2.4 Upgrade Kernel Panic loop

  • Hi Everyone,

    After upgrading to 2.4 one of my firewalls (HA Backup) is now caught in an endless loop kernel panic / reboot.  Wash. Rinse.  Repeat.

    The panic happens so fast I couldn't even make heads or tails what was causing it.  Booting into single user and looking in /var/core/ showed empty files.    I finally just decided to record the entire process with my phone and step through it frame by frame. Sure enough, it seems to be with the HA / Limiter issue we've been seeing for the last year and a half.    As I keep seeing pfsync_undeferred_state or somethign to that effect.

    I had the 2.3.2 working find with HA / Limiters after I kept certain things turned off (manual failovers, and state syncs etc).

    I've since removed limiters from everything on my primary firewall, but I need to somehow recover fw2.  I'm at a loss at this point on how to do it, and am preying I don't have to rebuilt the whole thing.  Any guidance would be helpful.

  • If youve got console access then this would be the way i would try..
    Go single user mode or abort the boot process half way before the configuration of limiters/carp happens.. (i think a Ctrl+C would do)..

    Then 'carefully' edit the /cf/conf/config.xml and strip out the configuration options that you expect to make it fail. I would probably use the 'ee' editor for that.. Probably easiest to remove the pfSync peer ip assuming that part of the cause..
    Do make a copy of the configuration first to for example /root/ !

    Then reboot and hope it worked..  ::)

    Once you get access to webgui again, then probably removing limiters from there is easier..

  • Yeah!  Recovered!    Thank you kindly.  I was banging my head against the wall because dropping into Single User mode mounts read-only, and even trying to run the /etc/rc.remount_rw script was failing.      Didn't realize I could cut out the boot process at any time using Ctrl-C.

    I'm back in business.

Log in to reply