Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Problem with remove VLAN interface

    Feedback
    2
    4
    604
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      network-admin last edited by

      Hi guys,

      please help me with this problem.

      I have previously created a sub interface with VLAN 777, but instead of the dot1q 777 command I entered outer-dot1q 777 by mistake and now I just want to fix it.

      If I enter the interface settings subif S2_WAN_1 777 and enter no outer-dot1q 777 and then dot1q 777 and leave the exit, the change will not take effect. Commit candidate db doesn't help either.

      If I wanted to list the interface, S2_WAN_1.777 is no longer among them, but there is still a configuration in the running database that prevents editing or removing subinterfaces:

      localhost tnsr# show interface link
      Interface: S2_LAN_1
          Admin status: up
          Link up, link-speed 10 Gbps, full duplex
          Link MTU: 1500 bytes
      
      Interface: S2_LAN_2
          Admin status: up
          Link down, full duplex
          Link MTU: 1500 bytes
      
      Interface: S2_WAN_1
          Admin status: up
          Link up, link-speed 10 Gbps, unknown duplex
          Link MTU: 1500 bytes
      
      Interface: S2_WAN_2
          Admin status: up
          Link down, full duplex
          Link MTU: 1500 bytes
      

      If I want to remove subinterface via command no interface subif S2_WAN_1 777 then it will print error: Must delete interface S2_WAN_1.777 configuration before deleting subif

      Yes, I would like that, but the S2_WAN_1.777 interface settings cannot be accessed because they no longer exist in the system. I think it's a bug.

      I enclose below the current list of running db, where you can see the configuration of the S2_WAN_1.777 interface, which does not exist. This seems to indicate an inconsistency.

      It keeps me from getting the system into production and testing, which is a condition for me to buy paid licenses.

      Thank you in advance for your help.

      Concluding question: Is it possible to reset the TNSR settings to the factory settings?

      localhost tnsr# show configuration running cli

      nacm enable
      nacm read-default deny
      nacm write-default deny
      nacm exec-default deny
      nacm group admin
          member root
          member tnsr
      exit
      nacm rule-list admin-rules
          group admin
          rule permit-all
              module *
              access-operations "*"
              action permit
          exit
      exit
      
      dataplane ethernet default-mtu 1500
      dataplane dpdk dev 0000:02:00.1 network
      dataplane dpdk dev 0000:02:00.2 network
      dataplane dpdk dev 0000:02:00.3 network
      dataplane dpdk dev 0000:05:00.0 network name S2_WAN_1
      dataplane dpdk dev 0000:05:00.1 network name S2_LAN_1
      dataplane dpdk dev 0000:08:00.0 network name S2_WAN_2
      dataplane dpdk dev 0000:08:00.1 network name S2_LAN_2
      dataplane dpdk uio-driver igb_uio
      dataplane buffers buffers-per-numa 32768
      dataplane statseg heap-size 96M
      
      
      nat global-options nat44 enabled false
      
      interface subif S2_WAN_1 777
          exact-match
          outer-dot1q 777
      exit
      
      interface S2_LAN_1
          enable
      exit
      interface S2_LAN_2
          enable
      exit
      interface S2_WAN_1
          enable
      exit
      interface S2_WAN_1.777
          enable
          ip address 172.16.7.102/24
      exit
      interface S2_WAN_2
          enable
      exit
      
      nat ipfix logging domain 1
      nat ipfix logging src-port 4739
      nat nat64 map parameters
          security-check enable
      exit
      
      interface S2_LAN_1
      exit
      interface S2_LAN_2
      exit
      interface S2_WAN_1
      exit
      interface S2_WAN_1.777
      exit
      interface S2_WAN_2
      exit
      
      route dynamic manager
      exit
      
      route dynamic ospf6
      exit
      
      route dynamic bgp
          disable
      exit
      
      route dynamic ospf
      exit
      
      route dynamic rip
      exit
      
      dhcp4 server
          lease persist true
          lease lfc-interval 3600
          interface socket raw
      exit
      
      unbound server
          enable ip4
          enable tcp
          enable udp
          enable harden glue
          enable hide identity
          port outgoing range 4096
      exit
      
      snmp host disable
      

      Thank you and have a nice rest of the day.
      N.A.

      1 Reply Last reply Reply Quote 0
      • N
        network-admin last edited by

        Hi,

        I solved the problem by editing the file /var/tnsr/startup_db where I removed the unwanted configuration and restarted the server.

        I would be grateful for some correct procedure like doing this editing without having to restart the server - should be mentioned in the documentation as an emergency if the CLI does not want to do what it has to do and there is no logical reason to do so.

        Thank you.

        N.A.

        1 Reply Last reply Reply Quote 0
        • N
          network-admin last edited by

          So it's a little different. The outer-dot1q and dot1q commands overlap, and this is not in the documentation. One thinks that you entered it incorrectly because the configuration listing does not match the command you entered. You enter dot1q, but outer-dot1q appears in the configuration. So I just stayed unnecessarily.

          localhost tnsr(config-subif)#
            default               Default subinterface
            dot1q                 Outer dot1q VLAN
            exact-match           Use exact tag matching
            exit                  Leave config-subif mode
            help                  Help
            inner-dot1q           Inner dot1q VLAN
            no                    Delete
            outer-dot1ad          Outer VLAN is dot1ad
            outer-dot1q           Outer dot1q VLAN
            vlan                  VLAN
          
          
          Derelict 1 Reply Last reply Reply Quote 0
          • Referenced by  N network-admin 
          • Referenced by  N network-admin 
          • Referenced by  N network-admin 
          • Referenced by  N network-admin 
          • Derelict
            Derelict LAYER 8 Netgate @network-admin last edited by

            @network-admin outer-dot1q and dot1q are synonyms. The fact that show config run cli shows outer-dot1q is not an error.

            Chattanooga, Tennessee, USA
            The pfSense Book is free of charge!
            DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post