Can't create new bridge

ionutr

Hey guys, I'm new around here, so please don't be harsh with me :D

I have a weird problem on pfsense 2.2.4. I can't create new bridges and I always get the same error message:

The following input errors were detected: Error occurred creating interface, please retry.

and in the logs I always get the same thing:

php-fpm[60164]: /interfaces_bridge_edit.php: The command '/sbin/ifconfig '' proto 'rstp'' returned exit code '1', the output was 'ifconfig: interface does not exist'
php-fpm[60164]: /interfaces_bridge_edit.php: bridgeif not defined – could not bring interface up

Can you help me with an idea or advice?

jimp

Can you show the exact steps you are taking in the GUI to reach that? Including any input you set on the bridge screen.

It would help to see the bridges section of your config.xml as well, interfaces would be nice, you can X out any names or IP addresses there.

ionutr

As for the exact steps: Interfaces >> (assign) >> Bridges tab >> click on the + button >> Interfaces: Bridge: Edit >> I select any two member interfaces, add a random name >> Save and boom! The error from the first post appears.

As for the config.xml file, the bridges section is standard, since I don't have any bridge configured and the interfaces section:

<interfaces><wan><if>bge0</if>

<alias-address><alias-subnet>24</alias-subnet>
<spoofmac><enable><ipaddr>x.x.x.x</ipaddr>
<subnet>21</subnet>
<gateway>WANGWRDS</gateway></enable></spoofmac></alias-address></wan>
<lan><if>ovpns1</if>
<enable><spoofmac></spoofmac></enable></lan>
<opt1><if>re0</if>
<alias-address><alias-subnet>32</alias-subnet>
<spoofmac><enable><ipaddr>dhcp</ipaddr>
<dhcphostname><dhcprejectfrom><adv_dhcp_pt_timeout><adv_dhcp_pt_retry><adv_dhcp_pt_select_timeout><adv_dhcp_pt_reboot><adv_dhcp_pt_backoff_cutoff><adv_dhcp_pt_initial_interval><adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
<adv_dhcp_send_options><adv_dhcp_request_options><adv_dhcp_required_options><adv_dhcp_option_modifiers><adv_dhcp_config_advanced><adv_dhcp_config_file_override><adv_dhcp_config_file_override_path></adv_dhcp_config_file_override_path></adv_dhcp_config_file_override></adv_dhcp_config_advanced></adv_dhcp_option_modifiers></adv_dhcp_required_options></adv_dhcp_request_options></adv_dhcp_send_options></adv_dhcp_pt_initial_interval></adv_dhcp_pt_backoff_cutoff></adv_dhcp_pt_reboot></adv_dhcp_pt_select_timeout></adv_dhcp_pt_retry></adv_dhcp_pt_timeout></dhcprejectfrom></dhcphostname></enable></spoofmac></alias-address></opt1>
<opt2><if>rl0</if>
<enable><alias-address><alias-subnet>32</alias-subnet>
<spoofmac><ipaddr>x.x.x.x</ipaddr>
<subnet>24</subnet>
<gateway><ipaddrv6><subnetv6><gatewayv6></gatewayv6></subnetv6></ipaddrv6></gateway></spoofmac></alias-address></enable></opt2></interfaces>

jimp

What about the bridges section of config.xml while it's giving you that error in the logs?

Somehow it's ending up without a bridge interface defined but I don't see quite how that would happen yet.

ionutr

Hmm, I think this is the bridge section:

<bridge><syslog><reverse><nentries>500</nentries>
<rawfilter></rawfilter></reverse></syslog></bridge>

jimp

No it would be a bit farther down, that's just an empty bridge tag. There should be one that says "bridges"

FYI- It would look something like this:

<bridges><bridged><members>opt1,opt2,opt3</members>
<descr><maxaddr><timeout><maxage><fwdelay><hellotime><priority><proto>rstp</proto>
<holdcnt><ifpriority><ifpathcost><bridgeif>bridge0</bridgeif></ifpathcost></ifpriority></holdcnt></priority></hellotime></fwdelay></maxage></timeout></maxaddr></descr></bridged></bridges>

ionutr

I'm afraid I don't have anything like that in my config. As I said before, I have no bridges configured :)

jimp

Ah, OK, so it never actually creates the bridge at all? No entry in the list on the bridges tab?

ionutr

Nope. When I try to create the bridge it gives me the error from the first post and in the log I have the two lines from the first post.

http://abload.de/img/pfsense.altominterfacdhoyk.png

jimp

Following through the code it looks like the only way that can happen is if the function to create a new bridge interface at the OS level fails. It's possible something is amiss with your setup or maybe even something didn't get upgraded properly (like the pfsense PHP module) but I'd expect far more trouble than this if that were the case.

Do any bridge interfaces show up in "ifconfig -a"?

I can't seem to reproduce any problem like this, you might want to back up the config, reinstall pfSense, and then restore the config to make sure you have a consistent FS/install.

ionutr

This is what I get with the "ifconfig -a" command:

bge0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=8009b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,linkstate>ether 00:11:43:0f:ec:06
        inet6 fe80::211:43ff:fe0f:ec06%bge0 prefixlen 64 scopeid 0x1
        inet x.x.x.x netmask 0xfffff800 broadcast x.x.x.x
        nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
re0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=8209b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate>ether 00:1f:1f:fa:17:96
        inet6 fe80::21f:1fff:fefa:1796%re0 prefixlen 64 scopeid 0x2
        nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
rl0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=2008 <vlan_mtu,wol_magic>ether 00:e0:4c:69:0f:20
        inet6 fe80::2e0:4cff:fe69:f20%rl0 prefixlen 64 scopeid 0x3
        inet 192.168.x.x netmask 0xffffff00 broadcast 192.168.x.x
        nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
ath0: flags=8802 <broadcast,simplex,multicast>metric 0 mtu 2290
        ether f4:ec:38:b3:32:51
        nd6 options=21 <performnud,auto_linklocal>media: IEEE 802.11 Wireless Ethernet autoselect (autoselect)
        status: no carrier
pflog0: flags=100 <promisc>metric 0 mtu 33172
pfsync0: flags=0<> metric 0 mtu 1500
        syncpeer: 224.0.0.240 maxupd: 128 defer: on
        syncok: 1
lo0: flags=8049 <up,loopback,running,multicast>metric 0 mtu 16384
        options=600003 <rxcsum,txcsum,rxcsum_ipv6,txcsum_ipv6>inet 127.0.0.1 netmask 0xff000000
        inet6 ::1 prefixlen 128
        inet6 fe80::1%lo0 prefixlen 64 scopeid 0x7
        nd6 options=21 <performnud,auto_linklocal>enc0: flags=0<> metric 0 mtu 1536
        nd6 options=21 <performnud,auto_linklocal>ovpns1: flags=8943 <up,broadcast,running,promisc,simplex,multicast>metric 0 mtu 1500
        options=80000 <linkstate>ether 00:bd:eb:70:00:01
        inet6 fe80::2bd:ebff:fe70:1%ovpns1 prefixlen 64 scopeid 0x9
        nd6 options=21 <performnud,auto_linklocal>media: Ethernet autoselect
        status: active
        Opened by PID 11050</performnud,auto_linklocal></linkstate></up,broadcast,running,promisc,simplex,multicast></performnud,auto_linklocal></performnud,auto_linklocal></rxcsum,txcsum,rxcsum_ipv6,txcsum_ipv6></up,loopback,running,multicast></promisc></performnud,auto_linklocal></broadcast,simplex,multicast></full-duplex></performnud,auto_linklocal></vlan_mtu,wol_magic></up,broadcast,running,simplex,multicast></full-duplex></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_magic,linkstate></up,broadcast,running,simplex,multicast></full-duplex></performnud,auto_linklocal></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,linkstate></up,broadcast,running,simplex,multicast>

jimp

Nothing unusual there… for giggles, try running this:

ifconfig bridge create

(edit: just "bridge" not "bridge0" there)

ionutr

Done.

[2.2.4-RELEASE][root@pfsense.x]/root: ifconfig bridge create
bridge0

jimp

Then I'd suspect something in the PHP install/libraries. At a minimum, try forcing an upgrade to the exact same version you're already on, though a reinstall would be a better bet.

ionutr

Thanks, I think I'll try that out. Could be possible that a future upgrade to 2.2.5 (when it will come out) will solve my problem? :)

jimp

It's possible but difficult to say. I wouldn't wait for that to come along to fix it. 2.2.5 itself wouldn't likely be the fix, but whatever the upgrade might rewrite on the system itself would potentially help.

ionutr

Thanks for your help. I'll reinstall pfSense, reconfigure it and I'll come back with the result.

ionutr

It all works fine after the clean install. Thanks for the support :)