Quagga zebra and ospfd restarting whenever a package restart is triggered
-
I have a Internet connected pfSense 2.1.4 system with a PPPoE (ADSL) connection. This Internet pfSense system has a two other pfSense systems connected acting as routers (no filtering, NAT, etc). All three systems have multiple networks/VLANs and the Internet pfSense and one of the other pfSenses has two links connecting them. I have Quagga installed and running. I am only using OSPF for the internal network, that is I am not including the WAN/PPPoE interface in OSPF. Most of the time everything runs well in that all the expected routes are distributed and all subnets can communicate as intended.
However, on the Internet pfSense both zebra and ospfd appear to restart "randomly". This clears the kernel route table of all routes except those for the directly connected interfaces. This pretty much breaks the whole internal network, even though it is only the external link which is changing state.
I have tracked the restarts down to occurring when the PPPoE connection comes up. Which results in
/var/log/system
Aug 8 14:19:07 pfsense01 php: rc.newwanip: rc.newwanip: Informational is starting pppoe0. Aug 8 14:19:07 pfsense01 php: rc.newwanip: rc.newwanip: on (IP address: 10.200.200.33) (interface: WAN[wan]) (real interface: pppoe0). Aug 8 14:19:07 pfsense01 php: rc.newwanip: ROUTING: setting default route to 10.200.200.254 Aug 8 14:19:14 pfsense01 php: rc.newwanip: Forcefully reloading IPsec racoon daemon Aug 8 14:19:14 pfsense01 php: rc.newwanip: Resyncing OpenVPN instances for interface WAN. Aug 8 14:19:14 pfsense01 php: rc.newwanip: Creating rrd update script Aug 8 14:19:16 pfsense01 php: rc.newwanip: pfSense package system has detected an ip change 10.200.200.33 -> 10.200.200.33 ... Restarting packages. Aug 8 14:19:16 pfsense01 check_reload_status: Starting packages Aug 8 14:19:16 pfsense01 check_reload_status: Reloading filter Aug 8 14:19:18 pfsense01 kernel: pid 58272 (ntpd), uid 0: exited on signal 11 (core dumped) Aug 8 14:19:19 pfsense01 php: rc.start_packages: Restarting/Starting all packages. . . .
and /var/log/routing
Aug 8 14:19:20 pfsense01 ospfd[66889]: ASBR[Status:1]: Update Aug 8 14:19:20 pfsense01 ospfd[66987]: OSPFd 0.99.22.3 starting: vty@2604 Aug 8 14:19:20 pfsense01 zebra[66795]: Zebra 0.99.22.3 starting: vty@2601 Aug 8 14:19:21 pfsense01 zebra[72604]: Zebra 0.99.22.3 starting: vty@2601 Aug 8 14:19:21 pfsense01 ospfd[72916]: ASBR[Status:1]: Update Aug 8 14:19:21 pfsense01 ospfd[73061]: OSPFd 0.99.22.3 starting: vty@2604 . . . .
That is, the PPPoE link coming up causes ALL the installed packages (I have Quagga, bacula client and Squid installed in this particular case) to restart, even though in this case none of them need to be, as none of them are listening on the WAN interface. This doesn't matter that much for bacula (although if there was a backup running at the time it would be killed) and SQUID, but is somewhat of a disaster for Quagga.
The symptoms are repeatable by doing Status->Interfaces->disconnect and then Status->Interfaces->connect on a WAN PPPoE interface and then checking the route logs and route tables. But any condition that triggers the /etc/rc.start_packages script to be run is going to cause this issue.
Is this the expected/desired behaviour, a bug or am I completely missing something?
I am happy to provide configs and logs if needed.
Thanks
Mike
-
I kept digging around in the forums looking for a way forward on this and came across this thread https://forum.pfsense.org/index.php?topic=76597.0 which was helpful.
I was puzzled as to why an address change had been detected (based on the log entry in my previous post) when it is the same and is actually static from the ISP in this case. Looking at rc.newwanip the "ip address change" message is a little misleading in that it would seem (I don't know PHP so I am mostly going off the comments here) when all dynamic interface types (PPPoE in my case) come up a reload of lots of things, including all packages, is always triggered regardless of the IP address.
In my case I do not believe any of the packages that I have installed (Bacula, Squid, Squid Guard and Quagga) need to be reloaded when the WAN interface comes up, but I understand that there are packages that do need reloading. Does it make sense to have an option on a per package basis to enable/disable a reload on at least a WAN, or possibly any, interface state change?
I would not have thought though that Quagga should ever be reloaded just because an interface changes state?
As per the above mentioned thread I have commented out the call to restart_packages() in rc.newwanip to see if that resolves my issue without introducing any other issues.
Thanks
Mike