• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Default gateway needs to be manually added with Sat Feb 9th Update

2.1 Snapshot Feedback and Problems - RETIRED
10
20
5.2k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • C
    cforger
    last edited by Feb 10, 2013, 2:16 AM

    Hello,

    Been putting in a lot of time on 2 pfSense 2.1 builds in the last week.

    As of today's update (Sat Feb 9th) the default gateway isn't in the route table (verified with netstat -rn).

    route add from the shell works, but I can't figure out a combo that allows the default GW on WAN to actually be written.

    I do have an OpenVPN connection, but only setting the one, same old default route as I always do.

    The ssl.c thread has a user mentioning this as well.

    Let me know if you need more.  I'm now going to test if Feb 9th fixes my ssl issues.

    Cheers,

    1 Reply Last reply Reply Quote 0
    • C
      cforger
      last edited by Feb 10, 2013, 2:19 AM

      To answer the below question: Yes, my routes on both pfSense boxes are static.

      (from the previous thread)

      Quote from: lucky on Today at 05:12:18 pm
      However, for some reason I had no default route when pfsense booted.

      Quote from: cforger on Today at 09:10:06 pm
      I can confirm the lack of default route after an upgrade to today's snapshot.

      That's odd, it's been a long time since I saw routes not being applied during boot, but in my case the default route is provisioned using DHCP. Are yours a static default route by any chance?

      /wj

      1 Reply Last reply Reply Quote 0
      • W
        wernerj
        last edited by Feb 10, 2013, 2:24 AM

        OK, that would explain why I see a different behavior, as the DHCP-provisioned routes most likely get put in there way later..

        I haven't upgraded any of my pfSense boxes with static default routes in a long time, the box at home has been the one I have been experimenting with, and here DHCP is the only thing I get. I've been lucky (I guess) to have the same IPv6 /64 network handed to me over multiple reboots the last few days, that used to change every time I restarted pfSense.. (Comcast loves to mess with that it seems)

        The changes introduced today seemed to be very minor. How old was your old snapshot where the static routes was working, I assume it would be something from this week as you experienced OpenSSL-related issues?

        /wj

        1 Reply Last reply Reply Quote 0
        • C
          cforger
          last edited by Feb 10, 2013, 2:42 AM

          Thursday was okay (I'm sure 100%)
          Friday was okay (I'm 95% sure, as I didn't reboot enough on Fri to know for sure, I may have fixed the default route issue while working on VPN routes)
          Sat is definitely a problem.

          So it's been introduced between Thur and now, if that helps anyone.

          1 Reply Last reply Reply Quote 0
          • L
            lucky
            last edited by Feb 10, 2013, 2:50 AM Feb 10, 2013, 2:48 AM

            This problem happened to me today as well (as I mentioned in the other thread). I think my previous build was Feb 5…I'm not sure. It was definitely this month though.

            Confirmed that I have a static IP (my WAN interface is NOT DHCP). Had to add a default gateway after booting pfsense.

            1 Reply Last reply Reply Quote 0
            • C
              cforger
              last edited by Feb 10, 2013, 3:10 AM

              Does anyone know where it writes the default gateway in the scripts? I have to make sure I don't reboot this right now or I will lose connection to the remote box. I'm tempted to rig rc.local or similar for now.

              Ah bleeding edge of technology.. it's my blood on you isn't it?

              1 Reply Last reply Reply Quote 0
              • P
                phil.davis
                last edited by Feb 10, 2013, 5:42 AM Feb 10, 2013, 3:51 AM

                2.1-BETA1 (i386) built on Sat Feb 9 11:36:45 EST 2013
                I have LAN, WAN and 2 OpenVPN clients (peer-to-peer shared key tun) connecting out. My WAN is DHCP. It gets the WAN DHCP address fine, the OpenVPN clients come up and the default route out WAN is in the routing table - it boots clean. My default gateway is WAN (the normal ordinary thing). So, this is just to confirm that a simple config is working.
                I guess that the other posters here have an interface assigned to an OpenVPN link and have the default gateway out that? Or some other more interesting config?

                As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                1 Reply Last reply Reply Quote 0
                • C
                  cforger
                  last edited by Feb 10, 2013, 3:57 AM

                  I went back to Feb 4th, now I have both ssl and the default gateway functional.

                  I'm using both i386 and amd64 on different boxes.

                  My default gateways are static on the WAN's.. nothing fancy. I do have OpenVPN in tap mode, bridged.

                  On my Feb 4th install, this is the critical line:

                  php: : ROUTING: setting default route to 192.168.9.1

                  That doesn't show on my Feb 9th version.

                  1 Reply Last reply Reply Quote 0
                  • L
                    lucky
                    last edited by Feb 10, 2013, 4:13 AM

                    @phil.davis:

                    I guess that the other posters here have an interface assigned to an OpenVPN link and have the default gateway out that? Or some other more interesting config?

                    I do have three openvpn configs. Two are tun, one tap. But none are used for default routes.

                    My default route is via the WAN interface that is a static IP address via ethernet Internet connection. In the pfsense admin interface, System->Routing shows my gateway and that it's set to default…it just doesn't get set.

                    1 Reply Last reply Reply Quote 0
                    • M
                      msi
                      last edited by Feb 10, 2013, 6:56 AM

                      I also got hit by this (wanted to try a snapshot witth fixed OpenSSL).

                      No routes were added and since my nameservers are not on the subnet of the WAN side but on a next one, without routing I don't have DNS too ;-)

                      Going to revert to a backup (I almost forgot why I always hit full backup for snapshots)

                      1 Reply Last reply Reply Quote 0
                      • E
                        eri--
                        last edited by Feb 10, 2013, 11:21 AM Feb 10, 2013, 11:16 AM

                        UPDATE: Upgrade to a newer snapshot or gitsync fixed, sorry for the noise.

                        1 Reply Last reply Reply Quote 0
                        • P
                          phil.davis
                          last edited by Feb 10, 2013, 12:11 PM

                          Thanks Ermal. My test system worked because it had DHCP on WAN.
                          interfaces.inc interface_dhcp_configure() puts:

                          script "/sbin/dhclient-script";
                          

                          into the DHCP client conf file.
                          When the DHCP address is received from upstream on the interface, and the interface is the default gateway, that script does:

                          $ROUTE add default -iface $interface
                          

                          So the default route appeared OK on DHCP WAN interfaces, but not for those with static WAN IPs.

                          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                          1 Reply Last reply Reply Quote 0
                          • C
                            cybercare
                            last edited by Feb 10, 2013, 2:23 PM

                            @ermal:

                            UPDATE: Upgrade to a newer snapshot or gitsync fixed, sorry for the noise.

                            So the 2300 snapshot should have fixed this? If so it didn't :( or are you saying once a newer one is posted it will? :P

                            Thx

                            1 Reply Last reply Reply Quote 0
                            • P
                              phil.davis
                              last edited by Feb 10, 2013, 2:49 PM

                              The change was only made a couple of hours ago - https://github.com/bsdperimeter/pfsense/commit/9d595f6ad4527341741e75cdbbeafdcffd99d269. The 2300 snapshot will be too old. You can wait for a 10 Feb snapshot, gitsync or paste the extra 2 lines into /etc/inc/system.inc manually.

                              As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                              If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                              1 Reply Last reply Reply Quote 0
                              • C
                                cybercare
                                last edited by Feb 10, 2013, 3:44 PM

                                @phil.davis:

                                The change was only made a couple of hours ago - https://github.com/bsdperimeter/pfsense/commit/9d595f6ad4527341741e75cdbbeafdcffd99d269. The 2300 snapshot will be too old. You can wait for a 10 Feb snapshot, gitsync or paste the extra 2 lines into /etc/inc/system.inc manually.

                                Okay, yeah I kinda figured that was the case as I saw the time he posted the message but the choice of words made me think otherwise :) you would think I know better by know lol.

                                Thanks for the confirmation though.

                                1 Reply Last reply Reply Quote 0
                                • W
                                  woodgee
                                  last edited by Feb 16, 2013, 8:15 AM

                                  Hello,

                                  since Sat Feb 9th Update i lost the default routes for ipv4 + ipv6 on my pfsense ( version 2.1-BETA1 (amd64) ).
                                  update to 10th Feb - 15th Feb can´t fix the problem.
                                  after boot there is no default route in netstat -rn.
                                  i can add the routes by executing

                                  route add -inet6 default 1234:5687:9abc::1
                                  

                                  and

                                  route add -inet default 123.456.789.012
                                  

                                  then it works to the next reboot.

                                  my /etc/inc/system.inc

                                  
                                  if ($gateway['ipprotocol'] != "inet6" && (is_ipaddrv4($gateway['gateway']) || $gateway['gateway'] == "dynamic")) {
                                  					if(strstr($gateway['gateway'], ":"))
                                  						continue;
                                  					if ($gateway['gateway'] == "dynamic")
                                  						$gateway['gateway'] = get_interface_gateway($gateway['interface']);
                                  					$gatewayip = $gateway['gateway'];
                                  					$interfacegw = $gateway['interface'];
                                  					if (!empty($gateway['interface'])) {
                                  						$defaultif = get_real_interface($gateway['interface']);
                                  						if ($defaultif)
                                  							@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gateway['gateway']);
                                  					}
                                  					$foundgw = true;
                                  				} else if ($gateway['ipprotocol'] == "inet6" && (is_ipaddrv6($gateway['gateway']) || $gateway['gateway'] == "dynamic6")) {
                                  					if ($gateway['gateway'] == "dynamic6")
                                  						$gateway['gateway'] = get_interface_gateway_v6($gateway['interface']);
                                  					$gatewayipv6 = $gateway['gateway'];
                                  					$interfacegwv6 = $gateway['interface'];
                                  					if (!empty($gateway['interface'])) {
                                  						$defaultifv6 = get_real_interface($gateway['interface']);
                                  						if ($defaultifv6)
                                  							@file_put_contents("{$g['tmp_path']}/{$defaultifv6}_defaultgwv6", $gateway['gateway']);
                                  					}
                                  					$foundgwv6 = true;
                                  
                                  

                                  please tell me, how can i fix this problem.

                                  THX

                                  1 Reply Last reply Reply Quote 0
                                  • B
                                    bmah
                                    last edited by Feb 17, 2013, 11:05 AM

                                    @woodgee:

                                    Hello,

                                    since Sat Feb 9th Update i lost the default routes for ipv4 + ipv6 on my pfsense ( version 2.1-BETA1 (amd64) ).
                                    update to 10th Feb - 15th Feb can´t fix the problem.
                                    after boot there is no default route in netstat -rn.
                                    i can add the routes by executing

                                    route add -inet6 default 1234:5687:9abc::1
                                    

                                    and

                                    route add -inet default 123.456.789.012
                                    

                                    then it works to the next reboot.

                                    If you see the tail end of this thread:

                                    http://forum.pfsense.org/index.php/topic,59005.0.html

                                    I had a similar problem with a statically configured default IPv6 route.  I appear to have "solved" this problem by going to the System -> Routing page and re-saving the configuration for my default IPv6 gateway.  I don't know why, but after a reboot my default IPv6 route once again gets correctly installed.  Try that for your gateways and see if that helps you.  (I don't know why this worked for me.)

                                    Bruce.

                                    1 Reply Last reply Reply Quote 0
                                    • jimpJ
                                      jimp Rebel Alliance Developer Netgate
                                      last edited by Feb 19, 2013, 5:35 PM

                                      Bruce,

                                      Check the config history and see what changed in the config when you pressed save. It's possible your gateway was missing an internal value that allowed it to function properly. This post is old but may be relevant: http://forum.pfsense.org/index.php/topic,50095.0.html

                                      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                      Need help fast? Netgate Global Support!

                                      Do not Chat/PM for help!

                                      1 Reply Last reply Reply Quote 0
                                      • W
                                        woodgee
                                        last edited by Feb 20, 2013, 12:58 PM

                                        thanks bruce,

                                        by going to the System -> Routing page and re-saving the configuration for ipv4 and ipv6 solved my problem.
                                        it works after reboot the system …  ;D

                                        1 Reply Last reply Reply Quote 0
                                        • B
                                          bmah
                                          last edited by Feb 22, 2013, 10:52 PM

                                          @jimp:

                                          Check the config history and see what changed in the config when you pressed save. It's possible your gateway was missing an internal value that allowed it to function properly. This post is old but may be relevant: http://forum.pfsense.org/index.php/topic,50095.0.html

                                          My config history doesn't show that change in it…it seems like the history doesn't go back far enough.  Also I read through the thread you quoted...I don't recall ever experiencing a problem like that.  In any case I'm happy with the way things are working right now.

                                          Thanks,

                                          Bruce.

                                          1 Reply Last reply Reply Quote 0
                                          2 out of 20
                                          • First post
                                            2/20
                                            Last post
                                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.