Re: [pfSense Support] CARP Bug in 1.2.3
On Wed, Apr 8, 2009 at 11:31 PM, Dimitri Rodis dimit...@integritasystems.com wrote: Currently running: 1.2.3-RC1 built on Wed Apr 1 16:59:10 EDT 2009 Changed the CARP config-- had a redundant member that I removed, so I shut pfsync off. However, I kept getting messages along the top that XMLRPC sync was failing. I checked, and it was disabled--so, I unchecked absolutely everything and saved and rebooted, but the errors persisted. I think I found the problem. I downloaded my config file and had a look. Check out the following section: installedpackages carpsettings config pfsyncenabled/ pfsyncinterfaceopt3/pfsyncinterface pfsyncpeerip/ synchronizerules/ synchronizeschedules/ synchronizealiases/ synchronizenat/ synchronizeipsec/ synchronizewol/ synchronizestaticroutes/ synchronizelb/ synchronizevirtualip/ synchronizetrafficshaper/ synchronizednsforwarder/ synchronizetoip/ password/ /config config pfsyncenabled/on/pfsyncenabled pfsyncinterfaceopt3/pfsyncinterface pfsyncpeerip/ synchronizeruleson/synchronizerules synchronizescheduleson/synchronizeschedules synchronizealiaseson/synchronizealiases synchronizenaton/synchronizenat synchronizeipsecon/synchronizeipsec synchronizewolon/synchronizewol synchronizestaticrouteson/synchronizestaticroutes synchronizelbon/synchronizelb synchronizevirtualipon/synchronizevirtualip synchronizetrafficshaperon/synchronizetrafficshaper synchronizednsforwarder/ synchronizetoip172.19.0.2/synchronizetoip passwordxx/password /config config pfsyncenabledon/pfsyncenabled pfsyncinterfaceopt3/pfsyncinterface pfsyncpeerip/ synchronizeruleson/synchronizerules synchronizescheduleson/synchronizeschedules synchronizealiaseson/synchronizealiases synchronizenaton/synchronizenat synchronizeipsecon/synchronizeipsec synchronizewolon/synchronizewol synchronizestaticrouteson/synchronizestaticroutes synchronizelbon/synchronizelb synchronizevirtualipon/synchronizevirtualip synchronizetrafficshaperon/synchronizetrafficshaper synchronizednsforwarderon/synchronizednsforwarder synchronizetoip172.19.0.3/synchronizetoip passwordx/password /config /carpsettings /installedpackages Shouldn't config/config only be in there once? Looks like it added another config/config section it each time I tried to change/save it, and it's only using the last one. Bug or user error? Dimitri Rodis Integrita Systems LLC http://www.integritasystems.com Doubt its a bug or we would be seeing a lot more of this. Scott
RE: [pfSense Support] CARP Bug in 1.2.3
I think this is more obscure than you think-- this is on a snapshot build, so how many people have 1) run a 1.2.3 snapshot, 2) _had_ a redundant CARP config, and then 3) removed the redundant member and 4) added some Outbound NAT rules and interface rules (which is what finally triggered the XMLRPC sync, and thus the error)? My guess is that people with redundant configs are probably not testing snapshot builds (or even production builds) in this manner. I don't know if this happens on previous builds, and you are probably going to say that the code hasn't changed, and that's very likely to be true if you say so--I'm just saying I think the bug is present, but obscure. Obviously if it happens it's easy enough to fix by downloading the config, deleting the duped sections and uploading the config again, but I would tend to think there's a bug in there somewhere, because like I said, I didn't dupe the section myself. Dimitri Rodis Integrita Systems LLC -Original Message- From: Scott Ullrich [mailto:sullr...@gmail.com] Sent: Thursday, April 09, 2009 8:15 AM To: support@pfsense.com Subject: Re: [pfSense Support] CARP Bug in 1.2.3 On Wed, Apr 8, 2009 at 11:31 PM, Dimitri Rodis dimit...@integritasystems.com wrote: Currently running: 1.2.3-RC1 built on Wed Apr 1 16:59:10 EDT 2009 Changed the CARP config-- had a redundant member that I removed, so I shut pfsync off. However, I kept getting messages along the top that XMLRPC sync was failing. I checked, and it was disabled--so, I unchecked absolutely everything and saved and rebooted, but the errors persisted. I think I found the problem. I downloaded my config file and had a look. Check out the following section: installedpackages carpsettings config pfsyncenabled/ pfsyncinterfaceopt3/pfsyncinterface pfsyncpeerip/ synchronizerules/ synchronizeschedules/ synchronizealiases/ synchronizenat/ synchronizeipsec/ synchronizewol/ synchronizestaticroutes/ synchronizelb/ synchronizevirtualip/ synchronizetrafficshaper/ synchronizednsforwarder/ synchronizetoip/ password/ /config config pfsyncenabled/on/pfsyncenabled pfsyncinterfaceopt3/pfsyncinterface pfsyncpeerip/ synchronizeruleson/synchronizerules synchronizescheduleson/synchronizeschedules synchronizealiaseson/synchronizealiases synchronizenaton/synchronizenat synchronizeipsecon/synchronizeipsec synchronizewolon/synchronizewol synchronizestaticrouteson/synchronizestaticroutes synchronizelbon/synchronizelb synchronizevirtualipon/synchronizevirtualip synchronizetrafficshaperon/synchronizetrafficshaper synchronizednsforwarder/ synchronizetoip172.19.0.2/synchronizetoip passwordxx/password /config config pfsyncenabledon/pfsyncenabled pfsyncinterfaceopt3/pfsyncinterface pfsyncpeerip/ synchronizeruleson/synchronizerules synchronizescheduleson/synchronizeschedules synchronizealiaseson/synchronizealiases synchronizenaton/synchronizenat synchronizeipsecon/synchronizeipsec synchronizewolon/synchronizewol synchronizestaticrouteson/synchronizestaticroutes synchronizelbon/synchronizelb synchronizevirtualipon/synchronizevirtualip synchronizetrafficshaperon/synchronizetrafficshaper synchronizednsforwarderon/synchronizednsforwarder synchronizetoip172.19.0.3/synchronizetoip passwordx/password /config /carpsettings /installedpackages Shouldn't config/config only be in there once? Looks like it added another config/config section it each time I tried to change/save it, and it's only using the last one. Bug or user error? Dimitri Rodis Integrita Systems LLC http://www.integritasystems.com Doubt its a bug or we would be seeing a lot more of this. Scott smime.p7s Description: S/MIME cryptographic
Re: [pfSense Support] CARP Bug in 1.2.3
On Thu, Apr 9, 2009 at 12:37 PM, Dimitri Rodis dimit...@integritasystems.com wrote: I think this is more obscure than you think-- this is on a snapshot build, so how many people have 1) run a 1.2.3 snapshot, 2) _had_ a redundant CARP config, and then 3) removed the redundant member and 4) added some Outbound NAT rules and interface rules (which is what finally triggered the XMLRPC sync, and thus the error)? My guess is that people with redundant configs are probably not testing snapshot builds (or even production builds) in this manner. I don't know if this happens on previous builds, and you are probably going to say that the code hasn't changed, and that's very likely to be true if you say so--I'm just saying I think the bug is present, but obscure. Obviously if it happens it's easy enough to fix by downloading the config, deleting the duped sections and uploading the config again, but I would tend to think there's a bug in there somewhere, because like I said, I didn't dupe the section myself. My guess would be that you installed a snapshot that contained xmlparse.inc from HEAD. Right around the hackathon time this was included but has since been removed. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] CARP Bug in 1.2.3
The snapshot I'm using is dated April 1.. that's a couple of days after the hackathon, I believe. Any idea when the xmlparse.inc from HEAD was removed? Dimitri Rodis Integrita Systems LLC http://www.integritasystems.com -Original Message- From: Scott Ullrich [mailto:sullr...@gmail.com] Sent: Thursday, April 09, 2009 10:17 AM To: support@pfsense.com Subject: Re: [pfSense Support] CARP Bug in 1.2.3 On Thu, Apr 9, 2009 at 12:37 PM, Dimitri Rodis dimit...@integritasystems.com wrote: I think this is more obscure than you think-- this is on a snapshot build, so how many people have 1) run a 1.2.3 snapshot, 2) _had_ a redundant CARP config, and then 3) removed the redundant member and 4) added some Outbound NAT rules and interface rules (which is what finally triggered the XMLRPC sync, and thus the error)? My guess is that people with redundant configs are probably not testing snapshot builds (or even production builds) in this manner. I don't know if this happens on previous builds, and you are probably going to say that the code hasn't changed, and that's very likely to be true if you say so--I'm just saying I think the bug is present, but obscure. Obviously if it happens it's easy enough to fix by downloading the config, deleting the duped sections and uploading the config again, but I would tend to think there's a bug in there somewhere, because like I said, I didn't dupe the section myself. My guess would be that you installed a snapshot that contained xmlparse.inc from HEAD. Right around the hackathon time this was included but has since been removed. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org smime.p7s Description: S/MIME cryptographic signature
Re: [pfSense Support] CARP Bug in 1.2.3
On Thu, Apr 9, 2009 at 1:57 PM, Dimitri Rodis dimit...@integritasystems.com wrote: The snapshot I'm using is dated April 1.. that's a couple of days after the hackathon, I believe. Any idea when the xmlparse.inc from HEAD was removed? You where affected then. It was removed for causing various problems such as these. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] CARP Bug in 1.2.3
Good deal. I'll go to a later snapshot then. Are upgrades between snapshots on embedded working at the moment, or should I just reflash? Dimitri Rodis Integrita Systems LLC http://www.integritasystems.com -Original Message- From: Scott Ullrich [mailto:sullr...@gmail.com] Sent: Thursday, April 09, 2009 11:37 AM To: support@pfsense.com Subject: Re: [pfSense Support] CARP Bug in 1.2.3 On Thu, Apr 9, 2009 at 1:57 PM, Dimitri Rodis dimit...@integritasystems.com wrote: The snapshot I'm using is dated April 1.. that's a couple of days after the hackathon, I believe. Any idea when the xmlparse.inc from HEAD was removed? You where affected then. It was removed for causing various problems such as these. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org smime.p7s Description: S/MIME cryptographic signature
Re: [pfSense Support] CARP Bug in 1.2.3
On Thu, Apr 9, 2009 at 7:00 PM, Dimitri Rodis dimit...@integritasystems.com wrote: Good deal. I'll go to a later snapshot then. Are upgrades between snapshots on embedded working at the moment, or should I just reflash? Yeah you got hit with the xmlparse.inc issue that was in snapshots for a couple days. I know CARP is fine in 1.2.3 outside of those couple days, I've setup 3 CARP pairs on 1.2.3 in the past 2 weeks. Reflash, and either redo your config from scratch or manually remove anything that's out of whack. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
