core: interfaces: dhclient-script regression in 19.1
Just want to be sure the dev are aware of “our” issue.
After 10-20 minutes of uptime all incoming connections are beeing dropped! So, OpenVPN tunnels are dropped too. It was fine on 18.7.10.
In the General-system log I can see this every 20 minutes:
Feb 5 13:00:55 opnsense: /usr/local/etc/rc.newwanip: Dynamic DNS: (Success) No change in IP address
Feb 5 13:00:55 opnsense: /usr/local/etc/rc.newwanip: Dynamic DNS: updating cache file /var/cache/dyndns.org_0.cache: ***
Feb 5 13:00:50 opnsense: /usr/local/etc/rc.newwanip: Interface '' is disabled or empty, nothing to do.
Feb 5 13:00:50 opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 'ovpns2'
Feb 5 13:00:49 kernel: ovpns2: link state changed to UP
Feb 5 13:00:44 kernel: ovpns2: link state changed to DOWN
Feb 5 13:00:44 opnsense: /usr/local/etc/rc.newwanip: Resyncing OpenVPN instances for interface WAN.
Feb 5 13:00:40 opnsense: /usr/local/etc/rc.newwanip: ROUTING: skipping IPv6 default route
Feb 5 13:00:40 opnsense: /usr/local/etc/rc.newwanip: ROUTING: keeping current default gateway '***'
Feb 5 13:00:40 opnsense: /usr/local/etc/rc.newwanip: ROUTING: setting IPv4 default route to ***
Feb 5 13:00:40 opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv4 default gateway set to wan
Feb 5 13:00:40 opnsense: /usr/local/etc/rc.newwanip: ROUTING: IPv6 default gateway set to wan
Feb 5 13:00:40 opnsense: /usr/local/etc/rc.newwanip: ROUTING: entering configure using 'wan'
Feb 5 13:00:39 opnsense: /usr/local/etc/rc.newwanip: On (IP address: ***) (interface: WAN[wan]) (real interface: re1_vlan10).
Feb 5 13:00:39 opnsense: /usr/local/etc/rc.newwanip: IP renewal is starting on 're1_vlan10'
after every execution of rc.newwanip (even manually) all connection are dropped.
I watch TV over the internet and every 20 minutes the stream hangs, so I have to rewind to build up the stream again.
Here is the forum post: https://forum.opnsense.org/index.php?topic=11456.0
Is there any solution? What could it be? According to github, the last changes to rc.newwanip where 5 month ago (https://github.com/opnsense/core/commits/master/src/etc/rc.newwanip). I think it has something to do with the switch to HardenedBSD, but I am absolutly not a unix guy…
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Comments: 92 (68 by maintainers)
Commits related to this issue
- Revert "interfaces: try to sync dhclient-script #2542" PR: https://github.com/opnsense/core/issues/3197 — committed to opnsense/core by fichtner 5 years ago
- interfaces: push dhclient and dhcp6c to system log Easier to see what's going on, both trigger most system reconfigure events anyway. PR: https://github.com/opnsense/core/issues/3197 Discussed with:... — committed to opnsense/core by fichtner 5 years ago
- interfaces: push dhclient and dhcp6c to system log Easier to see what's going on, both trigger most system reconfigure events anyway. PR: https://github.com/opnsense/core/issues/3197 Discussed with:... — committed to opnsense/core by fichtner 5 years ago
- interfaces: remove arp flush from dhclient-script #3197 PR: https://forum.opnsense.org/index.php?topic=11037.0 — committed to opnsense/core by fichtner 5 years ago
- interfaces: our dhclient-script doesn't clobber resolv.conf #3197 The FreeBSD one does, but we have different code that is "safe" for multiple DHCP connections. — committed to opnsense/core by fichtner 5 years ago
- interfaces: our dhclient-script doesn't clobber resolv.conf #3197 The FreeBSD one does, but we have different code that is "safe" for multiple DHCP connections. (cherry picked from commit b20f71b19e... — committed to opnsense/core by fichtner 5 years ago
- Revert "interfaces: remove arp flush from dhclient-script #3197" This reverts commit a1dbbb5ef132487c88b2b144ac67eeedb00a576c. — committed to opnsense/core by fichtner 5 years ago
- interfaces: check for valid alias IP #3197 Suggested by: @tbandixen — committed to opnsense/core by fichtner 5 years ago
- interfaces: check for valid alias IP #3197 Suggested by: @tbandixen (cherry picked from commit 90c0c395a54967f28c797b46293d4fb975b27ded) — committed to opnsense/core by fichtner 5 years ago
We don’t know what the error is, so it will come back if we just revert fixes for other problems. Not to mention having issues back that have been fixed with this. Does that make sense?
@tbandixen thanks for the hint, the check changed as it tried to align with FreeBSD. It seems the issue is present there, but it is not critical because it doesn’t have a use case maybe shrugs
That should be it then…
@tbandixen that’s correct
@cejohnson thanks. that’s been this way for a long time however 😭
I’ve reviewed the “bad” patch line by line and nothing really jumps out there that would explain all of it. We need more data points, hopefully a full log and the $LOGGER $reason addition will reveal what is going on.
Yeah my history tells a different story
Okay, I didn’t know I was spamming, I will switch back to pfsense