Unable to reassign network port

michmoor · Feb 5, 2023, 2:26 AM

Hello,
I may be missing an importent step but i am unable to reassign a network port.

The backdrop to this is that i am attempting to set up a LAGG.
I am following this document.
https://docs.netgate.com/pfsense/en/latest/recipes/migrate-assigned-lan-to-lagg.html

My LAGG0 is created by using an unassigned interface igc3.
I go to Interface > Assignments and take my currently assigned DMZ [igc2] and move it over to LAGG0, i click save and the screen refreshes and my DMZ interface is still assigned to igc2.

Interestingly enough while pfsense is trying to reassign the port, my entire DMZ network becomes unreachable. So it seems there is something happening in the background but then stops.

michmoor · Feb 5, 2023, 3:26 AM

@michmoor Something is wrong with my Interfaces configuration.
If i go under VLANs. I select an interface and change the description, the change is never shown.
See below.

I change the description.

The change is not reflected.

michmoor · Feb 5, 2023, 4:54 PM

Just really having a hard time re-assigning interfaces.
My ARP table shows that after i moved one of my interfaces over to another interface, the assignment still shows up incorrectly being mapped to the wrong physical interface.
This network should exist on igc1.15

rcoleman-netgate · Feb 5, 2023, 4:59 PM

@michmoor said in Unable to reassign network port:

This network should exist on igc1.15

It looks like the ARP table agrees and is showing it there. I am not sure where you are at with this post...

michmoor · Feb 5, 2023, 5:02 PM

@rcoleman-netgate I guess my confusion is why does interface assignments still shows it mapped to the physical interface igc2.

SteveITS · Feb 5, 2023, 5:42 PM

@michmoor You change only the description and the change is not saved? How about adding a dummy rule or separator, or other change? Wondering if your config isn’t saving.

The brute force way would be to edit the config file and restore.

michmoor · Feb 5, 2023, 6:21 PM

@steveits said in Unable to reassign network port:

You change only the description and the change is not saved?

Yep its not saving. Its really strange. There is something going on in the backend when these changes are done because when i check the system log there is a lot of activity. Its as though all interfaces do a soft restart. Connectivity on the LAN is never lost but modifications to vlan descriptions are never changed. I am on the 22.05 release.

michmoor · Feb 5, 2023, 6:54 PM

@steveits So took your advice and modified the config.xml. Ran the command

rm /tmp/config.cache

Afterward i see that the vlan description has changed. When i attempt to modify the vlan description through the GUI the changes do not stick. This is the only area throughout the pfsense configuration where i noticed there is a difficulty in having modifications changed. Something about Interfaces /Interface Assignments or Interfaces / VLANs

edit:
Every vlan description change causes the below issue.

stephenw10 · Feb 6, 2023, 1:02 AM

Sounds like you may be trying to apply something that's invalid. What change exactly are you trying to save.

michmoor · Feb 6, 2023, 1:02 AM

@stephenw10 Hey Stephen,
I got a redmine tracking this
https://redmine.pfsense.org/issues/13933

Something more is going on here. Im following the recipe on adding a LAGG. Thats how this all started. Anything that has to do with the interfaces [reassignment, vlans] does not save in the config. The only way to have my changes applied is by editing the config.xml directly.

michmoor · Feb 6, 2023, 2:41 PM

Unfortunately, the Redmine got rejected. That said, taking snippets of the config.xml can anyone spot an issue? This is easily reproducible issue on my side. Change a vlan tag description, network outage happens.

	<vlans>
		<vlan>
			<if>lagg0</if>
			<tag>14</tag>
			<pcp></pcp>
			<descr><![CDATA[Internet_Of_Things]]></descr>
			<vlanif>lagg0.14</vlanif>
		</vlan>
		<vlan>
			<if>lagg0</if>
			<tag>11</tag>
			<pcp></pcp>
			<descr><![CDATA[Guest]]></descr>
			<vlanif>lagg0.11</vlanif>
		</vlan>
		<vlan>
			<if>lagg0</if>
			<tag>15</tag>
			<pcp></pcp>
			<descr><![CDATA[DMZ]]></descr>
			<vlanif>lagg0.15</vlanif>
		</vlan>
		<vlan>
			<if>lagg0</if>
			<tag>17</tag>
			<pcp></pcp>
			<descr><![CDATA[WORK]]></descr>
			<vlanif>lagg0.17</vlanif>
		</vlan>
		<vlan>
			<if>lagg0</if>
			<tag>3</tag>
			<pcp></pcp>
			<descr><![CDATA[Storage]]></descr>
			<vlanif>lagg0.3</vlanif>
		</vlan>
		<vlan>
			<if>lagg0</if>
			<tag>23</tag>
			<pcp></pcp>
			<descr><![CDATA[KidsZone]]></descr>
			<vlanif>lagg0.23</vlanif>
		</vlan>
	</vlans>

<interfaces>
	<wan>
		<enable></enable>
		<if>ix3</if>
		<blockpriv></blockpriv>
		<blockbogons></blockbogons>
		<descr><![CDATA[WAN]]></descr>
		<alias-address></alias-address>
		<alias-subnet>32</alias-subnet>
		<spoofmac>00:e0:67:27:9d:78</spoofmac>
		<ipaddr>dhcp</ipaddr>
		<dhcphostname></dhcphostname>
		<dhcprejectfrom></dhcprejectfrom>
		<adv_dhcp_pt_timeout></adv_dhcp_pt_timeout>
		<adv_dhcp_pt_retry></adv_dhcp_pt_retry>
		<adv_dhcp_pt_select_timeout></adv_dhcp_pt_select_timeout>
		<adv_dhcp_pt_reboot></adv_dhcp_pt_reboot>
		<adv_dhcp_pt_backoff_cutoff></adv_dhcp_pt_backoff_cutoff>
		<adv_dhcp_pt_initial_interval></adv_dhcp_pt_initial_interval>
		<adv_dhcp_pt_values>SavedCfg</adv_dhcp_pt_values>
		<adv_dhcp_send_options></adv_dhcp_send_options>
		<adv_dhcp_request_options></adv_dhcp_request_options>
		<adv_dhcp_required_options></adv_dhcp_required_options>
		<adv_dhcp_option_modifiers></adv_dhcp_option_modifiers>
		<adv_dhcp_config_advanced></adv_dhcp_config_advanced>
		<adv_dhcp_config_file_override></adv_dhcp_config_file_override>
		<adv_dhcp_config_file_override_path></adv_dhcp_config_file_override_path>
	</wan>
	<lan>
		<enable></enable>
		<if>igc0</if>
		<descr><![CDATA[LAN]]></descr>
		<spoofmac></spoofmac>
		<ipaddr>192.168.50.254</ipaddr>
		<subnet>24</subnet>
		<ipaddrv6>track6</ipaddrv6>
		<track6-interface>wan</track6-interface>
		<track6-prefix-id>0</track6-prefix-id>
	</lan>
	<opt1>
		<descr><![CDATA[Sleepy_IoT_WLAN]]></descr>
		<if>lagg0.14</if>
		<spoofmac></spoofmac>
		<enable></enable>
		<ipaddr>192.168.14.254</ipaddr>
		<subnet>24</subnet>
	</opt1>
	<opt2>
		<descr><![CDATA[GuestNet_WLAN]]></descr>
		<if>lagg0.11</if>
		<enable></enable>
		<ipaddr>192.168.11.254</ipaddr>
		<subnet>24</subnet>
		<spoofmac></spoofmac>
	</opt2>
	<opt3>
		<descr><![CDATA[KIdsZone_WLAN]]></descr>
		<if>lagg0.23</if>
		<spoofmac></spoofmac>
		<enable></enable>
		<ipaddr>192.168.23.254</ipaddr>
		<subnet>24</subnet>
	</opt3>
	<opt4>
		<descr><![CDATA[DMZ]]></descr>
		<if>lagg0.15</if>
		<spoofmac></spoofmac>
		<enable></enable>
		<ipaddr>192.168.15.1</ipaddr>
		<subnet>24</subnet>
	</opt4>
	<opt5>
		<descr><![CDATA[WG_RemoteAccess]]></descr>
		<if>tun_wg1</if>
		<enable></enable>
		<spoofmac></spoofmac>
		<ipaddr>172.26.0.1</ipaddr>
		<subnet>24</subnet>
	</opt5>
	<opt6>
		<descr><![CDATA[WORK]]></descr>
		<if>lagg0.17</if>
		<enable></enable>
		<ipaddr>192.168.17.1</ipaddr>
		<subnet>29</subnet>
		<spoofmac></spoofmac>
	</opt6>
	<opt8>
		<descr><![CDATA[Kevin_WG_S2S]]></descr>
		<if>tun_wg2</if>
		<enable></enable>
		<spoofmac></spoofmac>
		<mtu>1460</mtu>
		<mss>1360</mss>
		<ipaddr>172.28.0.2</ipaddr>
		<subnet>30</subnet>
	</opt8>
	<opt9>
		<descr><![CDATA[PIA_VPN_Atlanta]]></descr>
		<if>ovpnc2</if>
		<enable></enable>
		<spoofmac></spoofmac>
	</opt9>
	<opt11>
		<descr><![CDATA[Storage]]></descr>
		<if>lagg0.3</if>
		<spoofmac></spoofmac>
		<enable></enable>
		<ipaddr>192.168.3.1</ipaddr>
		<subnet>29</subnet>
	</opt11>
	<opt12>
		<descr><![CDATA[IPsec_790CCV]]></descr>
		<if>ipsec1</if>
		<enable></enable>
		<spoofmac></spoofmac>
	</opt12>
</interfaces>

michmoor · Feb 6, 2023, 3:21 PM

@michmoor Going to go ahead and re-install pfsense+. Actually do the recovery option.
Question..this process puts a fresh copy of the pfsense software then the configuration? So if there was something in the OS that was not acting correctly it should, in theory, be gone when i go through the process?
In other words when i recover the config.xml im not bringing with it any issues from the previous install?

SteveITS · Feb 6, 2023, 3:45 PM

@michmoor The reinstall should reformat the drive.

stephenw10 · Feb 6, 2023, 3:51 PM

Yes, the only thing you would be bringing across is the config. Everything else will be recreated. So if you still see this it's either a bug in the code that affects all installs or something in your config specifically. Or both.

Steve

michmoor · Feb 6, 2023, 4:11 PM

@stephenw10 @SteveITS Appreciate you both. I'll follow up once im done.

michmoor · Feb 6, 2023, 7:17 PM

Re-install went through without an issue. Couldnt do the recovery of the config.xml as the system stated it couldnt find it. No matter thats what 3-2-1 backup strategies are for.

Nevertheless, this didnt fix the issue. It is the most bizarre thing.

So whats my next steps? Any ideas?

stephenw10 · Feb 6, 2023, 10:05 PM

So you restored the config and then couldn't change the descriptions? Or reconfigured it and then couldn't?

michmoor · Feb 6, 2023, 10:08 PM

@stephenw10 Restored the configuration. Tried to change vlan description. Doesnt happen.

stephenw10 · Feb 6, 2023, 11:14 PM

Mmm, I can't reproduce this either.
I would have to guess something in your config is trying to apply invalid values when you change the VLAN description. The sort of thing I could imagine it being would be and MTU or link state type that it tries to apply as an inherited value to the parent. Since you are using vlans on a lagg that is a double layer of parent interfaces.

michmoor · Feb 7, 2023, 12:34 AM

@stephenw10 So its definitely something in the config or at least how the GUI works with the config.xml in the background. Took a spare 6100 and loaded my config.xml and the exact same symptoms show up. I apply a vlan description change, All interfaces bounce, and the vlan change never happens.
Ive been reviewing both the <Interfaces> and <vlan? hierarchy and i couldnt tell you whats wrong. All looks good or at least nothing out of place.

Strange thing is, when i make the change directly to the config.xml, no issue. vlan change goes through and no interface flaps.

tail -f system.log when i change the vlan description the only things that stick out at me are the following

Feb  6 18:44:56 GA-FW1 arpwatch[24336]: pcap_loop: The interface disappeared
Feb  6 18:44:56 GA-FW1 kernel: lagg0.23: promiscuous mode disabled
Feb  6 18:44:56 GA-FW1 kernel: vlan5: changing name to 'lagg0.23'

Feb  6 23:44:56 GA-FW1 php-fpm[36470]: /interfaces_vlan_edit.php: Gateway, NONE AVAILABLE

Feb  6 23:44:57 GA-FW1 php-fpm[12214]: /rc.linkup: Hotplug event detected 

Feb  6 23:49:46 GA-FW1 check_reload_status[334]: rc.newwanip starting lagg0.17
Feb  6 23:49:46 GA-FW1 check_reload_status[334]: rc.newwanip starting lagg0.3

Its renewing WAN IP on my lagg facing my LAN? Something is strange.

last edit

Parsing the logs I dont know why newwanip is running on each interface and resyncing with OpenVPN.

Feb 7 00:24:33	php-fpm	69922	/rc.newwanip: Resyncing OpenVPN instances for interface DMZ.
Feb 7 00:24:30	php-fpm	8705	/rc.newwanip: Resyncing OpenVPN instances for interface SLEEPY_IOT_WLAN.
Feb 7 00:24:26	php-fpm	36470	/rc.newwanip: Resyncing OpenVPN instances for interface KIDSZONE_WLAN.
Feb 7 00:24:24	php-fpm	27432	/rc.newwanip: Resyncing OpenVPN instances for interface STORAGE.
Feb 7 00:24:21	php-fpm	90475	/rc.newwanip: Resyncing OpenVPN instances for interface WORK.
Feb 7 00:16:46	php-fpm	69922	/interfaces.php: Resyncing OpenVPN instances for interface LAN.
Feb 6 23:57:56	php-fpm	27432	/interfaces.php: Resyncing OpenVPN instances for interface WORK.
Feb 6 23:50:04	php-fpm	36470	/rc.newwanip: Resyncing OpenVPN instances for interface DMZ.
Feb 6 23:50:02	php-fpm	69922	/rc.newwanip: Resyncing OpenVPN instances for interface SLEEPY_IOT