issues with xmlrpc sync after upgrade from 2.4.3 to 2.4.4-RELEASE-p2
-
After upgrade from from 2.4.3 to 2.4.4-RELEASE-p2 have issues with High Availability Sync enabled. On slave host all openvpn istances restarted when i adding/modifying/deleting users on master host.
While in sync settings checked only users and certs.
On master host openvpn instance not restarted when adding users.master log:
Jan 28 11:29:29 vpn-cc check_reload_status: Syncing firewall Jan 28 11:29:29 vpn-cc php-fpm: Local User Database: Successfully created user test-user-4test Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: Beginning XMLRPC sync data to http://192.168.33.241:80/xmlrpc.php. Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: XMLRPC reload data success with http://192.168.33.241:80/xmlrpc.php (pfsense.host_firmware_version). Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: XMLRPC versioncheck: 18.9 -- 18.9 Jan 28 11:29:30 vpn-cc php-fpm: /rc.filter_synchronize: Beginning XMLRPC sync data to http://192.168.33.241:80/xmlrpc.php. Jan 28 11:29:40 vpn-cc php-fpm: /rc.filter_synchronize: XMLRPC reload data success with http://192.168.33.241:80/xmlrpc.php (pfsense.restore_config_section).
Slave log:
Jan 28 11:29:36 pfSense check_reload_status: Syncing firewall Jan 28 11:29:36 pfSense php-fpm: /xmlrpc.php: Adding user: test-user-4test Jan 28 11:29:36 pfSense check_reload_status: Syncing firewall Jan 28 11:29:36 pfSense check_reload_status: Reloading filter Jan 28 11:29:36 pfSense php-fpm: /xmlrpc.php: Resyncing OpenVPN instances. Jan 28 11:29:37 pfSense php-fpm: OpenVPN terminate old pid: 50400 Jan 28 11:29:37 pfSense kernel: ovpns1: link state changed to DOWN Jan 28 11:29:37 pfSense check_reload_status: Reloading filter Jan 28 11:29:37 pfSense kernel: ovpns1: link state changed to UP Jan 28 11:29:37 pfSense php-fpm: OpenVPN PID written: 22234 Jan 28 11:29:37 pfSense check_reload_status: rc.newwanip starting ovpns1 Jan 28 11:29:37 pfSense php-fpm: OpenVPN terminate old pid: 92052 Jan 28 11:29:37 pfSense kernel: ovpns2: link state changed to DOWN Jan 28 11:29:38 pfSense kernel: ovpns2: link state changed to UP Jan 28 11:29:38 pfSense php-fpm: OpenVPN PID written: 62348 Jan 28 11:29:38 pfSense check_reload_status: rc.newwanip starting ovpns2 Jan 28 11:29:38 pfSense php-fpm: OpenVPN terminate old pid: 23573 Jan 28 11:29:38 pfSense kernel: ovpns3: link state changed to DOWN Jan 28 11:29:38 pfSense kernel: ovpns3: link state changed to UP Jan 28 11:29:38 pfSense php-fpm: OpenVPN PID written: 92545 Jan 28 11:29:38 pfSense check_reload_status: Reloading filter Jan 28 11:29:38 pfSense check_reload_status: rc.newwanip starting ovpns3 Jan 28 11:29:38 pfSense php-fpm: OpenVPN terminate old pid: 52551 Jan 28 11:29:38 pfSense kernel: ovpns4: link state changed to DOWN Jan 28 11:29:38 pfSense php-fpm: /rc.newwanip: rc.newwanip: Info: starting on ovpns1. Jan 28 11:29:38 pfSense php-fpm: /rc.newwanip: rc.newwanip: on (IP address: 172.16.37.1) (interface: []) (real interface: ovpns1). Jan 28 11:29:38 pfSense php-fpm: /rc.newwanip: rc.newwanip called with empty interface. Jan 28 11:29:38 pfSense check_reload_status: Reloading filter ----------SNIP------------ Jan 28 11:29:48 pfSense check_reload_status: Starting packages Jan 28 11:29:48 pfSense php-fpm: /rc.start_packages: Skipping STARTing packages process because previous/another instance is already running Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: Info: starting on ovpns5. Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: on (IP address: 172.16.34.1) (interface: []) (real interface: ovpns5). Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip called with empty interface. Jan 28 11:29:49 pfSense check_reload_status: Reloading filter Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - -> 172.16.34.1 - Restarting packages. Jan 28 11:29:49 pfSense check_reload_status: Starting packages Jan 28 11:29:49 pfSense php-fpm: /rc.start_packages: Skipping STARTing packages process because previous/another instance is already running Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: Info: starting on ovpns6. Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip: on (IP address: 172.16.35.1) (interface: []) (real interface: ovpns6). Jan 28 11:29:49 pfSense php-fpm: /rc.newwanip: rc.newwanip called with empty interface. Jan 28 11:29:49 pfSense check_reload_status: Reloading filter
slave log https://pastebin.com/vCy2mN38
In version 2.4.3 openvpn not restarting when adding/modifying/deleting users...
-
anyone?
-
I have the same issue, last week i upgraded to 2.4.4-p2 from 2.4.4 on both my nodes but master now warns
"A communications error occurred while attempting to call XMLRPC method restore_config_section"I tried to uninstall/test/reinstall pfblocker and snort without success.
Removing both services reports same XMLRPC error.
Changing pf rules on master replicate as usual on backup
Changing pfblocker rules on master does not replicate on backupAt the back i have several years of working HA since pfsense 1.2.3 and no conf changes has been made since then.
I think is a 2.4.4-p2 specific issue because i also had for weeks a well synced 2.4.4 with a 2.4.4-p1.Any idea?