4. issues with xmlrpc sync after upgrade from 2.4.3 to 2.4.4-RELEASE-p2

issues with xmlrpc sync after upgrade from 2.4.3 to 2.4.4-RELEASE-p2

  • Z

    After upgrade from from 2.4.3 to 2.4.4-RELEASE-p2 have issues with High Availability Sync enabled. On slave host all openvpn istances restarted when i adding/modifying/deleting users on master host.
    While in sync settings checked only users and certs.
    0_1548677977834_ae669686-9d6a-426b-8c56-cb7e55921ba7-image.png
    On master host openvpn instance not restarted when adding users.

    master log:

    Jan 28 11:29:29 vpn-cc check_reload_status: Syncing firewall
Jan 28 11:29:29 vpn-cc php-fpm: Local User Database: Successfully created user test-user-4test
Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: Beginning XMLRPC sync data to http://192.168.33.241:80/xmlrpc.php.
Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: XMLRPC reload data success with http://192.168.33.241:80/xmlrpc.php (pfsense.host_firmware_version).
Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: XMLRPC versioncheck: 18.9 -- 18.9
Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: Beginning XMLRPC sync data to http://192.168.33.241:80/xmlrpc.php.
Jan 28 11:29:40 vpn-cc php-fpm: /rc.filter_synchronize: XMLRPC reload data success with http://192.168.33.241:80/xmlrpc.php (pfsense.restore_config_section).

    Slave log:

    Jan 28 11:29:36 pfSense check_reload_status: Syncing firewall
Jan 28 11:29:36 pfSense php-fpm: /xmlrpc.php: Adding user: test-user-4test
Jan 28 11:29:36 pfSense check_reload_status: Syncing firewall
Jan 28 11:29:36 pfSense check_reload_status: Reloading filter
Jan 28 11:29:36 pfSense php-fpm: /xmlrpc.php: Resyncing OpenVPN instances.
Jan 28 11:29:37 pfSense php-fpm: OpenVPN terminate old pid: 50400
Jan 28 11:29:37 pfSense kernel: ovpns1: link state changed to DOWN
Jan 28 11:29:37 pfSense check_reload_status: Reloading filter
Jan 28 11:29:37 pfSense kernel: ovpns1: link state changed to UP
Jan 28 11:29:37 pfSense php-fpm: OpenVPN PID written: 22234
Jan 28 11:29:37 pfSense check_reload_status: rc.newwanip starting ovpns1
Jan 28 11:29:37 pfSense php-fpm: OpenVPN terminate old pid: 92052
Jan 28 11:29:37 pfSense kernel: ovpns2: link state changed to DOWN
Jan 28 11:29:38 pfSense kernel: ovpns2: link state changed to UP
Jan 28 11:29:38 pfSense php-fpm: OpenVPN PID written: 62348
Jan 28 11:29:38 pfSense check_reload_status: rc.newwanip starting ovpns2
Jan 28 11:29:38 pfSense php-fpm: OpenVPN terminate old pid: 23573
Jan 28 11:29:38 pfSense kernel: ovpns3: link state changed to DOWN
Jan 28 11:29:38 pfSense kernel: ovpns3: link state changed to UP
Jan 28 11:29:38 pfSense php-fpm: OpenVPN PID written: 92545
Jan 28 11:29:38 pfSense check_reload_status: Reloading filter
Jan 28 11:29:38 pfSense check_reload_status: rc.newwanip starting ovpns3
Jan 28 11:29:38 pfSense php-fpm: OpenVPN terminate old pid: 52551
Jan 28 11:29:38 pfSense kernel: ovpns4: link state changed to DOWN
Jan 28 11:29:38 pfSense php-fpm: /rc.newwanip: rc.newwanip: Info: starting on ovpns1.
Jan 28 11:29:38 pfSense php-fpm: /rc.newwanip: rc.newwanip: on (IP address: 172.16.37.1) (interface: []) (real interface: ovpns1).
Jan 28 11:29:38 pfSense php-fpm: /rc.newwanip: rc.newwanip called with empty interface.
Jan 28 11:29:38 pfSense check_reload_status: Reloading filter
----------SNIP------------
Jan 28 11:29:48 pfSense check_reload_status: Starting packages
Jan 28 11:29:48 pfSense php-fpm: /rc.start_packages: Skipping STARTing packages process because previous/another instance is already running
Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: Info: starting on ovpns5.
Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: on (IP address: 172.16.34.1) (interface: []) (real interface: ovpns5).
Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip called with empty interface.
Jan 28 11:29:49 pfSense check_reload_status: Reloading filter
Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection -  ->  172.16.34.1 - Restarting packages.
Jan 28 11:29:49 pfSense check_reload_status: Starting packages
Jan 28 11:29:49 pfSense php-fpm: /rc.start_packages: Skipping STARTing packages process because previous/another instance is already running
Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: Info: starting on ovpns6.
Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: on (IP address: 172.16.35.1) (interface: []) (real interface: ovpns6).
Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip called with empty interface.
Jan 28 11:29:49 pfSense check_reload_status: Reloading filter

    slave log https://pastebin.com/vCy2mN38

    In version 2.4.3 openvpn not restarting when adding/modifying/deleting users...

    0
  • Z

    anyone?

    0
  • N

    I have the same issue, last week i upgraded to 2.4.4-p2 from 2.4.4 on both my nodes but master now warns
    "A communications error occurred while attempting to call XMLRPC method restore_config_section"

    I tried to uninstall/test/reinstall pfblocker and snort without success.
    Removing both services reports same XMLRPC error.
    Changing pf rules on master replicate as usual on backup
    Changing pfblocker rules on master does not replicate on backup

    At the back i have several years of working HA since pfsense 1.2.3 and no conf changes has been made since then.
    I think is a 2.4.4-p2 specific issue because i also had for weeks a well synced 2.4.4 with a 2.4.4-p1.

    Any idea?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy