Upgrade to 21.02-RELEASE borked on SG-3100
-
All, in case any of you have this problem, my SG-3100 got borked during the upgrade. The upgrade appeared to work perfectly, but internet connectivity was not working. I initially believed that the issue was DNS, since the service was no longer running, but even after reconfiguring DNS and renewing my leases, I was able to resolve addresses without issue but no internet access worked.
Reboots failed, reloading firewall rules failed, even after making some minor changes to be sure a new set was loaded.
I was able to SSH into the device and from there I could access all subnets and ping internet resources, but nothing in my LAN was able to speak to anything but the gateway device.
After a few hours of troubleshooting, I ran the pfSense General Setup Wizard again. After it was completed, everything just came back to life.
I have no idea if that was the fix, or if something coincidentally started working, but if you are stuck like I was, try the General Setup under "System".
pfSense, please fix this in future versions. I am terrified to upgrade my device. This is the first time I've done it and I thought my device was bricked.
-
Yah I just had a similar issue. My upgrade went fine earlier, but a few minutes ago my internet completely went down, and the only way to fix it is to hard restart the device. My devices all show no internet access. I cant even load the web UI.
I reported this issue back when I was testing 2.5, and it appears its still there in 21.06.
All interfaces still show ipv4/ipv6 addresses. It feels like routes are falling out of the routing table completely.
-
I just did the update (like an idiot) on the SG-3100 and everything went fine as @rsherwood_va and @behemyth both said but after a few mins the GUI was unresponsive, I couldn't ping it and everything died. I had to hard reset it a few times and it seems to be stable now for about ~10 mins. If it dies again, I'll try the General Setup Wizard or probably just request the 2.4.5 image from Netgate and roll it back. I have to work tomorrow so I'm not too impressed right now.
-
Exactly the Issue Im having on my SG-3100 yesterday after the update. Got some weird logs which looking unrelated.
Everything was looking "normal" I can ping internet address from the Diagnose>Ping but not from LAN or any VLAN. Seems like all packages coming from the interfaces are suddenly discarded without any log / notice.
Port error and collision counters still 0, package counter is increasing so it "physically" receive packages but then it seems to drop all of them. Only thing what helps is a reboot.
Posted some more Infos here:
/topic/160959/21-02-sudden-lockup/ -
Hello,
I have the same problem after the upgrade.
I have reboot many time and I have the problem yet.
During 10mn arrount the system is ok and after these is a crash and the DHCP lost all and change all the ip address on the different devices...
When I can connect on the PFSense dashboard, I can see all the parameters are ok like in the previous version...
I don't understand.
I will try to degrese the version. -
Just a quick morning update. It’s been 6 hrs and still stable, I don’t know how but I’ll take it. I will request 2.4.5p1 image today just in case.
-
Another update, dead after 7 hrs. Another hard reset and request for 2.4.5p1 download link. Will roll back until this is resolved.
-
Another fail here on a 2.45 to 21.02 upgrade.
Looked like the upgrade worked but failed to reboot.
Waited for over 30 minutes and tried a hard power cycle and ... nothing just 3 blue flashing lights. -
I couldn't take it anymore, I have to work so I did a downgrade and reinstalled my config. All good on 2.4.5p1 again!
-
@nonvtec
Thanks, I'm trying to submit a ticket right now. -
For what it's worth, I updated my SG-3100 this afternoon and everything went smooth.
The only issue was that for maybe 5 minutes, it was giving an error on checking for the update server or something like that. It went away on it's own.
-
I've upgraded my SG-3100 yesterday evening. I never had a respons from the SG-3100 anymore.
This morning i saw three blue leds slowly blinking in sync.
I pulled the power plug. The firewall restarted and finnished the setup. Till now, everything works with only one remark. Snort doesn't startup anymore. Tonight i'm gonna remove the snort package and do a clean install of it. -
Well, I was up and running on 21.02 for about 3 hours, when the network went down again.
The SG-3100 had locked up. (this after a clean install no PFblocker-ng installed or SNORT)Power Cycle brought everything back online but for how long?
We shall see. -
Error during upgrade to 21.02
pkg-static: https://files01.netgate.com/pkg/pfSense_plus-v21_02_armv7-pfSense_plus-v21_02/All/libdaemon-0.14_1.txz: No route to host Failed
Did a DNS look up on files01.netgate.com = 162.208.119.40
Looked in the firewall log for any blockage and there was only allows. Nothing blocking
I started a pack capture on the Netgate SG-3100 (unlimited full frame) and re-ran the update and stopped the trace after it failed.
I searched for the IP address and this is what I see:
This look like netgate is blocking the traffic. Maybe we are hitting a limit or something. Before this point I was able to have full on two way TCP/TSL traffic with this IP.
-
Same here SG-3100 upgraded to 21.02-RELEASE (arm)
After a while throughout today the GUI was unresponsive, both ethernet AND wireless clients are unable to even ping pfsense router ip address, all LED's look normal and after powering off the router and it comes back all is working 3-4 times today already.
Does anyone know how to force a downgrade back to 2.4?
-
@sabennett Having similar problems with a 3100. Thanks for opening a ticket.
-
@softcoder Information on a downgrade is here:
https://docs.netgate.com/pfsense/en/latest/solutions/sg-3100/reinstall-pfsense.html -
I have the same issue with my SG-3100:
-upgraded fine to 21.02 and all look good at first then it hang/froze no DHCP no DNS and no response from the GUI the only way to get it back was to unplug it and plug it back, then it froze again after 1 hr then again after 3 hrs (just normal usage) there is no info on the System Logs that points to what hang it just register the bootupI will downgrade too.
-
All this Update makes me a bit frustrated. It's one point why I choose to buy original netgate appliances instead of build your own. I hoped at least for their own build Products they do a very intense test before rolling out a backup.
No Question you cant forseen everything but if you read through the forum how many have trouble it seems like a bad release / quality control.
Hope they will find the issue and take some learnings.
For my upgraded testing SG-3100 it's not important, it is a non live LAB system but until this one is rock solid stable I will not start rolling out CPE Upgrades :)
-
@solarizde My system has now been running for 21h after failing about 10x at random 5m-6h intervals. Probably not related, but the only difference is that USB console is connected for debug purposes...