Shut down PFsense on PC and not have to restore?
-
@jsmiddleton4 pfsense reads the configuration on boot. As long as you make no configuration changes, there is nothing written to disk that needs to be restored after rebooting. It does not matter if you lose power or shut down gracefully. Of course, it is recommended to shutdown gracefully, but that does not always happen in the real world.
Your problem is not how you are shutting down. It is something much bigger than that. This is NOT normal behavior for pfsense.
-
Okay but what?
I've saved/backed up/HALT. I don't just power off.
Or I boot, hit F2 to go into BIOS. Save BIOS. Continue with boot. Config is lost and I have to restore.
Edit: I'm using Intel 2.5gbe NIC's. While their driver was added to 2.5.2 my understanding is full support is in 2.6.0.
Could that be it? PFSense can't "see" the NIC's so it defaults to the one it can see, a Realtek 1gb on the PC's motherboard, hits that and thinks I need to reconfigure?
-
@jsmiddleton4 My guess would be your pfsense box is failing to write to disk. That seems to be the most logical answer, but that is only a guess.
Your mention of the Intel NIC's as possible being involved is intriguing. Since you are obviously trying to get things working, have you consider upgrading to 2.6.0-BETA? It may not be an official release, but it is very stable and has full support for those adapters.
-
@jsmiddleton4 said in [Shut down PFsense on PC and not have to restore?]
Could that be it? PFSense can't "see" the NIC's so it defaults to the one it can see, a Realtek 1gb on the PC's motherboard, hits that and thinks I need to reconfigure?
Very likely this is the problem. When pfSense boots, if it can't find the exact same NICs that are specified in the
config.xmlfile, then it triggers the routine to have you select which interface is what (LAN, WAN, etc.).pfSense will be looking at the physical interface names when doing this check.
Another way this can happen is when using USB NICs. If the USB NIC driver is late to initialize and "show up" in the list, then pfSense may not see it when booting and thus trigger the "select interfaces" routine.
-
Home office environment and have to be stable. I keep fighting installing 2.6.0 but it would be inadvisable at this juncture.
I do look at the bug squashed reports and keep thinking any day now it’ll be “Stable” and I can have at it.
-
@bmeeks said in Shut down PFsense on PC and not have to restore?:
it triggers the routine to have you select which interface is what (LAN, WAN, etc.).
That’s what its doing. I only have to do a handful of config options to get to Console Menu. Tell it to restore, pick the one I always make for the latest config. It only takes a second.
Restore does fully restore. I don’t have to manually re-config anything.
“ it can't find the exact same NICs”
I noticed when fooling around with checking status/diagnostics on the I225 NIC’s the default name field is not correct. The driver, even though it works great for the 2.5Gb NIC’s, the name is the 1gb NIC’s. If PFsense sees the 1gbe name in config.xl that’d make it choke yes?
-
@jsmiddleton4 said in Shut down PFsense on PC and not have to restore?:
@bmeeks said in Shut down PFsense on PC and not have to restore?:
it triggers the routine to have you select which interface is what (LAN, WAN, etc.).
That’s what its doing. I only have to do a handful of config options to get to Console Menu. Tell it to restore, pick the one I always make for the latest config. It only takes a second.
Restore does fully restore. I don’t have to manually re-config anything.
“ it can't find the exact same NICs”
I noticed when fooling around with checking status/diagnostics on the I225 NIC’s the default name field is not correct. The driver, even though it works great for the 2.5Gb NIC’s, the name is the 1gb NIC’s. If PFsense sees the 1gbe name in config.xl that’d make it choke yes?
Very likely. It will be looking for something like
igb0, as an example for an older Intel NIC. So if the new NIC presents a slightly different name, that would confuse the pfSense boot process. It may be a bug in the way FreeBSD itself is presenting things, too. -
Igc0, igc1, igc2………
-
Just had chance to sit down and look at the config.xml file. I’m thinking its not going to tell me what I need to know as its the restored one yes?
The one currently in place looks correct, igc0, igc1, etc.
I’m confused then as to why if that’s the one in place why PFSense goes through its setup ?’s.
Even though it says igc0 PFsense in some circumstances doesn’t know what that means?
-
@jsmiddleton4 said in Shut down PFsense on PC and not have to restore?:
Just had chance to sit down and look at the config.xml file. I’m thinking its not going to tell me what I need to know as its the restored one yes?
The one currently in place looks correct, igc0, igc1, etc.
I’m confused then as to why if that’s the one in place why PFSense goes through its setup ?’s.
Even though it says igc0 PFsense in some circumstances doesn’t know what that means?
It depends on what the underlying FreeBSD OS reports (and when it reports it). Perhaps the driver is late loading and at the time pfSense looks for it during boot it is not yet there, but then later on is ready.
I also want to be sure you are correctly stating the problem. You say you have to "restore" after a power down or soft reset. To my mind "restore" means nothing is coming back and I have to start over and restore a complete configuration including firewall rules, IP addresses, and so forth. Or do you really mean to say that all of your settings like rules, IP addresses, etc., come back, but it's just that one or more physical interfaces are missing and you have to reassign which is LAN and WAN?
All configuration information for pfSense lives in the
config.xmlfile. And that file lives in the/confdirectory (that directory is actually a symlink if I recall correctly). So depending on how you answer my "restore" terminology question above, it's possible you have a different problem with something not getting on disk correctly or in the right location. -
@bmeeks
I restore from a backup.I have to reassign one interface to the WAN, console comes up, I run the restore option by picking my backup file. Boot.
The boot after restore, everything comes up perfectly and I’m off and running.
Boot from the GUI, no issues.
Power off-Halt or boot and go to BIOS, finish what I’m doing in the BIOS, save, exit, continue with boot, have to do restore as the igc interfaces configurations are missing or not found, not understood, whichever it is. The Realtek, RE0, is.
I assign WAN to the RE0 and continue to the console. Option 15, etc.
What I haven’t tried is a second boot without restoring. If its a timing issue, wonder if it’d find the interfaces on the second boot?
-
@jsmiddleton4 said in Shut down PFsense on PC and not have to restore?:
@bmeeks
I restore from a backup.I have to reassign one interface to the WAN, console comes up, I run the restore option by picking my backup file. Boot.
The boot after restore, everything comes up perfectly and I’m off and running.
Boot from the GUI, no issues.
Power off-Halt or boot and go to BIOS, finish what I’m doing in the BIOS, save, exit, continue with boot, have to do restore as the igc interfaces configurations are missing or not found, not understood, whichever it is. The Realtek, RE0, is.
I assign WAN to the RE0 and continue to the console. Option 15, etc.
What I haven’t tried is a second boot without restoring. If its a timing issue, wonder if it’d find the interfaces on the second boot?
Okay, but still not 100% clear if you are losing everything or just the WAN interface. So if you reboot, then reassign that WAN interface and the console then comes up, can you access the firewall over the network using its GUI (meaning before you do a restore)? Does it route traffic normally? If not, then it is losing everything it sounds like. And if it is doing that, something is wildly not right. What kind of hardware do you have? Are there multiple drives and perhaps potentially two bootable partitions?
-
It does not route anything. No other NIC’s are configured/assigned so it can’t. Just the WAN on RE0.
The only NIC it recognizes when booting as I’ve described is the built in Realtek which is why I can assign it to the WAN.
Just one drive, one partition, PFSense.
If I hardwire into the Realtek and set my laptop to a static IP within the range for the default IP for PFSense I can access the Webconfig UI via Firefox on my laptop via the PFSense default IP.
My LAN is a bridge that uses 2 Intel 2.5gb and the Realtek 1gb.
The only NIC it recognizes before I restore is the Realtek, RE0.
-
It's getting a bit late here on Christmas Eve where I live, so this will be the last reply until after the Christmas holidays...
.It clearly sounds like your "real"
config.xmlfile is not existing at the time of boot after you do a power off reset or when exiting from the BIOS. That really sounds like a weird hardware/BIOS issue to me.When you do a power-off reset, or else do the BIOS change and exit thing, when the console comes up, DO NOT perform a restore at that point. Let's try two things first.
-
Exit to a CLI shell (option #8) and then list the contents of the
/confdirectory. Do you see one or moreconfig.xmlfiles listed? If so,catthe newest one (the one with the most recent modified date) and see if the data in there looks legit or if it is just the out-of-the-box defaults. -
If you see a
config.xmlfile that looks correct, then just immediately reboot again just to see if things come up the second time around.
If you can restore a legit XML config file and things work, then clearly upon those other boot scenarios pfSense is not finding the correct
config.xmlfile. Finding out why that happens is the key to the solution.I don't think it is related to the current problem based on the way you have described things, but that LAN setup with two Intel NICs and a Realtek in some kind of bridge is definitely not a normal configuration.
And you have yet to describe what kind of hardware this is. Is it a PC or a server-grade box, what kind of CPU is in it, what brand of motherboard are you using, etc. The only thing I know so far is you have one Realtek NIC and two Intel NICs. That's not enough to go on.
-
-
Merry Christmas
Dell 390, i5 CPU, 8gb ram, 320gb ata hard drive.
The file is there, which is part of the confusion.
Next time I’m just going to boot a second time.
I have 3 2.5gb Intel NIC’s. One is WAN, 2 go to LAN. The 1gb Realtek is part of the LAN bridge.
-
@jsmiddleton4 said in Shut down PFsense on PC and not have to restore?:
2 go to LAN. The 1gb Realtek is part of the LAN bridge.
So you got some "bridge" setup with 3 interfaces in it?
How about just putting 1 interface in lan, do you have problem then?
-
Yes, 3 NIC’s in the Bridge.
Double booting works. I was too curious not to check tonight. Not even a nice reboot either. Control Alt Delete when asked the question to use the RE0 as the WAN. Figure if I told it yes possible to be writing a new config.xml.
So the working XML is there, has to be.
Why double boot works? Timing?
-
The description in igc as an Intel 1G NIC is just that, only the description.
Those NICs will always be igc.
The problem here is nothing to do with losing the config and everything to do with assigned NICs going missing. When it boots to the assign interfaces screen look at the available NICs list, something there will be missing, what is it?
It sounds like the hardware is not being initialized correctly under some conditions. Check the boot log for errors when that happens. Maybe some PCI error or a driver failing to attach for some reason.
There's probably nothing you can do about it in pfSense though other than upgrading to 2.6. It could well be the PHY reset issue in igc that is bow fixed there.Steve
-
Merry Christmas
I appreciated your insight but I feel like I’m answering the same questions. The IGC, Intel 2.5gb, cards are missing. None of them found be it the one that is the WAN, or 2 that are LAN and part of my bridge.
Now with a quick reboot, PFSense finds them.
The only card the initial boot finds is the RE0, Realtek, card.
I looked in the OS log and there’s nothing that looks out of order. No error messages, no “This is missing” messages. But having booted without answering the “Want to configure RE0 as the WAN?”, I could be circumventing any error messages being recorded in the OS Boot log.
For whatever reason with a power off or a significant delay in the boot process such as entering the BIOS, PFSense when booting doesn’t “see” the Intel cards. Again for whatever reason, a quick reboot without answering any interface assignment questions when coming back up a second time does.
-
It doesn't show 'device attach 6' or similar? It probably is the PHY issue:
https://github.com/pfsense/FreeBSD-src/commit/267a39780ea8c89b7a89ca9e91dcfff02c69656f
