Reproducible kernel panic with pfSense 2.2 and IPSEC
-
yes my scenario is like described befor in this thread.
but set net.inet.ipsec.directdispatch to 0 seems to "workaround" the issue
so there is may be hope for all 32 Bit Users ;) -
ermal, do you need my report too? :)
Actually I am the man who reported the issue. But I moved my box on to amd64 version…
I ask because I have troubles to restoring old x86 backup, so new installation take time... I can do it but only if it really needed. -
Nope the scenario is clear.
-
i can reproduce the scenario in our lab any time. The VM's are set up already just need to put back the config into the alix board.
If you need just let me know. -
Update my pfsense in lab on 2.2.1 same behavior
then i tried toset net.inet.ipsec.directdispatch to 0
looks good so far. stable since about 30 minutes (before after about 30 seconds i get a kernel panic)
Hello, had the same issues with reboot`s on 8 devices.
Hardware ALIX.2 v0.99m tinyBIOS V1.4a.
Pf.Version 2.2.2-RELEASE (i386) built on Mon Apr 13 20:10:33 CDT 2015.After the set of "net.inet.ipsec.directdispatch to 0" all systems works fine. No reboots, no systempanics, stable 3 days ago yet. :)
What is done with this adjustment ? Will this fix embedded as standard for further versions ?
Best regards
eeit
-
net.inet.ipsec.directdispatch=0
fixes the issue on ALIX 2D13 (32bit) with IPSEC for me. Thank you very much! Marked as solved.
-
Can you please having issues with this confirm that you are running Proxy arps?
If yes, can you try with the fix at https://redmine.pfsense.org/issues/4685 last comment. -
@ermal:
Can you please having issues with this confirm that you are running Proxy arps?
If yes, can you try with the fix at https://redmine.pfsense.org/issues/4685 last comment.I'm having the same issue (see https://forum.pfsense.org/index.php?topic=94140.0) and afaik i'm not using proxy arps. None of the previous tunables (including net.inet.ipsec.directdispatch=0) did fix it!
-
I'm getting this error on my x86 pfsense box when booting up.
How can I set set net.inet.ipsec.directdispatch to 0?
I've connected a monitor and keyboard, booted up my system
Selected '3. Escape to loader prompt.'
I type:: 'set net.inet.ipsec.directdispatch=0'
Then type: 'boot'I get the same kernel panic? Am I doing this wrong? Can anyone help me? :)
Thanks,
Brad -
I'm getting this error on my x86 pfsense box when booting up.
Just make sure you're running 2.2.4, that's been fixed in 2.2.3 and newer. directdispatch is automatically set accordingly for 32 bit to avoid that crash. If you're already on 2.2.4, then you have a different problem, start a new thread detailing what you're seeing.
-
How can I upgrade if I can't even boot up the box though? I assume I could re-install from scratch but I don't really want to lose all my settings.
-
I tried booting from a live cd 2.2.4 (x86) and get the same KBD panic for what its worth. Does that mean this is a new/different issue?
So frustrating that a simple upgrade has killed my pfsense box.
Maybe the answer is I need to downgrade. What is the safest version that doesn't have this issue?
-
If I do show net.inet.ipsec.directdispatch it reports 0
If I then do boot it panic's again.
So I'm pretty sure this isn't helping in my case. Shall I open a new thread?
-
If that's the case then it's definitely not the same problem and you should start a new thread, and try to capture the panic message/backtrace if possible.
