Notice on my firmware update 2.4.0-beta to RC of SG-1000
-
Hello. I sent this to Netgate Sales:
<quote>I just bought and received yesterday a SG-1000 device. It worked out of the box. I configured it as standard (mainly adding a password). It still worked. I saved the configuration this morning. I did the update this morning. It still worked. I saved the configuration. My internet access works.
Now looking carefully at the GUI, I found the following note [a note to me !]
Notices
Filter reload
There were error(s) loading the rules: /tmp/rules.debug:18: cannot define table bogonsv6: Canot allocate memory - the line in question reads [18]: table <bogonsv6> persist file "/etc/bogonsv6"
@2017-08-23 11:20:29This results from my updating the firmware, of that I am quite certain.
What do I need to understand from that ? Should I be worried ?
What can I do to correct whatever is wrong ?
What can you do to help me ? TIA
The reply from Netgate sales was:
<quote>Yes, there is a known bug on SG-1000 regarding table size error logs -
https://www.reddit.com/r/PFSENSE/comments/67eqgr/cannot_define_table_bogonsv6_cannot_allocate/
A work around appears to be to increase System->Advanced-> Firewall Maximum Table Entries.
Keeping in mind SG-1000 has only 512Mb of RAM the firewall maximum Table Entries could be set to 500K.
You have only community support, for detailed help about your issue please visit forum.pfsense.org or purchase support - https://www.netgate.com/support/
This is a bug, a bug ! How could Netgate believe they can escape the obligation to correct when they do mistakes ?
Nevertheless, I changed, at the stated location, the value written "200000" (the default value) into "500000" (should it be 512000 ?). I have no idea if this works or not and how to redo the update, since the SG-1000 states that it is now up to date. BTW, the SG-1000, presently, works. Should I revert to my earlier firmware backup (before firmware update) ?
And Netgate sales then had an after thought:
<quote>By the way - it is not an issue for systems with RAM equal or higher than 512Mb
https://redmine.pfsense.org/issues/4876
What do I do ? Do I need to increase the RAM ? Can I do that ? How ?
TIA</quote></quote></quote>
-
This is a bug, a bug ! How could Netgate believe they can escape the obligation to correct when they do mistakes ?
The bug will be fixed.
They pointed you towards community support for adjusting the table size(=workaround). If you had commercial support, they would have helped you to change this value (or used some remote control to adjust it for you) -
Thanks heper, it helps. I have no regret for asking from Netgate about bug resolution, nevertheless. :)
Now, what should I do ?
Based on the limited information I had received from Netgate Sales, I have adjusted the Firewall Maximum Table Entries from 200000 (default) to 500000; and later in the same day reverted back from 500000 (then stated as default) to 200000 because it seemed to me internet had become sluggish. 200000 is now stated, again, as default.
Should I use my backup (was a standard backup as advised, skip RRD data was ticked as advised) and revert to the earlier firmware setup (the one which was factory-installed when I received the device (I remember it was a beta) ? would this effectively revert the firmware back in time ?
Should I do nothing ?
Any other action on my side ? TIA
-
The action on your side would be update to the latest RC version, not beta anymore.
Go to System>Update>Update Settings make sure that stable branch is selected, Press "SAVE" and check for updates on System>Update>System Update page.
If it does not help or don't want to update., then try System>Advanced>Firewall & NAT
Try to change Firewall Optimization Options , select "Aggressive". -
Thanks wOw, your advice is appreciated.
You wrote: "The action on your side would be update to the latest RC version, not beta anymore.
Go to System>Update>Update Settings make sure that stable branch is selected, Press "SAVE" and check for updates on System>Update>System Update page."The stable branch was indeed already selected.
I pressed "SAVE" nevertheless, checked for updates as advised. I could see that the device firmware is "up to date".Then you wrote: "If it does not help or don't want to update., then try System>Advanced>Firewall & NAT
Try to change Firewall Optimization Options, select "Aggressive"."The device firmware is up to date. Beyond console spitting its data by bursts rather than in one shot, or console getting blocked before completion, If I also forget about the existence and meaning of the error message I stated above, I have not noticed any unsatisfactory behavior of the SG-1000.
So far, Firewall Optimization Options is still on "Normal". More generally, I have not changed any settings.
I note (assume) that I do not need to revert to the original firmware as was installed upon my purchase.
Thanks.
-
Hello to all. I revert to this older post of mine, for an unclosed issue. Today, after a long bike trip in Corsica, I performed the update of my SG-1000 to 2.4.0
It worked. Before and after, I saved the entire configuration (not skipping packages nor RRD data). In System>Advanced>Firewall & NAT, Firewall Optimization Options is still on "Normal".
From my earlier update to 2.4.0beta, I had received the following remark:
(Filter Reload: There were error(s) loading the rules: /tmp/rules.debug:19: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [19]: table <bogonsv6> persist file "/etc/bogonsv6" @ 2017-10-23 15:49:41)
Can I now safely erase that remark and forget about it ?
TIA.