Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Default gateway needs to be manually added with Sat Feb 9th Update

    2.1 Snapshot Feedback and Problems - RETIRED
    10
    20
    5.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cforger
      last edited by

      Hello,

      Been putting in a lot of time on 2 pfSense 2.1 builds in the last week.

      As of today's update (Sat Feb 9th) the default gateway isn't in the route table (verified with netstat -rn).

      route add from the shell works, but I can't figure out a combo that allows the default GW on WAN to actually be written.

      I do have an OpenVPN connection, but only setting the one, same old default route as I always do.

      The ssl.c thread has a user mentioning this as well.

      Let me know if you need more.  I'm now going to test if Feb 9th fixes my ssl issues.

      Cheers,

      1 Reply Last reply Reply Quote 0
      • C
        cforger
        last edited by

        To answer the below question: Yes, my routes on both pfSense boxes are static.

        (from the previous thread)

        Quote from: lucky on Today at 05:12:18 pm
        However, for some reason I had no default route when pfsense booted.

        Quote from: cforger on Today at 09:10:06 pm
        I can confirm the lack of default route after an upgrade to today's snapshot.

        That's odd, it's been a long time since I saw routes not being applied during boot, but in my case the default route is provisioned using DHCP. Are yours a static default route by any chance?

        /wj

        1 Reply Last reply Reply Quote 0
        • W
          wernerj
          last edited by

          OK, that would explain why I see a different behavior, as the DHCP-provisioned routes most likely get put in there way later..

          I haven't upgraded any of my pfSense boxes with static default routes in a long time, the box at home has been the one I have been experimenting with, and here DHCP is the only thing I get. I've been lucky (I guess) to have the same IPv6 /64 network handed to me over multiple reboots the last few days, that used to change every time I restarted pfSense.. (Comcast loves to mess with that it seems)

          The changes introduced today seemed to be very minor. How old was your old snapshot where the static routes was working, I assume it would be something from this week as you experienced OpenSSL-related issues?

          /wj

          1 Reply Last reply Reply Quote 0
          • C
            cforger
            last edited by

            Thursday was okay (I'm sure 100%)
            Friday was okay (I'm 95% sure, as I didn't reboot enough on Fri to know for sure, I may have fixed the default route issue while working on VPN routes)
            Sat is definitely a problem.

            So it's been introduced between Thur and now, if that helps anyone.

            1 Reply Last reply Reply Quote 0
            • L
              lucky
              last edited by

              This problem happened to me today as well (as I mentioned in the other thread). I think my previous build was Feb 5…I'm not sure. It was definitely this month though.

              Confirmed that I have a static IP (my WAN interface is NOT DHCP). Had to add a default gateway after booting pfsense.

              1 Reply Last reply Reply Quote 0
              • C
                cforger
                last edited by

                Does anyone know where it writes the default gateway in the scripts? I have to make sure I don't reboot this right now or I will lose connection to the remote box. I'm tempted to rig rc.local or similar for now.

                Ah bleeding edge of technology.. it's my blood on you isn't it?

                1 Reply Last reply Reply Quote 0
                • P
                  phil.davis
                  last edited by

                  2.1-BETA1 (i386) built on Sat Feb 9 11:36:45 EST 2013
                  I have LAN, WAN and 2 OpenVPN clients (peer-to-peer shared key tun) connecting out. My WAN is DHCP. It gets the WAN DHCP address fine, the OpenVPN clients come up and the default route out WAN is in the routing table - it boots clean. My default gateway is WAN (the normal ordinary thing). So, this is just to confirm that a simple config is working.
                  I guess that the other posters here have an interface assigned to an OpenVPN link and have the default gateway out that? Or some other more interesting config?

                  As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                  If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                  1 Reply Last reply Reply Quote 0
                  • C
                    cforger
                    last edited by

                    I went back to Feb 4th, now I have both ssl and the default gateway functional.

                    I'm using both i386 and amd64 on different boxes.

                    My default gateways are static on the WAN's.. nothing fancy. I do have OpenVPN in tap mode, bridged.

                    On my Feb 4th install, this is the critical line:

                    php: : ROUTING: setting default route to 192.168.9.1

                    That doesn't show on my Feb 9th version.

                    1 Reply Last reply Reply Quote 0
                    • L
                      lucky
                      last edited by

                      @phil.davis:

                      I guess that the other posters here have an interface assigned to an OpenVPN link and have the default gateway out that? Or some other more interesting config?

                      I do have three openvpn configs. Two are tun, one tap. But none are used for default routes.

                      My default route is via the WAN interface that is a static IP address via ethernet Internet connection. In the pfsense admin interface, System->Routing shows my gateway and that it's set to default…it just doesn't get set.

                      1 Reply Last reply Reply Quote 0
                      • M
                        msi
                        last edited by

                        I also got hit by this (wanted to try a snapshot witth fixed OpenSSL).

                        No routes were added and since my nameservers are not on the subnet of the WAN side but on a next one, without routing I don't have DNS too ;-)

                        Going to revert to a backup (I almost forgot why I always hit full backup for snapshots)

                        1 Reply Last reply Reply Quote 0
                        • E
                          eri--
                          last edited by

                          UPDATE: Upgrade to a newer snapshot or gitsync fixed, sorry for the noise.

                          1 Reply Last reply Reply Quote 0
                          • P
                            phil.davis
                            last edited by

                            Thanks Ermal. My test system worked because it had DHCP on WAN.
                            interfaces.inc interface_dhcp_configure() puts:

                            script "/sbin/dhclient-script";
                            

                            into the DHCP client conf file.
                            When the DHCP address is received from upstream on the interface, and the interface is the default gateway, that script does:

                            $ROUTE add default -iface $interface
                            

                            So the default route appeared OK on DHCP WAN interfaces, but not for those with static WAN IPs.

                            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                            1 Reply Last reply Reply Quote 0
                            • C
                              cybercare
                              last edited by

                              @ermal:

                              UPDATE: Upgrade to a newer snapshot or gitsync fixed, sorry for the noise.

                              So the 2300 snapshot should have fixed this? If so it didn't :( or are you saying once a newer one is posted it will? :P

                              Thx

                              1 Reply Last reply Reply Quote 0
                              • P
                                phil.davis
                                last edited by

                                The change was only made a couple of hours ago - https://github.com/bsdperimeter/pfsense/commit/9d595f6ad4527341741e75cdbbeafdcffd99d269. The 2300 snapshot will be too old. You can wait for a 10 Feb snapshot, gitsync or paste the extra 2 lines into /etc/inc/system.inc manually.

                                As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
                                If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

                                1 Reply Last reply Reply Quote 0
                                • C
                                  cybercare
                                  last edited by

                                  @phil.davis:

                                  The change was only made a couple of hours ago - https://github.com/bsdperimeter/pfsense/commit/9d595f6ad4527341741e75cdbbeafdcffd99d269. The 2300 snapshot will be too old. You can wait for a 10 Feb snapshot, gitsync or paste the extra 2 lines into /etc/inc/system.inc manually.

                                  Okay, yeah I kinda figured that was the case as I saw the time he posted the message but the choice of words made me think otherwise :) you would think I know better by know lol.

                                  Thanks for the confirmation though.

                                  1 Reply Last reply Reply Quote 0
                                  • W
                                    woodgee
                                    last edited by

                                    Hello,

                                    since Sat Feb 9th Update i lost the default routes for ipv4 + ipv6 on my pfsense ( version 2.1-BETA1 (amd64) ).
                                    update to 10th Feb - 15th Feb can´t fix the problem.
                                    after boot there is no default route in netstat -rn.
                                    i can add the routes by executing

                                    route add -inet6 default 1234:5687:9abc::1
                                    

                                    and

                                    route add -inet default 123.456.789.012
                                    

                                    then it works to the next reboot.

                                    my /etc/inc/system.inc

                                    
                                    if ($gateway['ipprotocol'] != "inet6" && (is_ipaddrv4($gateway['gateway']) || $gateway['gateway'] == "dynamic")) {
                                    					if(strstr($gateway['gateway'], ":"))
                                    						continue;
                                    					if ($gateway['gateway'] == "dynamic")
                                    						$gateway['gateway'] = get_interface_gateway($gateway['interface']);
                                    					$gatewayip = $gateway['gateway'];
                                    					$interfacegw = $gateway['interface'];
                                    					if (!empty($gateway['interface'])) {
                                    						$defaultif = get_real_interface($gateway['interface']);
                                    						if ($defaultif)
                                    							@file_put_contents("{$g['tmp_path']}/{$defaultif}_defaultgw", $gateway['gateway']);
                                    					}
                                    					$foundgw = true;
                                    				} else if ($gateway['ipprotocol'] == "inet6" && (is_ipaddrv6($gateway['gateway']) || $gateway['gateway'] == "dynamic6")) {
                                    					if ($gateway['gateway'] == "dynamic6")
                                    						$gateway['gateway'] = get_interface_gateway_v6($gateway['interface']);
                                    					$gatewayipv6 = $gateway['gateway'];
                                    					$interfacegwv6 = $gateway['interface'];
                                    					if (!empty($gateway['interface'])) {
                                    						$defaultifv6 = get_real_interface($gateway['interface']);
                                    						if ($defaultifv6)
                                    							@file_put_contents("{$g['tmp_path']}/{$defaultifv6}_defaultgwv6", $gateway['gateway']);
                                    					}
                                    					$foundgwv6 = true;
                                    
                                    

                                    please tell me, how can i fix this problem.

                                    THX

                                    1 Reply Last reply Reply Quote 0
                                    • B
                                      bmah
                                      last edited by

                                      @woodgee:

                                      Hello,

                                      since Sat Feb 9th Update i lost the default routes for ipv4 + ipv6 on my pfsense ( version 2.1-BETA1 (amd64) ).
                                      update to 10th Feb - 15th Feb can´t fix the problem.
                                      after boot there is no default route in netstat -rn.
                                      i can add the routes by executing

                                      route add -inet6 default 1234:5687:9abc::1
                                      

                                      and

                                      route add -inet default 123.456.789.012
                                      

                                      then it works to the next reboot.

                                      If you see the tail end of this thread:

                                      http://forum.pfsense.org/index.php/topic,59005.0.html

                                      I had a similar problem with a statically configured default IPv6 route.  I appear to have "solved" this problem by going to the System -> Routing page and re-saving the configuration for my default IPv6 gateway.  I don't know why, but after a reboot my default IPv6 route once again gets correctly installed.  Try that for your gateways and see if that helps you.  (I don't know why this worked for me.)

                                      Bruce.

                                      1 Reply Last reply Reply Quote 0
                                      • jimpJ
                                        jimp Rebel Alliance Developer Netgate
                                        last edited by

                                        Bruce,

                                        Check the config history and see what changed in the config when you pressed save. It's possible your gateway was missing an internal value that allowed it to function properly. This post is old but may be relevant: http://forum.pfsense.org/index.php/topic,50095.0.html

                                        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                        Need help fast? Netgate Global Support!

                                        Do not Chat/PM for help!

                                        1 Reply Last reply Reply Quote 0
                                        • W
                                          woodgee
                                          last edited by

                                          thanks bruce,

                                          by going to the System -> Routing page and re-saving the configuration for ipv4 and ipv6 solved my problem.
                                          it works after reboot the system …  ;D

                                          1 Reply Last reply Reply Quote 0
                                          • B
                                            bmah
                                            last edited by

                                            @jimp:

                                            Check the config history and see what changed in the config when you pressed save. It's possible your gateway was missing an internal value that allowed it to function properly. This post is old but may be relevant: http://forum.pfsense.org/index.php/topic,50095.0.html

                                            My config history doesn't show that change in it…it seems like the history doesn't go back far enough.  Also I read through the thread you quoted...I don't recall ever experiencing a problem like that.  In any case I'm happy with the way things are working right now.

                                            Thanks,

                                            Bruce.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.