Upgrade to 2.1.3
-
The very first 'doing it remotely' upgrade.
Everything came up (back) nicely.No need to take the car ;)
-
Anyone having issues with UPnP Port Mapping working? NAT-PMP seems to work but since upgrading to 2.1.3, the XBOXs are not opening ports using UPnP. Reverting back to 2.1.2 fixes it.
-
There has been a change in the upnp behaviour:
@https://doc.pfsense.org/index.php/2.1.3_New_Features_and_Changes:Make miniupnpd listen on interface instead of IP
Perhaps you simply need to configure it slightly differently.
Steve
-
Mine did not come up after upgrade attempt (from 2.1.2 -> 2.1.3)
He is 64bit on esxi 5.1.
said "Unable to load kernel"
in /boot/loader.conf:
autoboot_delay="3"
vm.kmem_size="435544320"
vm.kmem_size_max="535544320"
kern.ipc.nmbclusters="0"
kern.hz=100
vmblock_load="YES"
vmmemct_load="YES"
vmhgfs_load="YES"
vmxnet_load="YES"
legal.intel_ipw.license_ack="1"
hw.usb.no_pf="1"file /boot.config is empty
directory /kernels has two files
kernel_wrap.gz - 8771122
kernel_SMP.gz - 10426403Can someone point me to the right direction?
-
Perhaps you simply need to configure it slightly differently.
The configuration options haven't changed and the interfaces are set correctly.
-
If I edit the miniupnpd.conf manually and set listening_ip=10.1.16.1/20 (like it would be configured in previous versions) then it works correctly. If I change it back to listening_ip=em0_vlan2 then it is broken. Looking at ifconfig, everything for em0_vlan2 is correct. The devices are all on the same vlan and subnet.
Watching traffic over the network, I can see the SSDP request being broadcast by the device but pfSense never responds.
-
Just adding my voice in here…
I saw that the upgrade was available - and because 2.1.1 --> 2.1.2 was painless and problem free, I didn't think twice to just kick off the upgrade....
It completely fubar'd my firewall :(
(I'm using the 32-bit version)
I rebooted and the firewall couldn't find a kernel - looked in the relevant folders and no kernels were there. Nothing.
I looked at the upgrade logfile and there were a raft of errors in there - so my simplistic view is that the upgrade downloaded ok, passed any verifications, but then the upgrade / installation process just ploughed the system.
I don't have any specific details / logfiles to list here as I just needed to get the firewall back up & running, so I had a clean install of 2.1 lying around and that's what I'm running now, until I can get a clean install of 2.1.3 planned in later this week.
Anyway... just thought I'd put my story of pain in here, so that others are ready and know how to recover their systems (backup config!!)
-
Just for information, what hardware is that on? Which install type?
Steve
-
This was a 32-bit memstick install on a Neoware CA10 Thin Client, 1GB RAM, 3GB Flash storage
From memory, I think this was a clean 2.1(.0) install, then upgraded to each new release as it came out.
Once I've finished my Bank Holiday weekend, then I'll spend some more time looking at this - might even try another upgrade to see if it's reproducible so that we can make these upgrades less fearsome :)
Put it this way - my home firewall upgrade going wrong is one thing (OMG, no Facebook! ;)), but the 3x pfSense installs at work will NOT be done remotely (although they have significantly better hardware)
-
So a full install onto flash?
Any packages? Any swap usage?Steve
-
Anyone having issues with UPnP Port Mapping working? NAT-PMP seems to work but since upgrading to 2.1.3, the XBOXs are not opening ports using UPnP. Reverting back to 2.1.2 fixes it.
Yep. Confirmed.
After update to .13 UPnP on multiple machines fails to operate correctly.
-
So a full install onto flash?
Any packages? Any swap usage?Steve
I have these packages installed:
-
Lightsquid
-
routed
-
Sarg
-
squid
-
squidGuard
As for swap usage… no idea.
The 2.1 that I'm currently running is 0%, but that's not to say that the 2.1.2 was the same... but something I'll have a look at if I do the upgrade again. -
-
Janek, the same happened to me…
My system didn't boot after the upgrade: The folder /boot/kernel was empty.
I found the reason: If you tick "make full backup" in the update dialog, the whole system will be tared into one file in /root. This file can easily eat up all space of your root-partition... As a result, the update goes terribly wrong, leaving a crippled system.
I then tried to recreate the system using the said backup file, but "funny" enough, while booting up, some self destruction took place (like rm -rf /) and the disk was more or less empty (those file with schg-flag set still existed).
Finally I had to reinstall the system.May I suggest that the full-backup feature checks for space?
Regards,
-Urs -
I would say about 4-5 years. No packages as far as I know.
I swapped the card. Did a full restore and everything works fine again.
-
@TMonster:
I have these packages installed:
-
squid
-
squidGuard
As for swap usage… no idea.
Do you have caching disabled in Squid? If not the Squid will be writing to your flash boot device continuously. Worse Squid will probably use your 1GB of RAM and start swapping to the flash unless you've taken steps to prevent it. That will burn through the write cycles on the flash in short order, especially if it's cheap flash. You may well have damage on the flash that has caused this.
Steve
-
-
After upgrading from 2.1.2 to 2.1.3, I lost installed packages (SNORT & OpenVPN Client Export). I am running 2.1.3 Nano-VGA-4GB (With RAM Disks). I needed to update both of the packages anyway, but was NOT what I expected from upgrade. :(
Ash,
-
I can't seem to download the 512mb upgrade… Is the 512mb nanobsd upgrade discontinued from 2.1.3 onward? :(
-
…I see the 512MB image for fresh install as well as upgrade in the pfsense.org mirror selection...
-
Yeah, when I try to download it, it's missing = 404 Not Found…
-
Do you have caching disabled in Squid?
No. Using ~1GB for cache
If not the Squid will be writing to your flash boot device continuously.
Hmmm… OK, using:
top -m io
I get:
PID USERNAME VCSW IVCSW READ WRITE FAULT TOTAL PERCENT COMMAND 90995 proxy 4 0 0 0 0 0 0.00% squid
Which looks like squid's hardly doing much (this is a home office firewall)
Worse Squid will probably use your 1GB of RAM and start swapping to the flash unless you've taken steps to prevent it.
OK, back to top, I get:
PID USERNAME THR PRI NICE SIZE RES STATE TIME WCPU COMMAND 90995 proxy 1 44 0 154M 149M kqread 7:28 0.00% squid
So, it's not eating too much RAM.
That will burn through the write cycles on the flash in short order, especially if it's cheap flash. You may well have damage on the flash that has caused this.
Wouldn't the installation continue as normal though, with any bad sectors being caught by the underlying disk controller - just like a mechanical drive having bad sectors?
It's not like 1 or 2 files were corrupt and a quick fsck would fix it… I'm talking about /boot/kernel being completely empty here. From memory, only /boot/kernel/pfsense_kernel.txt existed... no .ko files, no kernel.gz, nothing.
I understand your caution over squid's cache on flash memory, but I can't see how that would cause the problem I'm describing.