Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Automated Configuration Backup Fails To Upload

    Scheduled Pinned Locked Moved General pfSense Questions
    23 Posts 2 Posters 2.5k Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P Offline
      pdavis @stephenw10
      last edited by

      @stephenw10 The latest and greatest - pfSense Plus 23.01, AMD64

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        Hmm, definitely applies there then. That would explain the log after 15mins, it will keep trying to upload queued backups. It must be failing for some other reason and just showing a resolution failure...

        P 1 Reply Last reply Reply Quote 1
        • P Offline
          pdavis @stephenw10
          last edited by

          @stephenw10 That's what I'm thinking as well - thank you for your help!

          1 Reply Last reply Reply Quote 0
          • stephenw10S Offline
            stephenw10 Netgate Administrator
            last edited by

            Do you see anything in /tmp/backupdebug.txt ?

            Is this new install? Upgrade to 23.01? What version was it running previously?

            Steve

            P 1 Reply Last reply Reply Quote 0
            • P Offline
              pdavis @stephenw10
              last edited by

              @stephenw10 I do not see a backupdebug.txt file in my tmp directory. I upgraded from 22.05 to 23.01 in February

              1 Reply Last reply Reply Quote 0
              • stephenw10S Offline
                stephenw10 Netgate Administrator
                last edited by

                And ACB has been working OK in 23.01 until recently?

                P 1 Reply Last reply Reply Quote 0
                • P Offline
                  pdavis @stephenw10
                  last edited by

                  @stephenw10 Honestly I haven't made many configuration changes in 23.01 - the ones I have made have failed initially, but I just got around to posting about it now.

                  I see all the backups, including a test I took yesterday that completed on the first try, so perhaps this is just an intermittent issue.

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S Offline
                    stephenw10 Netgate Administrator
                    last edited by

                    Ah, so it does actually backup? Hmm, that's even more weird then if it shows that error every time.

                    P 1 Reply Last reply Reply Quote 0
                    • P Offline
                      pdavis @stephenw10
                      last edited by

                      @stephenw10 For clarity, it does not back up on the attempt that I get the message for - but from what I saw in the logs, it retries 15 minutes later or so, and I get no error.

                      1 Reply Last reply Reply Quote 0
                      • stephenw10S Offline
                        stephenw10 Netgate Administrator
                        last edited by

                        Ah, hmm. Do you see any other DNS resolution issues?

                        Are you using DNSoverTLS? With Quad9 perhaps? There seems to be an issue with that, as yet, undefined.

                        P 1 Reply Last reply Reply Quote 0
                        • P Offline
                          pdavis @stephenw10
                          last edited by

                          @stephenw10 No, no other DNS resolution issues to speak of, Unbound is typically rock solid. I do use DNS over SSL/TLS

                          To give you a better sense of my configuration - I have pfBlockerNG installed, so all traffic for all clients on my primary LAN Interface/VLANs go through Unbound, with no downstream server.

                          The only exception is my guest interface/VLAN used for wireless and IOT - the DHCP server on that Interface/VLAN is set up to dole out external DNS servers (starts with Cloudflare, then to Google, then to Quad9), and I have firewall rules in place to prevent that Interface from exchanging traffic with my primary VLANs. I was actually adding secondary Google DNS server and Quad9 to that DNS server list when I got this error - I wouldn't think that would affect the resolver, but I attempted to replicate the error by changing the order of the DNS servers in the DHCP settings for the Guest network.

                          The error did reoccur - see below for the logs, the resolver is not showing any issues, but it is showing that Unbound was restarted. The General log shows the error message about the config upload failing.

                          Unbound log:

                          Screenshot 2023-04-26 040601.png

                          General log:

                          Screenshot 2023-04-26 040500.png

                          It has been 1/2 hour now since I made that change, and the backup has not attempted to reupload. Also, as another datapoint, the backup didn't fail when I changed some UPS settings in NUT a few days ago.

                          stephenw10S 1 Reply Last reply Reply Quote 0
                          • stephenw10S Offline
                            stephenw10 Netgate Administrator @pdavis
                            last edited by

                            @pdavis said in Automated Configuration Backup Fails To Upload:

                            I do use DNS over SSL/TLS

                            To Quad9?

                            That error sure looks like it actually failed to resolve. I can't see what else could trigger it.

                            P 1 Reply Last reply Reply Quote 0
                            • P Offline
                              pdavis @stephenw10
                              last edited by

                              @stephenw10 No, not to Quad9 - no downstream servers configured for primary LAN interface, just Unbound.

                              And Unbound has no problem resolving that URL - I really think it's an issue of timing, DNS services loading as the backup is trying to upload. It is backed up now, and other changes upload immediately.

                              9a208f22-eae7-4f1e-b35e-3dbf31064ff2-image.png

                              1 Reply Last reply Reply Quote 0
                              • stephenw10S Offline
                                stephenw10 Netgate Administrator
                                last edited by

                                Hmm, it could be I guess if it's under significant load.

                                P 1 Reply Last reply Reply Quote 0
                                • P Offline
                                  pdavis @stephenw10
                                  last edited by

                                  @stephenw10 Um, I do tend to go a wee bit overboard on the pfBlockerNG lists... ;-)

                                  1 Reply Last reply Reply Quote 1
                                  • First post
                                    Last post
                                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.