2.4 Upgrade Kernel Panic loop
-
Hi Everyone,
After upgrading to 2.4 one of my firewalls (HA Backup) is now caught in an endless loop kernel panic / reboot. Wash. Rinse. Repeat.
The panic happens so fast I couldn't even make heads or tails what was causing it. Booting into single user and looking in /var/core/ showed empty files. I finally just decided to record the entire process with my phone and step through it frame by frame. Sure enough, it seems to be with the HA / Limiter issue we've been seeing for the last year and a half. As I keep seeing pfsync_undeferred_state or somethign to that effect.
I had the 2.3.2 working find with HA / Limiters after I kept certain things turned off (manual failovers, and state syncs etc).
I've since removed limiters from everything on my primary firewall, but I need to somehow recover fw2. I'm at a loss at this point on how to do it, and am preying I don't have to rebuilt the whole thing. Any guidance would be helpful.
-
If youve got console access then this would be the way i would try..
Go single user mode or abort the boot process half way before the configuration of limiters/carp happens.. (i think a Ctrl+C would do)..Then 'carefully' edit the /cf/conf/config.xml and strip out the configuration options that you expect to make it fail. I would probably use the 'ee' editor for that.. Probably easiest to remove the pfSync peer ip assuming that part of the cause..
Do make a copy of the configuration first to for example /root/ !Then reboot and hope it worked.. ::)
Once you get access to webgui again, then probably removing limiters from there is easier..
-
Yeah! Recovered! Thank you kindly. I was banging my head against the wall because dropping into Single User mode mounts read-only, and even trying to run the /etc/rc.remount_rw script was failing. Didn't realize I could cut out the boot process at any time using Ctrl-C.
I'm back in business.