Update to 2.5.0 broke DHCP relay
-
@thesurf A of 2.5.0 there is no more 'circular logging'.
pfSense 2.5.0 uses the more universal clear text line 'syslog' logging. The log files should be readabale with a simple 'cat' command.Btw : I'm not using 'relayd' myself, and the pfSense in front of me is still on 2.4.5-p1 (update tomorrow), so can't detail more.
A program or service (process, daemon) can use whatever it want as a log file. Its not mandatory to use the system's syslog capabilities.
This file :
/var/log/relayd.log
dates from before the upgrade ?
Note the owner and group of the fiile.That is, if you wipe it, and then
touch /var/log/relayd.logA zero byte file will get created.
Adapt the owner / group if needed.Start relayd.
The file changes - grows in size ?
Binary ? plain text ? -
Next Update...
if you enable the dhcp relay service like this:
login-to-viewThen click on the disable checkbox and save
login-to-viewand then reenable the service. The destionation services are missing.
-
This post is deleted! -
Thanks for the reply. Did what you suggest.
[2.5.0-RELEASE][root@fwint3]/var/log: touch relayd.log [2.5.0-RELEASE][root@fwint3]/var/log: ls -l relayd.log -rw-r--r-- 1 root wheel 0 Feb 19 10:35 relayd.logThe service was once again configured. No file size change. Then it was started in the services section, one again no file size incread
-
Hi,
I have a Dell R610 with Intel X520 NIC. On this nic I have about 5 VLANs.
On 3 of this VLAN (as Interface in pfSense) I have activated relayd to forward the dhcp request to my dhcp Servers (Active directory controller).
Local net 192.168.8.0/24
DHCP: 192.168.1.27 and 192.168.1.28
Since this is another office Building. The pfSense on the client Network routes to the network 192.168.1.0/24 via a lwl Kabel.
This setup was up an running with 2.4.5_p1 for about 1 year. After the upgrade the service relayd would not start anymore.
-
@thesurf said in Update to 2.5.0 broke DHCP relay:
This setup was up an running with 2.4.5_p1 for about 1 year. After the upgrade the service relayd would not start anymore.
relayd or DHCP relay?..
https://docs.netgate.com/pfsense/en/latest/releases/2-5-0.html#security-errata:
Deprecated the built-in relayd Load Balancer #9386
- relayd does not function with OpenSSL 1.1.x
- The relayd FreeBSD port has been changed to require libressl – There is no apparent sign of work to make it compatible with OpenSSL 1.1.x
- The HAProxy package may be used in its place; It is a much more robust and more feature-complete load balancer and reverse proxy
-
I I thought the relayd was the dhcp relay.
I'm working on the dhcp relay / forwarder.For loadbalancing I'm using ha proxy on other pfsense.
-
I can confirm your findings. The DHCP-Relay setup was/is broken on update.
I used
/usr/local/sbin/dhcrelay -id vmx1 -iu vmx0 -a -m replace IP_dhcp-server1 IP_dhcpsever2
as a quick fix. (one WAN (vmx0), one LAN-Interface (vmx1))
I was very delighted to see that within 2.4.5_p1 the DHCP-Handling was much better. I did not have time to look deeply into this problem, so this is a quick fix.
-
@fwcheck said in Update to 2.5.0 broke DHCP relay:
I can confirm your findings. The DHCP-Relay setup was/is broken on update.
I used
/usr/local/sbin/dhcrelay -id vmx1 -iu vmx0 -a -m replace IP_dhcp-server1 IP_dhcpsever2
as a quick fix. (one WAN (vmx0), one LAN-Interface (vmx1))
I was very delighted to see that within 2.4.5_p1 the DHCP-Handling was much better. I did not have time to look deeply into this problem, so this is a quick fix.
Could you provide
vmx0andvmx1IP addresses andIP_dhcp-server1,IP_dhcpsever2to check ? -
@viktor_g
Short:
vmx0 is a private IP
vmx1 is a public IP
Both dhcp Servers are upstream (behind vmx0)Later today i will do a clean update install (2.4.4_p3 -> 2.5.0) and can check that again. I will come back to this.
-
@fwcheck we need to know IP addresses to test
you can change the network part of address if you don't want to show it -
jimp Rebel Alliance Developer Netgatelast edited by jimp Feb 19, 2021, 4:43 PM Feb 19, 2021, 4:43 PM
To diagnose this we are going to need better info. You can redact some things but we need to know:
- The interfaces involved, and their subnets
- All of the DHCP relay settings used
If you redact anything replace them with appropriate dummy addresses but keep at least enough to uniquely identify them (e.g. 10.0.0.1/24 -> x.x.x.1/24, 10.4.1.2/24->y.y.y.2/24).
Bonus points for getting the process output from 2.4.x and 2.5.x to compare what it's trying to run in each case.
-
I am not quite sure but i think within 2.4.5_p1 the dhcp was supplying adresses to openvpn-clients via a bridge. I will look into the old configuration ans supply info on monday afternoon.
Redundant carp setup
looks basically like this:
vmx0 192.168.0.3/29
vmx1 1.1.1.1/24 (a public subnet)
dhcp-server 10.2.1.14
dhcp-server 10.2.1.13 -
lets try here to give you a quick headsup since it is alread 9pm in germany.
Building setup:
Building a ---- LWL dark fiber ---- Head officeSome quick drawing from draw.io
Total
login-to-viewThe Carp and pfSense cluster didn't play a role here. I disabled carp in testing.
What I have seen on fwint3 that the dhcp request arrive as usal on the clients interface. But nothing is send out to the dhcp server.
There are more vlans that have ther own interface assigned in pfSense and other components, but they can be left out.
The cluster fwint3 and fwint4 have been updated without any problems from 2.4.5p1 to 2.5.0. Routing traffic everything works but not the dhcp forwarding.
I think I do not have logs of 2.4.5p1. And on 2.5.0 the dhcp forward did not start. There is nothing in the dhcp log nor is there something in the syslog. If I disable dhcp forwarding and start dhcp server on the fwint3 I see dhcp logs and leases go out and work like they did when they where forwarded.
Hope that helps. I you need something let me know.
-
@jimp
Hi forgot. All Interface are intel x520 nic. So Interfaces will be ix0 and ix1 on each firewall. On top that is the vlan so ix0.8 and so on. NO Bridge. -
Also occurring on VMware ESXi 6.7 hosted environment with VMXNET3 cards. Single DHCP server target, with relays from six different networks (some VLAN, some 'direct' connect). Appears that all do not pass the DHCP packets to the server (none received in the external server logs), but packets are seen by packet capture on the interfaces concerned on pfSense.
Happy to build a test 2.5.0 environment to provide further info and logs if necessary. -
@johnsdixon said in Update to 2.5.0 broke DHCP relay:
Happy to build a test 2.5.0 environment to provide further info and logs if necessary.
very good, we need to know:
- DHCP Relay configuration (screenshot or
<dhcrelay>part from your config.xml); - Routing table (
netstat -rnoutput); - Interfaces IP addresses (
ifconfigoutput);
- DHCP Relay configuration (screenshot or
-
@viktor_g said in Update to 2.5.0 broke DHCP relay:
@johnsdixon said in Update to 2.5.0 broke DHCP relay:
Happy to build a test 2.5.0 environment to provide further info and logs if necessary.
very good, we need to know:
- DHCP Relay configuration (screenshot or
<dhcrelay>part from your config.xml); - Routing table (
netstat -rnoutput); - Interfaces IP addresses (
ifconfigoutput);
Hi, network plan I have already posted abouve.
Here are the requeired data:
[2.5.0-RELEASE][root@fwint3.XXXXXXXX.local]/conf: netstat -rn Routing tables Internet: Destination Gateway Flags Netif Expire default 10.10.65.3 UGS lagg0.65 10.10.55.0/28 link#19 U lagg0.11 10.10.55.2 link#19 UHS lo0 10.10.56.0/30 link#8 U bge1 10.10.56.1 link#8 UHS lo0 10.10.64.0/28 link#18 U lagg0.64 10.10.64.4 link#18 UHS lo0 10.10.64.6 link#18 UHS lo0 10.10.65.0/28 link#17 U lagg0.65 10.10.65.4 link#17 UHS lo0 10.10.65.6 link#17 UHS lo0 127.0.0.1 link#10 UH lo0 192.168.8.0/24 link#14 U lagg0.8 192.168.8.252 link#14 UHS lo0 192.168.8.254 link#14 UHS lo0 192.168.11.0/24 link#19 U lagg0.11 192.168.11.252 link#19 UHS lo0 192.168.11.254 link#19 UHS lo0 192.168.24.0/24 link#15 U lagg0.24 192.168.24.252 link#15 UHS lo0 192.168.24.254 link#15 UHS lo0 192.168.71.0/24 link#20 U lagg0.71 192.168.71.252 link#20 UHS lo0 192.168.71.254 link#20 UHS lo0 192.168.109.0/24 link#16 U lagg0.10 192.168.109.252 link#16 UHS lo0 192.168.109.254 link#16 UHS lo0 Internet6: Destination Gateway Flags Netif Expire ::1 link#10 UH lo0 fe80::%bge1/64 link#8 U bge1 fe80::529a:4cff:fe94:ad73%bge1 link#8 UHS lo0 fe80::%lo0/64 link#10 U lo0 fe80::1%lo0 link#10 UHS lo0 fe80::%lagg0/64 link#13 U lagg0 fe80::faf2:1eff:fe34:9540%lagg0 link#13 UHS lo0 fe80::%lagg0.8/64 link#14 U lagg0.8 fe80::faf2:1eff:fe34:9540%lagg0.8 link#14 UHS lo0 fe80::%lagg0.24/64 link#15 U lagg0.24 fe80::faf2:1eff:fe34:9540%lagg0.24 link#15 UHS lo0 fe80::%lagg0.109/64 link#16 U lagg0.10 fe80::faf2:1eff:fe34:9540%lagg0.109 link#16 UHS lo0 fe80::%lagg0.65/64 link#17 U lagg0.65 fe80::faf2:1eff:fe34:9540%lagg0.65 link#17 UHS lo0 fe80::%lagg0.64/64 link#18 U lagg0.64 fe80::faf2:1eff:fe34:9540%lagg0.64 link#18 UHS lo0 fe80::%lagg0.11/64 link#19 U lagg0.11 fe80::faf2:1eff:fe34:9540%lagg0.11 link#19 UHS lo0 fe80::%lagg0.71/64 link#20 U lagg0.71 fe80::faf2:1eff:fe34:9540%lagg0.71 link#20 UHS lo0[2.5.0-RELEASE][root@fwint3.XXXXXXXXXXX.local]/conf: ifconfig igb0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6> ether b4:96:91:33:de:40 media: Ethernet autoselect status: no carrier nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> igb1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6> ether b4:96:91:33:de:41 media: Ethernet autoselect status: no carrier nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> igb2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6> ether b4:96:91:33:de:42 media: Ethernet autoselect status: no carrier nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> igb3: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6> ether b4:96:91:33:de:43 media: Ethernet autoselect status: no carrier nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> ixl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6> ether f8:f2:1e:34:95:40 media: Ethernet autoselect (10Gbase-SR <full-duplex>) status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> ixl1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6> ether f8:f2:1e:34:95:40 hwaddr f8:f2:1e:34:95:41 media: Ethernet autoselect (10Gbase-SR <full-duplex>) status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> bge0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=c019b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE> ether 50:9a:4c:94:ad:72 media: Ethernet autoselect nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> bge1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: sync options=c019b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,VLAN_HWTSO,LINKSTATE> ether 50:9a:4c:94:ad:73 inet6 fe80::529a:4cff:fe94:ad73%bge1 prefixlen 64 scopeid 0x8 inet 10.10.56.1 netmask 0xfffffffc broadcast 10.10.56.3 media: Ethernet autoselect (1000baseT <full-duplex,master>) status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> enc0: flags=41<UP,RUNNING> metric 0 mtu 1536 groups: enc nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0xa inet 127.0.0.1 netmask 0xff000000 groups: lo nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> pflog0: flags=100<PROMISC> metric 0 mtu 33160 groups: pflog pfsync0: flags=41<UP,RUNNING> metric 0 mtu 1500 pfsync: syncdev: bge1 syncpeer: 10.10.56.2 maxupd: 128 defer: off syncok: 1 groups: pfsync lagg0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=e507bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWFILTER,VLAN_HWTSO,RXCSUM_IPV6,TXCSUM_IPV6> ether f8:f2:1e:34:95:40 inet6 fe80::faf2:1eff:fe34:9540%lagg0 prefixlen 64 scopeid 0xd laggproto failover lagghash l2,l3,l4 laggport: ixl0 flags=5<MASTER,ACTIVE> laggport: ixl1 flags=0<> groups: lagg media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> lagg0.8: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: LANMaMue options=600703<RXCSUM,TXCSUM,TSO4,TSO6,LRO,RXCSUM_IPV6,TXCSUM_IPV6> ether f8:f2:1e:34:95:40 inet6 fe80::faf2:1eff:fe34:9540%lagg0.8 prefixlen 64 scopeid 0xe inet 192.168.8.252 netmask 0xffffff00 broadcast 192.168.8.255 inet 192.168.8.254 netmask 0xffffff00 broadcast 192.168.8.255 vhid 8 groups: vlan carp: MASTER vhid 8 advbase 5 advskew 1 vlan: 8 vlanpcp: 0 parent interface: lagg0 media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> lagg0.24: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: PrintMaMue options=600703<RXCSUM,TXCSUM,TSO4,TSO6,LRO,RXCSUM_IPV6,TXCSUM_IPV6> ether f8:f2:1e:34:95:40 inet6 fe80::faf2:1eff:fe34:9540%lagg0.24 prefixlen 64 scopeid 0xf inet 192.168.24.252 netmask 0xffffff00 broadcast 192.168.24.255 inet 192.168.24.254 netmask 0xffffff00 broadcast 192.168.24.255 vhid 24 groups: vlan carp: MASTER vhid 24 advbase 5 advskew 1 vlan: 24 vlanpcp: 0 parent interface: lagg0 media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> lagg0.109: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: VoiceMaMue options=600703<RXCSUM,TXCSUM,TSO4,TSO6,LRO,RXCSUM_IPV6,TXCSUM_IPV6> ether f8:f2:1e:34:95:40 inet6 fe80::faf2:1eff:fe34:9540%lagg0.109 prefixlen 64 scopeid 0x10 inet 192.168.109.252 netmask 0xffffff00 broadcast 192.168.109.255 inet 192.168.109.254 netmask 0xffffff00 broadcast 192.168.109.255 vhid 109 groups: vlan carp: MASTER vhid 109 advbase 5 advskew 1 vlan: 109 vlanpcp: 0 parent interface: lagg0 media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> lagg0.65: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: CarrierVlanLWL options=600703<RXCSUM,TXCSUM,TSO4,TSO6,LRO,RXCSUM_IPV6,TXCSUM_IPV6> ether f8:f2:1e:34:95:40 inet6 fe80::faf2:1eff:fe34:9540%lagg0.65 prefixlen 64 scopeid 0x11 inet 10.10.65.4 netmask 0xfffffff0 broadcast 10.10.65.15 inet 10.10.65.6 netmask 0xfffffff0 broadcast 10.10.65.15 vhid 65 groups: vlan carp: MASTER vhid 65 advbase 5 advskew 1 vlan: 65 vlanpcp: 0 parent interface: lagg0 media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> lagg0.64: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: CarrierVLanWlan options=600703<RXCSUM,TXCSUM,TSO4,TSO6,LRO,RXCSUM_IPV6,TXCSUM_IPV6> ether f8:f2:1e:34:95:40 inet6 fe80::faf2:1eff:fe34:9540%lagg0.64 prefixlen 64 scopeid 0x12 inet 10.10.64.4 netmask 0xfffffff0 broadcast 10.10.64.15 inet 10.10.64.6 netmask 0xfffffff0 broadcast 10.10.64.15 vhid 64 groups: vlan carp: MASTER vhid 64 advbase 5 advskew 1 vlan: 64 vlanpcp: 0 parent interface: lagg0 media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> lagg0.11: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: MgmtMaMue options=600703<RXCSUM,TXCSUM,TSO4,TSO6,LRO,RXCSUM_IPV6,TXCSUM_IPV6> ether f8:f2:1e:34:95:40 inet6 fe80::faf2:1eff:fe34:9540%lagg0.11 prefixlen 64 scopeid 0x13 inet 192.168.11.252 netmask 0xffffff00 broadcast 192.168.11.255 inet 192.168.11.254 netmask 0xffffff00 broadcast 192.168.11.255 vhid 11 inet 10.10.55.2 netmask 0xfffffff0 broadcast 10.10.55.15 groups: vlan carp: MASTER vhid 11 advbase 1 advskew 0 vlan: 11 vlanpcp: 0 parent interface: lagg0 media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> lagg0.71: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: ErfasserLAN options=600703<RXCSUM,TXCSUM,TSO4,TSO6,LRO,RXCSUM_IPV6,TXCSUM_IPV6> ether f8:f2:1e:34:95:40 inet6 fe80::faf2:1eff:fe34:9540%lagg0.71 prefixlen 64 scopeid 0x14 inet 192.168.71.252 netmask 0xffffff00 broadcast 192.168.71.255 inet 192.168.71.254 netmask 0xffffff00 broadcast 192.168.71.255 vhid 71 groups: vlan carp: MASTER vhid 71 advbase 1 advskew 0 vlan: 71 vlanpcp: 0 parent interface: lagg0 media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>I have deactivated dhcp server and enabled dhcp forwarding again with the values as there where and saved it:
but unter /conf/config.xml I cat NOT find anything about dhcp forwarding. Even the gui said it was saved. (Did I look on the wrong place?)
This is out of the 2.4.4p1 config
<dhcrelay> <enable></enable> <interface>opt1,opt3,opt7,opt8</interface> <agentoption></agentoption> <server>192.168.1.28,192.168.1.27</server> </dhcrelay> - DHCP Relay configuration (screenshot or
-
@viktor_g
Also from my environment.. (first set under 2.4.5_1, second under 2.5.0).<dhcrelay> <enable></enable> <interface>lan</interface> <agentoption></agentoption> <server>192.168.99.1</server> </dhcrelay>Routing tables Internet: Destination Gateway Flags Netif Expire default 100.64.44.1 UGS vmx0 100.64.44.0/24 link#1 U vmx0 100.64.44.3 link#1 UHS lo0 127.0.0.1 link#3 UH lo0 192.168.0.0/16 100.64.44.1 UGS vmx0 192.168.192.0/24 link#2 U vmx1 192.168.192.1 link#2 UHS lo0 Internet6: Destination Gateway Flags Netif Expire ::1 link#3 UH lo0 fe80::%vmx0/64 link#1 U vmx0 fe80::20c:29ff:fe24:ebd7%vmx0 link#1 UHS lo0 fe80::%vmx1/64 link#2 U vmx1 fe80::20c:29ff:fe24:ebe1%vmx1 link#2 UHS lo0 fe80::%lo0/64 link#3 U lo0 fe80::1%lo0 link#3 UHS lo0vmx0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=60009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,RXCSUM_IPV6,TXCSUM_IPV6> ether 00:0c:29:24:eb:d7 hwaddr 00:0c:29:24:eb:d7 inet6 fe80::20c:29ff:fe24:ebd7%vmx0 prefixlen 64 scopeid 0x1 inet 100.64.44.3 netmask 0xffffff00 broadcast 100.64.44.255 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> media: Ethernet autoselect status: active vmx1: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=60009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,RXCSUM_IPV6,TXCSUM_IPV6> ether 00:0c:29:24:eb:e1 hwaddr 00:0c:29:24:eb:e1 inet6 fe80::20c:29ff:fe24:ebe1%vmx1 prefixlen 64 scopeid 0x2 inet 192.168.192.1 netmask 0xffffff00 broadcast 192.168.192.255 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> media: Ethernet autoselect status: active lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3 inet 127.0.0.1 netmask 0xff000000 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> groups: lo enc0: flags=0<> metric 0 mtu 1536 nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> groups: enc pfsync0: flags=0<> metric 0 mtu 1500 groups: pfsync pflog0: flags=100<PROMISC> metric 0 mtu 33160 groups: pflogAnd from 2.5.0, immediately after upgrading.
-<dhcrelay> <enable/> <interface>lan</interface> <agentoption/> <server>192.168.99.1</server> </dhcrelay>Routing tables Internet: Destination Gateway Flags Netif Expire default 100.64.44.1 UGS vmx0 100.64.44.0/24 link#1 U vmx0 100.64.44.3 link#1 UHS lo0 127.0.0.1 link#4 UH lo0 192.168.0.0/16 100.64.44.1 UGS vmx0 192.168.192.0/24 link#2 U vmx1 192.168.192.1 link#2 UHS lo0 Internet6: Destination Gateway Flags Netif Expire ::1 link#4 UH lo0 fe80::%vmx0/64 link#1 U vmx0 fe80::20c:29ff:fe24:ebd7%vmx0 link#1 UHS lo0 fe80::%vmx1/64 link#2 U vmx1 fe80::20c:29ff:fe24:ebe1%vmx1 link#2 UHS lo0 fe80::%lo0/64 link#4 U lo0 fe80::1%lo0 link#4 UHS lo0vmx0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: WAN options=e000bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,RXCSUM_IPV6,TXCSUM_IPV6> ether 00:0c:29:24:eb:d7 inet6 fe80::20c:29ff:fe24:ebd7%vmx0 prefixlen 64 scopeid 0x1 inet 100.64.44.3 netmask 0xffffff00 broadcast 100.64.44.255 media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> vmx1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500 description: LAN options=e000bb<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,JUMBO_MTU,VLAN_HWCSUM,RXCSUM_IPV6,TXCSUM_IPV6> ether 00:0c:29:24:eb:e1 inet6 fe80::20c:29ff:fe24:ebe1%vmx1 prefixlen 64 scopeid 0x2 inet 192.168.192.1 netmask 0xffffff00 broadcast 192.168.192.255 media: Ethernet autoselect status: active nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> enc0: flags=0<> metric 0 mtu 1536 groups: enc nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384 options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6> inet6 ::1 prefixlen 128 inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4 inet 127.0.0.1 netmask 0xff000000 groups: lo nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL> pflog0: flags=100<PROMISC> metric 0 mtu 33160 groups: pflog pfsync0: flags=0<> metric 0 mtu 1500 groups: pfsync -
@victor_g
Correction: Having moved the backup file from 2.4.5 across the divide, it is as below..
Errors introduced by rekeying and not reading what's on the screen.
-<dhcrelay> <enable/> <interface>lan</interface> <agentoption/> <server>192.168.123.1</server> </dhcrelay>