Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    issues with xmlrpc sync after upgrade from 2.4.3 to 2.4.4-RELEASE-p2

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    3 Posts 2 Posters 574 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      zzanuda
      last edited by zzanuda

      After upgrade from from 2.4.3 to 2.4.4-RELEASE-p2 have issues with High Availability Sync enabled. On slave host all openvpn istances restarted when i adding/modifying/deleting users on master host.
      While in sync settings checked only users and certs.
      0_1548677977834_ae669686-9d6a-426b-8c56-cb7e55921ba7-image.png
      On master host openvpn instance not restarted when adding users.

      master log:

      Jan 28 11:29:29 vpn-cc check_reload_status: Syncing firewall
      Jan 28 11:29:29 vpn-cc php-fpm: Local User Database: Successfully created user test-user-4test
      Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: Beginning XMLRPC sync data to http://192.168.33.241:80/xmlrpc.php.
      Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: XMLRPC reload data success with http://192.168.33.241:80/xmlrpc.php (pfsense.host_firmware_version).
      Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: XMLRPC versioncheck: 18.9 -- 18.9
      Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: Beginning XMLRPC sync data to http://192.168.33.241:80/xmlrpc.php.
      Jan 28 11:29:40 vpn-cc php-fpm: /rc.filter_synchronize: XMLRPC reload data success with http://192.168.33.241:80/xmlrpc.php (pfsense.restore_config_section).
      

      Slave log:

      Jan 28 11:29:36 pfSense check_reload_status: Syncing firewall
      Jan 28 11:29:36 pfSense php-fpm: /xmlrpc.php: Adding user: test-user-4test
      Jan 28 11:29:36 pfSense check_reload_status: Syncing firewall
      Jan 28 11:29:36 pfSense check_reload_status: Reloading filter
      Jan 28 11:29:36 pfSense php-fpm: /xmlrpc.php: Resyncing OpenVPN instances.
      Jan 28 11:29:37 pfSense php-fpm: OpenVPN terminate old pid: 50400
      Jan 28 11:29:37 pfSense kernel: ovpns1: link state changed to DOWN
      Jan 28 11:29:37 pfSense check_reload_status: Reloading filter
      Jan 28 11:29:37 pfSense kernel: ovpns1: link state changed to UP
      Jan 28 11:29:37 pfSense php-fpm: OpenVPN PID written: 22234
      Jan 28 11:29:37 pfSense check_reload_status: rc.newwanip starting ovpns1
      Jan 28 11:29:37 pfSense php-fpm: OpenVPN terminate old pid: 92052
      Jan 28 11:29:37 pfSense kernel: ovpns2: link state changed to DOWN
      Jan 28 11:29:38 pfSense kernel: ovpns2: link state changed to UP
      Jan 28 11:29:38 pfSense php-fpm: OpenVPN PID written: 62348
      Jan 28 11:29:38 pfSense check_reload_status: rc.newwanip starting ovpns2
      Jan 28 11:29:38 pfSense php-fpm: OpenVPN terminate old pid: 23573
      Jan 28 11:29:38 pfSense kernel: ovpns3: link state changed to DOWN
      Jan 28 11:29:38 pfSense kernel: ovpns3: link state changed to UP
      Jan 28 11:29:38 pfSense php-fpm: OpenVPN PID written: 92545
      Jan 28 11:29:38 pfSense check_reload_status: Reloading filter
      Jan 28 11:29:38 pfSense check_reload_status: rc.newwanip starting ovpns3
      Jan 28 11:29:38 pfSense php-fpm: OpenVPN terminate old pid: 52551
      Jan 28 11:29:38 pfSense kernel: ovpns4: link state changed to DOWN
      Jan 28 11:29:38 pfSense php-fpm: /rc.newwanip: rc.newwanip: Info: starting on ovpns1.
      Jan 28 11:29:38 pfSense php-fpm: /rc.newwanip: rc.newwanip: on (IP address: 172.16.37.1) (interface: []) (real interface: ovpns1).
      Jan 28 11:29:38 pfSense php-fpm: /rc.newwanip: rc.newwanip called with empty interface.
      Jan 28 11:29:38 pfSense check_reload_status: Reloading filter
      ----------SNIP------------
      Jan 28 11:29:48 pfSense check_reload_status: Starting packages
      Jan 28 11:29:48 pfSense php-fpm: /rc.start_packages: Skipping STARTing packages process because previous/another instance is already running
      Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: Info: starting on ovpns5.
      Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: on (IP address: 172.16.34.1) (interface: []) (real interface: ovpns5).
      Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip called with empty interface.
      Jan 28 11:29:49 pfSense check_reload_status: Reloading filter
      Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection -  ->  172.16.34.1 - Restarting packages.
      Jan 28 11:29:49 pfSense check_reload_status: Starting packages
      Jan 28 11:29:49 pfSense php-fpm: /rc.start_packages: Skipping STARTing packages process because previous/another instance is already running
      Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: Info: starting on ovpns6.
      Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: on (IP address: 172.16.35.1) (interface: []) (real interface: ovpns6).
      Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip called with empty interface.
      Jan 28 11:29:49 pfSense check_reload_status: Reloading filter
      

      slave log https://pastebin.com/vCy2mN38

      In version 2.4.3 openvpn not restarting when adding/modifying/deleting users...

      1 Reply Last reply Reply Quote 0
      • Z
        zzanuda
        last edited by

        anyone?

        1 Reply Last reply Reply Quote 0
        • N
          nagaraja
          last edited by

          I have the same issue, last week i upgraded to 2.4.4-p2 from 2.4.4 on both my nodes but master now warns
          "A communications error occurred while attempting to call XMLRPC method restore_config_section"

          I tried to uninstall/test/reinstall pfblocker and snort without success.
          Removing both services reports same XMLRPC error.
          Changing pf rules on master replicate as usual on backup
          Changing pfblocker rules on master does not replicate on backup

          At the back i have several years of working HA since pfsense 1.2.3 and no conf changes has been made since then.
          I think is a 2.4.4-p2 specific issue because i also had for weeks a well synced 2.4.4 with a 2.4.4-p1.

          Any idea?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.