pfSense Plus and SG-3100
-
@oldmanniko said in pfSense Plus and SG-3100:
@mr_aj So far so good for me, 3 hrs in on a single cpu.
All is well with this quick fix. Thanks!
-
Good to hear.
We think we have found the root cause of this and will be testing fixes imminently.
Technical details here for those who may be interested:
https://reviews.freebsd.org/D28821Steve
-
@artooro Thanks. That is what I did.
-
@stephenw10
Is there a possibility to 'upgrade´ from the 21.02 to the new one without having to downgrade first? I am experiencing the problem, as in not being able to retrieve any packages. Or is the only way to do a downgrade first and then upgrade later? Can I export my settings from my current 21.02 one and import them again when I upgrade?Thanks for your guys work on this. Much appreciated
-
Yes, I expect it to be 21.02_1 or similar when made available. You should be able to upgrade to it from either 2.4.5p1 or 21.02.
Yes, the config version will be the same but you can always import an older config into a newer pfSense version anyway. You will be able to here.Steve
-
@stephenw10
Does that mean that the url mentioned earlier in this thread will be up and running? -
The pkg server? Yes, it will be. When it's available the update should show on the dashboard like any previous update.
Steve
-
@stephenw10 said in pfSense Plus and SG-3100:
You can disable one CPU core and it will avoid ever hitting the lock. Obviously performance will be reduced but that may not be an issue for a lot of use cases. Run:
echo hw.ncpu=1 >> /boot/loader.conf.local
Then reboot.
Remove or comment out that line later after this is fixed.
Steve
i went to diagnostics > command prompt and ran the command. got the green success screen i guess you call it and then rebooted
after a reboot when i go to diagnostics > edit file > open loader.conf nothing has changed.
do you have to use the console or SSH for this to complete? -
It doesn't add it to loader.conf which might get overwritten.
/boot/loader.conf.local
-
I really appreciate the effort to root cause this, and for the easy workaround -- thank you!
What is the typical turn-around for pushing out a hotfix like this, if nothing goes wrong during testing? I've been holding-off on downgrading to 2.4.5 thinking a fix may be landing soon.
I put in the ncpu work-around after the bug started disrupting work meetings and online schooling, but it does cause the WAN bandwidth to max out at ~650Mbps.
-
Very soon.
We are testing new images now. I've been hammering the SG-3100 with traffic that easily triggered this before and it seems solid so far.Steve
-
New version for SG-3100 is out and I see it available for download. Will be happy to have multicore back.
-
Curious if anyone has attempted the update yet. Any results?
-
The update "bricked" (strong word - trying to get in via serial console right now - all three lights flashing ominously on the front), so please be careful installing this update unless you have your serial console cable ready and a few hours to troubleshoot.
My update started an hour ago, and I'm just now getting things set-up to see what's wrong.
Buyer beware. Caveat emptor. YMMV. I'm connected directly to my cable modem and hopefully that won't be the case for much longer.
Monitoring this thread to see if anyone else has the issue with the hotfix.
-
@nokkief I'm a glutton for punishment I suppose. I installed the new version 2 hrs ago. No issues yet.
-
@nokkief yes, and the system was unresponsive with blue lights pulsing on front until I power cycled after about an hour.
Logs indicate it processed the patch and initiated a reboot but seems to never actually rebooted.Seems ok after the power cycle
-
I didn't try yet, opened a ticket at go.netgate.com to request the firmware, but it's not available yet.
The only available path to p1 is through the upgrade mechanism on your firewall at this time..I want to perform a clean install.
After installing, and setting up interfaces and switch confiig, I'll restore aliases, firewall rules, dhcp mappings, all from my previous xml saved config.
After that, manually set up the certs and configure acme, pfblocker and etc.. -
The 40+ year Unix administrator in me decided to get the serial console hooked up before doing anything else. It was responding/repeating characters, but that's it. Figured after an hour of blinky-flashing lights, it was probably safe to power cycle. I worry a lot about power cycling in the middle of an update...can actually ruin/brick things, especially if an EEPROM is being written to, or whatever.
But yes, power cycled with the console connected, watched it boot, came up fine.
I need to remind myself NOT to do this upgrades during the middle of the work day.
Netgear support: I created a ticket via email. If you'd like to check my router's logs to find out what happened, I'd be more than happy to open things up for you to investigate. Sounds like I wasn't the only person with a "blinking light" issue post-install.
-
Also, I just want to say "thank you Netgate!" for including a working/tested serial console cable inside the SG-3100 box.
I had given away ALL of my Mini-USB cables and was frantically searching for one (out of hundreds of cables), and then I thought to check the box. Whew!
-
Also, for folks who used this workaround, don't forget to remove the "hw.ncpu=1" entry in your /boot/loader.conf.local file after successfully upgrading to the hotfix version.