Lost Lagg0 interface on XG-7100 when restoring configuration
I've managed to restore a config from my old Optiplex router on my new XG-7100-1U. And now running into the next issue;
The configuration restore will completely overwrite all interface configurations. This results in an XG-7100 that only sees it's ix0-3 interfaces and now has some 'dummy' interfaces re0, re1 and em0 with serveral VLANs as that was the configuration of it's predecessor. I've done the restore with the "Preserve switch configuration." option checked.
After restore the lagg0 interface however is completely gone!? I can't even restore it from the console now anymore. Only option is to do a factory reset.
I was hoping to be able to restore the config and fiddle around reassign interfaces but this leaves me in quite a deadlock. I have quite a config which I really don't want to setup manually again. What would be the best way to tackle this?
Gertjan last edited by Gertjan
Before you import your config back in, delete manually the entire <interface> section.
None off the mention interface names exist on your new device.
And keep in mind that firewall rules <filter> have all references these non-existent <interface> descriptions. You could change them in place.
Use an xml editor, or something like notepad++.
Or, after installing, define interface and firewall rules first by hand. Then proceed with a partial import.
Backup and import works great, as long as you do this on the same device, or identical device with same hardware.
It's like Windows : you can't clone a registry file from one PC to another : that will fail.
I managed to restore things though a different route.
The first time I restored the configuration the appliance rebooted immediately leaving me in a deadlock situation. I tried it again, first restoring only doing a partial restore of the VLAN's and then restoring the full configuration. It then didn't reboot but signaled "Interface mismatch detected. Please resolve the mismatch, save and then click 'Apply Changes'. The firewall will reboot afterwards.".
The lagg0 interface is still gone but I could restore it using the web interface creating a new LAGG, lagg1 (aparently it still knows about lagg0...). All the VLANs still pointed to a non-exsisting em0 interface, moved those to xi0 which was the desired interface. I added VLAN 4090 and 4091 on lagg1 to keep the LAN interface working and present, I luckilly didn't use it before.
Added an OPT interface for lagg1.4091 which I re-assigned the IP though which I was configuring.
Looking back, the route that Gertjan suggests might probably be easier.
Now the question I ask myself is do I leave it like this or do it one more time....
Gertjan last edited by
leaving me in a deadlock situation.
Keep in mind that you should always have access to the "Console" (using the dedicated cable). That one will never fail, even if all interface are down.
The Console is a fallback I know, unfortunately not all functionality is present there.
My method didn't completely succeed so I tried the route @Gertjan suggested. Remove the
<interfaces>section from the XML and restore that.
Still a huge mess; lagg0, again, is gone. I managed to use the web interface for a few minutes after the restore but now it doesn't respond to the IP anymore. I now ended up with no interfaces at all anymore. The "Assign interface" though the console is completly lost since it shows ix0-3 and the em0.vlan interfaces.
Trying to assign an IP to ix0 to get back to the web interface at least so that I can restore the lagg interface.
Quite a mess.
ASlatius last edited by ASlatius
I managed to gain access by assigning an IP to ix1 and accessing the web interface. I could recreate the LAGG interface which is surprisingly named lagg0 again. Now setting up all VLANs on both the switch and in pfSense and reassigning all interfaces. It's still quite messy and I continuously run into issues. Silly things like DHCP server bound to an interface which now has a scope which is different from before and therefore refusing configuration to be saved.
Anyhow, I got the entire configuration imported which makes me somewhat happy. Especially the user certificates for VPN which you could only get imported using a full restore.
A proper migration tool would be very welcome.
Gertjan last edited by
Especially the user certificates for VPN which you could only get imported using a full restore.
Yep, You're right. Certificates are a none or all thing.
It's usually easier to manually edit the config so it can be imported directly for the XG-7100. That means adding the switch, vlans and laggs sections from the default install and modifying to suit the number of interfaces present. Then renaming the interfaces lagg0.4090 etc.
We can help with that if you open a support ticket for suture reference.
Thanks for the offer. I managed to get things setup again by now, planning for migration.
I still feel it would be possible to automate this in the interface. It's a rather simple search/replace throughout the config of (ie) 'lan'>'opt1', 'opt7'>'opt11', etc. Make the user prepare the interfaces on a 'blank' install, then run the import and offer the user the possibility to do some mapping of the imported config. But perhaps I'm overlooking things of course.
We are working on it! But things get significantly more complex if the existing config already has vlans or laggs for example.
Then there's the switch config, you might set it as 8 separate ports but some users don't want that. There are many combinations. A compromise will be reached.