Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem with remove VLAN interface

    TNSR Feedback
    2
    4
    1.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      network-admin
      last edited by

      Hi guys,

      please help me with this problem.

      I have previously created a sub interface with VLAN 777, but instead of the dot1q 777 command I entered outer-dot1q 777 by mistake and now I just want to fix it.

      If I enter the interface settings subif S2_WAN_1 777 and enter no outer-dot1q 777 and then dot1q 777 and leave the exit, the change will not take effect. Commit candidate db doesn't help either.

      If I wanted to list the interface, S2_WAN_1.777 is no longer among them, but there is still a configuration in the running database that prevents editing or removing subinterfaces:

      localhost tnsr# show interface link
Interface: S2_LAN_1
    Admin status: up
    Link up, link-speed 10 Gbps, full duplex
    Link MTU: 1500 bytes

Interface: S2_LAN_2
    Admin status: up
    Link down, full duplex
    Link MTU: 1500 bytes

Interface: S2_WAN_1
    Admin status: up
    Link up, link-speed 10 Gbps, unknown duplex
    Link MTU: 1500 bytes

Interface: S2_WAN_2
    Admin status: up
    Link down, full duplex
    Link MTU: 1500 bytes

      If I want to remove subinterface via command no interface subif S2_WAN_1 777 then it will print error: Must delete interface S2_WAN_1.777 configuration before deleting subif

      Yes, I would like that, but the S2_WAN_1.777 interface settings cannot be accessed because they no longer exist in the system. I think it's a bug.

      I enclose below the current list of running db, where you can see the configuration of the S2_WAN_1.777 interface, which does not exist. This seems to indicate an inconsistency.

      It keeps me from getting the system into production and testing, which is a condition for me to buy paid licenses.

      Thank you in advance for your help.

      Concluding question: Is it possible to reset the TNSR settings to the factory settings?

      localhost tnsr# show configuration running cli

      nacm enable
nacm read-default deny
nacm write-default deny
nacm exec-default deny
nacm group admin
    member root
    member tnsr
exit
nacm rule-list admin-rules
    group admin
    rule permit-all
        module *
        access-operations "*"
        action permit
    exit
exit

dataplane ethernet default-mtu 1500
dataplane dpdk dev 0000:02:00.1 network
dataplane dpdk dev 0000:02:00.2 network
dataplane dpdk dev 0000:02:00.3 network
dataplane dpdk dev 0000:05:00.0 network name S2_WAN_1
dataplane dpdk dev 0000:05:00.1 network name S2_LAN_1
dataplane dpdk dev 0000:08:00.0 network name S2_WAN_2
dataplane dpdk dev 0000:08:00.1 network name S2_LAN_2
dataplane dpdk uio-driver igb_uio
dataplane buffers buffers-per-numa 32768
dataplane statseg heap-size 96M


nat global-options nat44 enabled false

interface subif S2_WAN_1 777
    exact-match
    outer-dot1q 777
exit

interface S2_LAN_1
    enable
exit
interface S2_LAN_2
    enable
exit
interface S2_WAN_1
    enable
exit
interface S2_WAN_1.777
    enable
    ip address 172.16.7.102/24
exit
interface S2_WAN_2
    enable
exit

nat ipfix logging domain 1
nat ipfix logging src-port 4739
nat nat64 map parameters
    security-check enable
exit

interface S2_LAN_1
exit
interface S2_LAN_2
exit
interface S2_WAN_1
exit
interface S2_WAN_1.777
exit
interface S2_WAN_2
exit

route dynamic manager
exit

route dynamic ospf6
exit

route dynamic bgp
    disable
exit

route dynamic ospf
exit

route dynamic rip
exit

dhcp4 server
    lease persist true
    lease lfc-interval 3600
    interface socket raw
exit

unbound server
    enable ip4
    enable tcp
    enable udp
    enable harden glue
    enable hide identity
    port outgoing range 4096
exit

snmp host disable

      Thank you and have a nice rest of the day.
      N.A.

      1 Reply Last reply Reply Quote 0
      • N
        network-admin
        last edited by

        Hi,

        I solved the problem by editing the file /var/tnsr/startup_db where I removed the unwanted configuration and restarted the server.

        I would be grateful for some correct procedure like doing this editing without having to restart the server - should be mentioned in the documentation as an emergency if the CLI does not want to do what it has to do and there is no logical reason to do so.

        Thank you.

        N.A.

        1 Reply Last reply Reply Quote 0
        • N
          network-admin
          last edited by

          So it's a little different. The outer-dot1q and dot1q commands overlap, and this is not in the documentation. One thinks that you entered it incorrectly because the configuration listing does not match the command you entered. You enter dot1q, but outer-dot1q appears in the configuration. So I just stayed unnecessarily.

          localhost tnsr(config-subif)#
  default               Default subinterface
  dot1q                 Outer dot1q VLAN
  exact-match           Use exact tag matching
  exit                  Leave config-subif mode
  help                  Help
  inner-dot1q           Inner dot1q VLAN
  no                    Delete
  outer-dot1ad          Outer VLAN is dot1ad
  outer-dot1q           Outer dot1q VLAN
  vlan                  VLAN
          DerelictD 1 Reply Last reply Reply Quote 0
          • N network-admin referenced this topic on
          • N network-admin referenced this topic on
          • N network-admin referenced this topic on
          • N network-admin referenced this topic on
          • DerelictD
            Derelict LAYER 8 Netgate @network-admin
            last edited by

            @network-admin outer-dot1q and dot1q are synonyms. The fact that show config run cli shows outer-dot1q is not an error.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.