.05, 0.04up 0+00:29:37 18:33:12 22 processes: 1 running, 21 sleeping CPU states: 0.0% user, 0.8% nice, 3.1% system, 0.4% interrupt, 95.7% idle Mem: 13M Active, 7492K Inact, 10M Wired, 24K Cache, 9824K Buf, 86M Free Swap: regards, Rodolfo Any chance of doing a tcpdump and see if a packet appears to be stuck in a loop? Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: In my opinion the bug is still here. The light (that indicate traffics) of the NIC (wan1 and wan2), are still. And after I halt the secondary, and the webgui of primary is usuable, the traffic of the interfaces (1 and 2) is more than 100 Megabytes regards Rodolfo There was a bug in previous versions that would send the machine into a interrupt storm due to a route bug. Your on a later version than this so I really dont know what to say here. Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: sorry, I meant outbound load balancing regards Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards When you say load balancing do you mean arp balancing? Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Rodolfo Vardelli ha scritto: not really solved, it seems that every broadcast pass to other interface: 18:35:30.405454 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.405726 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.406936 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.407276 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.408002 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.408290 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.409343 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.409616 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.410814 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.411143 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.411475 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.411740 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.412543 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.412807 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.413761 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.414023 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.415281 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.415571 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.416398 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.416653 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.417578 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.417854 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; REQUEST; BROADCAST 18:35:30.418409 IP 192.168.9.227.netbios-ns > 192.168.9.255.netbios-ns: NBT UDP PACKET(137): QUERY; R^CREQUEST; BROADCAST 34 packets captured 5473 packets received by filter 4597 packets dropped by kernel adding 137 too regards, Rodolfo Scott Ullrich ha scritto: I solved putting a blocking rule in lan to stop port 138. No more interrupt storm as you can see from top: last pid: 2266; load averages: 0.15, 0.05, 0.04up 0+00:29:37 18:33:12 22 processes: 1 running, 21 sleeping CPU states: 0.0% user, 0.8% nice, 3.1% system, 0.4% interrupt, 95.7% idle Mem: 13M Active, 7492K Inact, 10M Wired, 24K Cache, 9824K Buf, 86M Free Swap: regards, Rodolfo Any chance of doing a tcpdump and see if a packet appears to be stuck in a loop? Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: In my opinion the bug is still here. The light (that indicate traffics) of the NIC (wan1 and wan2), are still. And after I halt the secondary, and the webgui of primary is usuable, the traffic of the interfaces (1 and 2) is more than 100 Megabytes regards Rodolfo There was a bug in previous versions that would send the machine into a interrupt storm due to a route bug. Your on a later version than this so I really dont know what to say here. Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: sorry, I meant outbound load balancing regards Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards When you say load balancing do you mean arp balancing? Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -
Re: [pfSense Support] 81.4 load balance + carp
Scott Ullrich ha scritto: I solved putting a blocking rule in lan to stop port 138. No more interrupt storm as you can see from top: last pid: 2266; load averages: 0.15, 0.05, 0.04up 0+00:29:37 18:33:12 22 processes: 1 running, 21 sleeping CPU states: 0.0% user, 0.8% nice, 3.1% system, 0.4% interrupt, 95.7% idle Mem: 13M Active, 7492K Inact, 10M Wired, 24K Cache, 9824K Buf, 86M Free Swap: regards, Rodolfo Any chance of doing a tcpdump and see if a packet appears to be stuck in a loop? Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: In my opinion the bug is still here. The light (that indicate traffics) of the NIC (wan1 and wan2), are still. And after I halt the secondary, and the webgui of primary is usuable, the traffic of the interfaces (1 and 2) is more than 100 Megabytes regards Rodolfo There was a bug in previous versions that would send the machine into a interrupt storm due to a route bug. Your on a later version than this so I really dont know what to say here. Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: sorry, I meant outbound load balancing regards Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards When you say load balancing do you mean arp balancing? Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Rodolfo Vardelli ha scritto: almost forgot I made a tcpdump on sis1 that belongs to networ 192.168.18.0 192.168.9.0 is on sis0 regards, Rodolfo Scott Ullrich ha scritto: this is the packet 17:54:04.859876 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.860073 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.860273 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.860515 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.860733 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.860930 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.861129 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.861324 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.861614 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.861817 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.862016 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.862210 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.862408 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.862662 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.862863 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.863058 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.863260 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.863512 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.863733 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.863929 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 192.168.9.3 is the proxy server (samba too) that has full access to internet. this packet is on sis1 (wan1) and sis3 (wan2). regards, Rodolfo Any chance of doing a tcpdump and see if a packet appears to be stuck in a loop? Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: In my opinion the bug is still here. The light (that indicate traffics) of the NIC (wan1 and wan2), are still. And after I halt the secondary, and the webgui of primary is usuable, the traffic of the interfaces (1 and 2) is more than 100 Megabytes regards Rodolfo There was a bug in previous versions that would send the machine into a interrupt storm due to a route bug. Your on a later version than this so I really dont know what to say here. Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: sorry, I meant outbound load balancing regards Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards When you say load balancing do you mean arp balancing? Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Scott Ullrich ha scritto: this is the packet 17:54:04.859876 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.860073 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.860273 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.860515 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.860733 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.860930 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.861129 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.861324 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.861614 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.861817 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.862016 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.862210 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.862408 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.862662 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.862863 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.863058 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.863260 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.863512 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.863733 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 17:54:04.863929 IP 192.168.9.3.netbios-dgm > 192.168.9.255.netbios-dgm: NBT UDP PACKET(138) 192.168.9.3 is the proxy server (samba too) that has full access to internet. this packet is on sis1 (wan1) and sis3 (wan2). regards, Rodolfo Any chance of doing a tcpdump and see if a packet appears to be stuck in a loop? Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: In my opinion the bug is still here. The light (that indicate traffics) of the NIC (wan1 and wan2), are still. And after I halt the secondary, and the webgui of primary is usuable, the traffic of the interfaces (1 and 2) is more than 100 Megabytes regards Rodolfo There was a bug in previous versions that would send the machine into a interrupt storm due to a route bug. Your on a later version than this so I really dont know what to say here. Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: sorry, I meant outbound load balancing regards Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards When you say load balancing do you mean arp balancing? Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Scott Ullrich ha scritto: I can try, any special instruction? regards Rodolfo Any chance of doing a tcpdump and see if a packet appears to be stuck in a loop? Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: In my opinion the bug is still here. The light (that indicate traffics) of the NIC (wan1 and wan2), are still. And after I halt the secondary, and the webgui of primary is usuable, the traffic of the interfaces (1 and 2) is more than 100 Megabytes regards Rodolfo There was a bug in previous versions that would send the machine into a interrupt storm due to a route bug. Your on a later version than this so I really dont know what to say here. Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: sorry, I meant outbound load balancing regards Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards When you say load balancing do you mean arp balancing? Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Scott Ullrich ha scritto: In my opinion the bug is still here. The light (that indicate traffics) of the NIC (wan1 and wan2), are still. And after I halt the secondary, and the webgui of primary is usuable, the traffic of the interfaces (1 and 2) is more than 100 Megabytes regards Rodolfo There was a bug in previous versions that would send the machine into a interrupt storm due to a route bug. Your on a later version than this so I really dont know what to say here. Scott On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Scott Ullrich ha scritto: sorry, I meant outbound load balancing regards Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards When you say load balancing do you mean arp balancing? Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Scott Ullrich ha scritto: sorry, I meant outbound load balancing regards Rodolfo On 8/31/05, Rodolfo Vardelli <[EMAIL PROTECTED]> wrote: Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards When you say load balancing do you mean arp balancing? Scott - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 81.4 load balance + carp
Bill Marquette ha scritto: standard soekris 4801 + 2 lan traffic? in that moment zero and it happens only with carp+load balance with two boards regards Rodolfo Hmmm, that's a seriously high interrupt load. How much traffic goes through this box? What type of NICs and CPU do the boxes have? --Bill On 8/31/05, *Rodolfo Vardelli* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: second part. Now backup is completly frozer, here top: last pid: 737; load averages: 0.97, 0.43, 0.17up 0+00:02:51 11:30:33 25 processes: 5 running, 20 sleeping CPU states: 0.3% user, 0.3% nice, 10.2% system, 77.2% interrupt, 11.9% idle Mem: 13M Active, 7404K Inact, 10M Wired, 24K Cache, 9200K Buf, 87M Free Swap: PID USERNAME THR PRI NICE SIZERES STATETIME WCPU COMMAND 668 root1 8 10 10856K 9588K ppwait 0:04 0.00% php 663 root1 760 2264K 1516K RUN 0:01 0.00% top 540 root1 760 1292K 868K select 0:01 0.00% syslogd 657 root1 80 1580K 1228K wait 0:00 0.00% login 662 root1 200 2616K 2000K pause0:00 0.00% tcsh 297 root1 -580 3656K 1748K bpf 0:00 0.00% tcpdump 543 root1 760 3480K 1960K RUN 0:00 0.00% mini_httpd 554 root1 80 1620K 1120K wait 0:00 0.00% sh 641 root1 80 1300K 984K nanslp 0:00 0.00% cron 299 root1 -80 1188K 688K piperd 0:00 0.00% logger 658 root1 80 1624K 1092K wait 0:00 0.00% sh 659 root1 80 1632K 1160K wait 0:00 0.00% sh 298 _pflogd 1 -580 1536K 1180K bpf 0:00 0.00% pflogd 669 root1 -80 3484K 2012K piperd 0:00 0.00% mini_httpd 295 root1 40 1472K 1136K sbwait 0:00 0.00% pflogd 667 root1 80 1168K 480K nanslp 0:00 0.00% sleep 656 root1 80 228K 124K nanslp 0:00 0.00% check_reload_st 547 nobody 1 1320 1320K 940K select 0:00 0.00% dnsmasq no answer from serial console. It answers to ping. Here the last message arrived at syslog server: Aug 31 11:29:40 192.168.9.32 <http://192.168.9.32> kernel: webgui doesn't answer. nothing else regards, Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] 81.4 load balance + carp
second part. Now backup is completly frozer, here top: last pid: 737; load averages: 0.97, 0.43, 0.17up 0+00:02:51 11:30:33 25 processes: 5 running, 20 sleeping CPU states: 0.3% user, 0.3% nice, 10.2% system, 77.2% interrupt, 11.9% idle Mem: 13M Active, 7404K Inact, 10M Wired, 24K Cache, 9200K Buf, 87M Free Swap: PID USERNAME THR PRI NICE SIZERES STATETIME WCPU COMMAND 668 root1 8 10 10856K 9588K ppwait 0:04 0.00% php 663 root1 760 2264K 1516K RUN 0:01 0.00% top 540 root1 760 1292K 868K select 0:01 0.00% syslogd 657 root1 80 1580K 1228K wait 0:00 0.00% login 662 root1 200 2616K 2000K pause0:00 0.00% tcsh 297 root1 -580 3656K 1748K bpf 0:00 0.00% tcpdump 543 root1 760 3480K 1960K RUN 0:00 0.00% mini_httpd 554 root1 80 1620K 1120K wait 0:00 0.00% sh 641 root1 80 1300K 984K nanslp 0:00 0.00% cron 299 root1 -80 1188K 688K piperd 0:00 0.00% logger 658 root1 80 1624K 1092K wait 0:00 0.00% sh 659 root1 80 1632K 1160K wait 0:00 0.00% sh 298 _pflogd 1 -580 1536K 1180K bpf 0:00 0.00% pflogd 669 root1 -80 3484K 2012K piperd 0:00 0.00% mini_httpd 295 root1 40 1472K 1136K sbwait 0:00 0.00% pflogd 667 root1 80 1168K 480K nanslp 0:00 0.00% sleep 656 root1 80 228K 124K nanslp 0:00 0.00% check_reload_st 547 nobody 1 1320 1320K 940K select 0:00 0.00% dnsmasq no answer from serial console. It answers to ping. Here the last message arrived at syslog server: Aug 31 11:29:40 192.168.9.32 kernel: webgui doesn't answer. nothing else regards, Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] 81.4 load balance + carp
Just installed 81.4 on two soekris 4801. top output (from the backup machine). Web on master isn't responding last pid: 709; load averages: 0.52, 0.34, 0.16up 0+00:07:15 11:14:53 20 processes: 1 running, 19 sleeping CPU states: 0.7% user, 0.0% nice, 6.6% system, 87.2% interrupt, 5.5% idle Mem: 7012K Active, 7348K Inact, 9628K Wired, 28K Cache, 8832K Buf, 93M Free Swap: PID USERNAME THR PRI NICE SIZERES STATETIME WCPU COMMAND 683 root1 760 2304K 1556K RUN 0:04 0.00% top 560 root1 760 1292K 868K select 0:01 0.00% syslogd 318 root1 -580 3656K 1740K bpf 0:00 0.00% tcpdump 677 root1 80 1580K 1228K wait 0:00 0.00% login 316 _pflogd 1 -580 1536K 1180K bpf 0:00 0.00% pflogd 319 root1 -80 1188K 688K piperd 0:00 0.00% logger 682 root1 200 2616K 2000K pause0:00 0.00% tcsh 574 root1 80 1620K 1120K wait 0:00 0.00% sh 676 root1 80 228K 120K nanslp 0:00 0.00% check_reload_st 661 root1 80 1300K 984K nanslp 0:00 0.00% cron 679 root1 80 1632K 1160K wait 0:00 0.00% sh 678 root1 80 1624K 1092K wait 0:00 0.00% sh 709 root1 80 1168K 480K nanslp 0:00 0.00% sleep 315 root1 40 1472K 1136K sbwait 0:00 0.00% pflogd 567 nobody 1 1320 1320K 940K select 0:00 0.00% dnsmasq 236 root1 1270 496K 352K select 0:00 0.00% devd 659 root1 970 2828K 2192K select 0:00 0.00% sshd I dont'w know if I am missing something important, or there is something wrong. Take care that the two soekris with carp (but no outbound load balance) work well, and single board well too. regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] Load Balancer
Scott Ullrich ha scritto: The "bug" of ssh not restarting after a configuration restore is still here. SSH works fine. Remove anything in /cf/conf/config.xml that has SSH in it. yes, ssh works fine, but if you restore a configuration, it keeps the old pwd (pfsense) and don't use the one in conf file, until you reboot (or restart ssh) The outgoing load balancing is not fully working yet. so, I stop trying thank you regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] Load Balancer
I have just upgrade from 73.12 to 77 on soekris 4801 Is load balancer for outbound connection too? The "bug" of ssh not restarting after a configuration restore is still here. regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] 73.6 embedded - ssh
When ssh is enabled there's the root default password. When I tried to change it i got this error: Changing local password for root New Password: Retype New Password: passwd: pam_chauthtok(): error in service module regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfsense 73.6 embedded
Rodolfo Vardelli ha scritto: please disregard this, I take a new CF, and everything works, now 73.6 replace 71.12 I am testing 73.6 on soekirs, using serial console I get this output (the same hw works great with pfsense 71.12 configured as secondary with carp): great work regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
[pfSense Support] pfsense 73.6 embedded
I am testing 73.6 on soekirs, using serial console I get this output (the same hw works great with pfsense 71.12 configured as secondary with carp): Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 6.0-BETA2 #0: Wed Aug 3 20:29:47 UTC 2005 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/pfSense_wrap.6 Timecounter "i8254" frequency 1193182 Hz quality 0 CPU: Geode(TM) Integrated Processor by National Semi (266.69-MHz 586-class CPU) Origin = "Geode by NSC" Id = 0x540 Stepping = 0 Features=0x808131 real memory = 134217728 (128 MB) avail memory = 121917440 (116 MB) wlan: mac acl policy registered ath_hal: 0.9.14.9 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413) npx0: [FAST] npx0: on motherboard npx0: INT 16 interface cpu0 on motherboard pcib0: pcibus 0 on motherboard pci0: on pcib0 sis0: port 0xe100-0xe1ff mem 0xa000-0xafff irq 10 at device 6.0 on pci0 sis0: Silicon Revision: DP83816A miibus0: on sis0 ukphy0: on miibus0 ukphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto sis0: Ethernet address: 00:00:24:c3:5d:a0 sis1: port 0xe200-0xe2ff mem 0xa0001000-0xa0001fff irq 10 at device 7.0 on pci0 sis1: Silicon Revision: DP83816A miibus1: on sis1 ukphy1: on miibus1 ukphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto sis1: Ethernet address: 00:00:24:c3:5d:a1 sis2: port 0xe300-0xe3ff mem 0xa0002000-0xa0002fff irq 10 at device 8.0 on pci0 sis2: Silicon Revision: DP83816A miibus2: on sis2 ukphy2: on miibus2 ukphy2: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto sis2: Ethernet address: 00:00:24:c3:5d:a2 pcib1: at device 10.0 on pci0 pci1: on pcib1 sis3: port 0xd000-0xd0ff mem 0xa400-0xa4000fff irq 5 at device 0.0 on pci1 sis3: Silicon Revision: DP83816A miibus3: on sis3 ukphy3: on miibus3 ukphy3: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto sis3: Ethernet address: 00:00:24:c3:47:98 sis4: port 0xd100-0xd1ff mem 0xa4001000-0xa4001fff irq 11 at device 1.0 on pci1 sis4: Silicon Revision: DP83816A miibus4: on sis4 ukphy4: on miibus4 ukphy4: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto sis4: Ethernet address: 00:00:24:c3:47:99 isab0: port 0x6100-0x613f,0x6200-0x623f at device 18.0 on pci0 isa0: on isab0 pci0: at device 18.1 (no driver attached) atapci0: port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xe000-0xe00f at device 18.2 on pci0 ata0: on atapci0 ata1: on atapci0 pci0: at device 18.5 (no driver attached) ohci0: mem 0xa0003000-0xa0003fff irq 11 at device 19.0 on pci0 ohci0: [GIANT-LOCKED] usb0: OHCI version 1.0, legacy support usb0: on ohci0 usb0: USB revision 1.0 uhub0: (0x0e11) OHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 3 ports with 3 removable, self powered pmtimer0 on isa0 orm0: at iomem 0xc8000-0xd0fff on isa0 ppc0: parallel port not found. sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0 sio0: type 16550A, console sio1 at port 0x2f8-0x2ff irq 3 on isa0 sio1: type 16550A Timecounters tick every 1.000 msec Fast IPsec: Initialized Security Association Processing. ad0: 991MB at ata0-master UDMA33 ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=0 ad0: FAILURE - READ_DMA timed out LBA=2031103 ad0: TIMEOUT - READ_DMA retrying (0 retries left) LBA=0 ad0: FAILURE - READ_DMA timed out LBA=2031116 ad0: FAILURE - READ_DMA timed out LBA=0 ad0: FAILURE - READ_DMA timed out LBA=2031119 ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=0 ad0: FAILURE - READ_DMA timed out LBA=2031057 ATA PseudoRAID loaded ad0: TIMEOUT - READ_DMA retrying (0 retries left) LBA=0 ad0: FAILURE - READ_DMA timed out LBA=0 ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=1 ad0: TIMEOUT - READ_DMA retrying (0 retries left) LBA=1 ad0: FAILURE - READ_DMA timed out LBA=1 ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=0 ad0: TIMEOUT - READ_DMA retrying (0 retries left) LBA=0 ad0: FAILURE - READ_DMA timed out LBA=0 ad0: TIMEOUT - READ_DMA retrying (1 retry left) LBA=0 ad0: TIMEOUT - READ_DMA retrying (0 retries left) LBA=0 ad0: FAILURE - READ_DMA timed out LBA=0 Trying to mount root from ufs:/dev/ad0a Manual root filesystem specification: : Mount using filesystem eg. ufs:da0s1a ? List valid disk boot devices Abort manual input mountroot> regards Rodolfo - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfSense feature roll call
Bill Marquette ha scritto: Read the mailing list archives. It get's dropped. Not a problem for me, don't let your connections go down ;-P We're working on a good solution for it... may be nat: outbound load balancing could be a good solution Can you give us more information other than "it doesn't work". Like say...what doesn't work? Have you done any troubleshooting to figure out what it's actually doing? Have you reported this before? sure, I am working wit a soekris 4801 I defined two outbound wan (opt1 and opt2) with gws. I added the gws to the outbound load balancing and enabled it. As soon as I added only one, everything works, when I added the second, I can reach internet but no aswer (using web) from pfsense (ssh was broken), so reflashed. regards - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] pfSense feature roll call
Bill Marquette ha scritto: two of getting my second WAN connection at home. Create rules and choose the gateway to send the traffic in question. but what happens to that traffic if the connection goes down? Also, I saw a checkbox in the web interface labelled "outbound load balancing" - does this actually redistribute outbound traffic over multiple WAN connections (ie. does it work?). Maybe...it's been in tree for a long time, but I know of no-one using it. It'll likely get a workout at the hackathon to ensure that it really is working. I have tried it with two outbound connection, but with no luck regards - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 0.71.x WARP Version
Rodolfo Vardelli ha scritto: David Strout ha scritto: yes, It works :-) but... ssh doesn't work with 0.70.x I wasn't able to restore a saved configuration nat: outbound load balance, does it work? I have just installed 71.2, now ssh works backup/restore works too may be later I will try nat outbound load balancing btw, there will be a possibility of using the wan interface as a normal interface? regards - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [pfSense Support] 0.71.x WARP Version
David Strout ha scritto: yes, It works :-) but... ssh doesn't work with 0.70.x I wasn't able to restore a saved configuration nat: outbound load balance, does it work? regards Everyone, Has anyone tried the new 0.71.x WARP version on a Soekris 4801 yet? If so could you provide any findings / gotchas? Regards, -- David L. Strout Engineering Systems Plus, LLC - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]