Upgrade to 2.4.1 cant connect to pppoe wan over vlan



  • i just updated to 2.4.1 on the apu2 and now cant connect to wan at all which is pppoe over vlan



  • this is a known issue, will be fixed in 2.4.2.

    I dont know if its fixed in the current 2.4.2 dev branch.



  • for now i had to rename all igb.20 to igb1_20 to make it connect, why would they release it with such a bug



  • @xbipin:

    for now i had to rename all igb.20 to igb1_20 to make it connect, why would they release it with such a bug

    I have two pppoe interface over VLAN

    lagg0.1000

    lagg0.835

    and doesn't works…how can i rename for working?


  • Banned


  • Banned

    @xbipin:

    for now i had to rename all igb.20 to igb1_20 to make it connect, why would they release it with such a bug

    It was allegedly done because of some ARM nonsense where some genius decided to name the interface mvneta and they found that it was too long after beginning to sell hardware with those. (Those are the SG3100 units than can be recycled as paperweight once your one year support has ended and you need to reinstall, since there are no public ARM images available.)

    Renaming interfaces is about the most critical thing you can mess with on a networking gear such as firewall. So, of course a minor bugfix release is an excellent opportunity to change those, completely untested and after 2.4 has been tested for ~1 year. Sigh.

    @Grimson:

    Once again, reading the release notes is important: https://www.netgate.com/blog/pfsense-2-4-1-release-now-available.html

    https://redmine.pfsense.org/issues/7981

    Yeah, once again, noone sane makes and expects such changes at this time point.


  • Banned

    @doktornotor:

    (Those are the SG3100 units than can be recycled as paperweight once your one year support has ended and you need to reinstall, since there are no public ARM images available.)

    I don't think so: https://forum.pfsense.org/index.php?topic=126627.msg757029#msg757029

    The SG-3100 will have a recovery partition which will allow you to always reinstall your SG-3100 without downloading images. You will always be able to use the factory version, not Community Edition.


  • Banned

    @Grimson:

    I don't think so: https://forum.pfsense.org/index.php?topic=126627.msg757029#msg757029

    This doesn't work once the storage dies, plus it doesn't work when you screw up that partition either. Again, silly games that serve no useful purpose beyond being a royal PITA for users who decided to spend their money on buying Netgate hardware. (No, you cannot take those images and recycle them for other ARM boxes, ARM is not an Intel PC, so it just doesn't work like that.)

    I don't care about ARM and wouldn't buy any of those boxes from Netgate either due to the above reasons… this weirdo platform is something I'd happily ignore altogether (there's not much to write home about when it comes to ARM on routers, things like Cavium Octeon are whole lot more interesting when it comes to packet processing/UTM/DPI etc.) – if only it didn't harm the vast majority of users. There's a bunch of fixes and improvements that didn't make it to 2.4, the reason often being that more testing is required. Then you go, and start messing with kernel behind the scenes, breaking the OS altogether in RC phase. After that gets fixed and the long overdue release finally goes out, you commit apparently untested super-intrusive stuff into the very first patch version, even knowing that it's broken before you actually release that. All of that due to some niche super-minority platform you started selling a couple of days earlier.

    Sigh.



  • Since this also screwed up my PPPOE unexpectedly - where can I get 2.4.0 to roll back? I have the config.xml but only see 2.4.1 for download…

    Thx!



  • @juniper:

    @xbipin:

    for now i had to rename all igb.20 to igb1_20 to make it connect, why would they release it with such a bug

    I have two pppoe interface over VLAN

    lagg0.1000

    lagg0.835

    and doesn't works…how can i rename for working?

    u need to rename under the pppoe as well as the vlan section in the config file, works well for me so far



  • vi /conf/config.xml

    :%s/lagg0./lagg0_/g
    :wq
    reboot
    should solve problem



  • @xbipin:

    u need to rename under the pppoe as well as the vlan section in the config file, works well for me so far

    Thx - that was much easier than rolling back. Wouldn't have thought this is in config.xml but good to see!



  • @NineX:

    vi /conf/config.xml

    :%s/lagg0./lagg0_/g
    :wq
    reboot
    should solve problem

    Tried it an it seems I have now broke it.

    Fed up with it at the moment. Unbelievable that they have released this update with this broken bit..

    Will try again tomorrow.. Or so



  • @segfooled:

    where can I get 2.4.0 to roll back?

    Just for the record: https://atxfiles.pfsense.org/mirror/downloads/



  • @Satras:

    @NineX:

    vi /conf/config.xml

    :%s/lagg0./lagg0_/g
    :wq
    reboot
    should solve problem

    Tried it an it seems I have now broke it.

    Fed up with it at the moment. Unbelievable that they have released this update with this broken bit..

    Will try again tomorrow.. Or so

    you can try roll back config to previous state then just upgrade to 2.4.2 (dev branch) as there problem is fixed
    then set in upgrade section htat you wish to use stable branch.
    it will not downgrade, but will upgrade you to stable with 2.4.2 release ;)



  • That's what I have planned for tomorrow.

    What is the best way to roll back? Do a clean install and use the config backup of 2.4.0 version?



  • TBH, douche move to do this in a maintenance release. Broke PPP. Rolled back via VM Snapshot…

    I didn't read the release notes fully, but it's a maint release shortly after a major release. The below came in the newsletter - so basically I expected a KRACK patch and stability fix. Not to have the PPP stack entirely borked, which was found in tested and pushed out anyway.

    PPP might not be all that widely used, but I expected things to break in 2.4.0 and planned accordingly, as would the people who did the upgrade to 2.4.0 and found the VLAN problems. I didn't expect the same from 2.4.1

    pfSense software version 2.4.1 release

    We are excited to announce the release of pfSense software version 2.4.1, now available for new installations and upgrades!

    pfSense software version 2.4.1 is a maintenance release bringing security patches and stability fixes for issues discovered in pfSense 2.4.0-RELEASE, including a patch for the recently announced WPA-2 KRACK vulnerability.

    pfSense 2.4.1-RELEASE updates and installation images are available now!


  • Galactic Empire

    @doktornotor:

    It was allegedly done because of some ARM nonsense where some genius decided to name the interface mvneta and they found that it was too long after beginning to sell hardware with those.

    I suggest you fix your attitude.

    @doktornotor:

    Those are the SG3100 units than can be recycled as paperweight once your one year support has ended and you need to reinstall, since there are no public ARM images available.

    This is incorrect. You can always reinstall your SG-1000 using its image that's available on portal.pfsense.org. After 1 year, portal access, not support as no support is bundled with the device, is locked out BUT you can still use SG-1000, continue to update it or reinstall it using the image. Please refrain from making such wrong conclusions.


  • Galactic Empire

    @wishy:

    TBH, douche move to do this in a maintenance release. Broke PPP. Rolled back via VM Snapshot…

    I didn't read the release notes fully, but it's a maint release shortly after a major release.

    Then start reading the release notes or at least the announcement blog post. "douche move" remark is not nice.


  • Netgate

    @doktornotor:

    @xbipin:

    for now i had to rename all igb.20 to igb1_20 to make it connect, why would they release it with such a bug

    It was allegedly done because of some ARM nonsense where some genius decided to name the interface mvneta and they found that it was too long after beginning to sell hardware with those. (Those are the SG3100 units than can be recycled as paperweight once your one year support has ended and you need to reinstall, since there are no public ARM images available.)

    Renaming interfaces is about the most critical thing you can mess with on a networking gear such as firewall. So, of course a minor bugfix release is an excellent opportunity to change those, completely untested and after 2.4 has been tested for ~1 year. Sigh.

    @Grimson:

    Once again, reading the release notes is important: https://www.netgate.com/blog/pfsense-2-4-1-release-now-available.html

    https://redmine.pfsense.org/issues/7981

    Yeah, once again, noone sane makes and expects such changes at this time point.

    Doktornotor,

    Point in-fact the "too long" was due to some work done (by people who are now gone) to use "interfacename<unit>_vlan<number>" in pfSense.

    What we did is to repair the pfSenes code to use the FreeBSD standard "interfacename<unit>. <number>where <number here="" is="" the="" vlan="" tag".<br="">As you should be well-aware, choices made over the last decade mean that pfSense can be quite difficult to maintain.

    This did not occur "after beginning to sell hardware" as you assert.  You are 100% wrong on this point, and you need to retract.  2.4.0-RELEASE occurred prior to SG-3100 entering a shipping state, and, in fact, the earliest release of pfSense for the SG-3100 is 2.4.1-RELEASE.

    This "mvneta" name did not come from us, it came from Semihalf, via FreeBSD.
    Many people are misinformed about being able to get reload images for Netgate platforms.  You perpetuate the myth, and I think only to gain advantage.

    You've made several false statements in the above, and denigrated members of the team.

    We've been here before.  Back down the rhetoric, and retract the above, or go somewhere else.

    You have zero more chances, and I am 100% serious on this point.  Criticism is fine, but lying is not.</number></number></unit></number></unit>



  • I've upgraded my SG-4860 to 2.4.1 and lost my internet connection.

    I tried to modify my config, renaming all igb1.11 to igb1_11 but this results in the system not coming up at all anymore. I had to factory reset and reload the original config to connect again.

    What else can I do to get my connection running again?



  • While its running run on console "ifconfig igb1.11 name igb1_11" then from webgui edit the pppoe interface to select the right interface to run on. That should afaik allow for internet access. Until reboot that is..
    Should probably be possible to upgrade to 2.4.2development which should fix the pppoe+vlan issue, though i am not 100% sure if it wont complain during boot then yet again.. due to the changed config for a then not existing interface with that name..



  • @PiBa:

    While its running run on console "ifconfig igb1.11 name igb1_11" then from webgui edit the pppoe interface to select the right interface to run on. That should afaik allow for internet access. Until reboot that is..

    That did the trick, thank you very much!!!


  • Banned

    @jwt:

    This "mvneta" name did not come from us, it came from Semihalf, via FreeBSD.
    Many people are misinformed about being able to get reload images for Netgate platforms.  You perpetuate the myth, and I think only to gain advantage.

    I perpetuate nothing. I responded to your email, sadly no response to that. So let me restate this in public - noone gives a horse shit about who's responsible for the interface naming brainfart. You are breaking stable releases because of this nonsense. 2.4.0 RC, 2.4.1, the 2.4.2 snapshots…

    WTH you keep threatening contributors to this project What kind of advantage am I supposed to gain from this? Being threatened here, being threatened via email, as a reward for contributing tens of thousand LOCs to the project?

    Go see a shrink doctor, ASAP. This paranoia is pathologic.


  • Galactic Empire

    That's it, your continuous abuse ends now. You were warned many times.



  • Just did a fresh install of 2.4.0 and restored my backup config… all up and running now.. waiting for 2.4.2 for now, or maybe 2.5.x ...

    still damn unhappy about how this all went down... such change in an Minor upgrade.. unbelievable



  • My solution workflow that got our 2.4.1 box with this issue back online…....

    a) Had upgraded from 2.4.0 to 2.4.1
    b) System came back up fine after the upgrade reboot, but no internet connection anymore with existing VLAN/PPPoE configuration.
    c) Logged into WebGUI
    d) Went to Diagnotstics --> Edit File --> Browse. Choose "Conf" folder. Choose Config.xml file.
    e) Place cursor in text window. Go to the Web browser's menu to choose the "find" content facility. Search for each occurrence of "interfacename.vlannumber" in config.xml and change the . to _ then save the edited config.xml file. For example igb0.900 to igb0_900
    f) Reboot PfSense.
    g) System came back up without issue and connected the PPPoE connection immediately. Job done. 15 minutes work max.

    Hope that helps as another interim solution option. I had to do this remotely (200+ Km away), with the keyboard assistance of an inexperienced person at the system's site. The pfSense system was installed at a Radiology practice, so the situation was business critical.

    It was an inconvenience yes, but not a show stopper.

    The bottom line in all this, is that I failed to appreciated the release notes content regarding the VLAN/PPPoE issue, in as much as I forgot that this problem configuration existed on the system I upgraded. So I have no one else to blame but myself. I see that some people are rather disguntled by the circumstances of their own demise with this issue. Yes one could sook that the upgrade was released broken I suppose, but it gets a bit rich to complain about this, when the release notes forewarn of the issue for a specific configuration and then that warning is not heeded.

    Cheers



  • @MAW: if I follow that advise, pfSense will have troubles assigning it's vlans (on that appliance: vtnet0., vtnet0_ respectively) to logical interfaces (OPT*) at reboot. If I only change that within the vlan and pppoe sessions, assignments still work, but pppoe still fails.



  • @MAW:

    … I had to do this remotely (200+ Km away) ... at a Radiology practice, so the situation was business critical ... It was an inconvenience yes, but not a show stopper.

    What?
    A point release that kills functionality IS a show stopper. Period.
    Work in the live entertainment industry like I do and you'll get this pretty soon. Or get fired before you even know why.



  • I upgraded to 2.4.1 and lost my PPPOE WAN connection too. Whoever implemented this system breaking change smoked far too much crack.



  • @chrcoluk:

    this is a known issue, will be fixed in 2.4.2.

    I dont know if its fixed in the current 2.4.2 dev branch.

    Thank you for the information



  • The biggest pain in the ass comes when you update remotely the box, through a VPN connecting via the PPPoE connection. You won't be able to fix anything until you go there physically. Which can cause severe downtime…



  • @robi:

    The biggest pain in the ass comes when you update remotely the box, through a VPN connecting via the PPPoE connection. You won't be able to fix anything until you go there physically. Which can cause severe downtime…

    directly upgrade to 2.4.2 dev from 2.4 and it will be fine, just skip the 2.4.1 update



  • @xbipin:

    directly upgrade to 2.4.2 dev …

    Stuntman is your main profession or just a hobby?  8)

    Honestly, you don't update a remote machine some serious distance away to a dev snapshot. May I remind you that dev stands for development and may contain glitches and quirks.
    And which snapshot timestamp are you talking about? There's probably a newer one already built while we post. Is that fine as well, did you test that on my infrastructure?

    You can do so at home if you like but surely not in a remote session to a critical system not within walking reach.
    If you are sane, that is.  ;)



  • I think he meant for this specific case only.
    This is the only reasonable thing to do. Better 2.4.2 which is more stable than 2.4.1 at least IMO.



  • well i too run many boxes which r located in different countries and after testing 2.4.2 dev locally upgraded all of them to it and all work fine, there isnt much changed between 2.4.1 and 2.4.2 dev so its fine, if the dev marking scares u then wait for the stable but for now the only way to solve this pppoe over vlan issue is to use the dev version



  • Here one other Pfsense KO, i upgrade a 2.4.1 and my PPOE over vlan go out, where can i download the 2.4.2 version to put in my ko pfsense ???





  • I think i'm very unlucky. I have the same problem that PPP doesn't work on vlan so i first tried:
    @PiBa:

    While its running run on console "ifconfig igb1.11 name igb1_11" then from webgui edit the pppoe interface to select the right interface to run on. That should afaik allow for internet access. Until reboot that is..

    But this doesn't work for me, PPP still was down. So I tried the procedure below:

    @MAW:

    Choose Config.xml file.
    e) Place cursor in text window. Go to the Web browser's menu to choose the "find" content facility. Search for each occurrence of "interfacename.vlannumber" in config.xml and change the . to _ then save the edited config.xml file. For example igb0.900 to igb0_900
    f) Reboot PfSense.
    g) System came back up without issue and connected the PPPoE connection immediately. Job done. 15 minutes work max.

    And my firewall was stucked in a bootloop: it starts, answer me 5 or 6 pings then restart…. I was able to connect to SSH and restore a previous configuration in this time frame (i think max 5-6 sec). Firewall reboots correctyl and now I have the same problem: my PPP VLAN doesnt works.  Finally i've tried this:

    @xbipin:

    directly upgrade to 2.4.2 dev from 2.4 and it will be fine, just skip the 2.4.1 update

    And my firewall was stucked at boot, saying it cant find /boot/kernel/kernel.
    :'( :-X

    EDIT: Added IMG error of 2.4.2 from SSD and error from USB (tried 2.4.0. and 2.4.2) USB was the memstick img.gz file and was written by rufus

    EDIT2: FreeBSD 11.1 AMD64 Memstick boots fine EDIT3. Nope, it stucks just later.
    I've changed USB and now 2.4.2 starts!






  • I have a 2.4.1 that not works after upgrade, i have ppoe over vlan, and now what is the best option to repair it?
    Upgrade to 2.4.2dev? How ?  Before i can upgrade offline but now i not have the option, boot from USB 2.4.2dev and upgrade?  Repair my 2.4.1?? How? I don't understand very well what i need to have internet


Log in to reply