pfsense stopped at vlan and interface prompt on every reboot

DaveQB

Re: pfsense stopped at vlan and interface prompt on every reboot

I have read this thread, but I am not using Tailscale. I have, what I thought, was a straight forward setup:

WAN (wan) -> mvneta0 -> v4: 192.168.0.2/30
LAN (lan) -> mvneta1 -> v4: 10.2.2.1/24
BACKUPWAN (opt1) -> mvneta1.99 -> v4/DHCP4: 192.168.175.118/24

But I can't reboot my SG-2100 without needing to plug a Micro USB cable and access the console to assign VLANs.

Side note, the dialogue asks Should VLANs be set up now [y|n]? but proceeds to ask questions to configure them if you answer y or n

Just upgraded to 23.09-RELEASE
Previously 23.01

Thank you.

johnpoz

@DaveQB why would you not be running 24.11 - which is current?

DaveQB

@johnpoz I didn't know this. 23.09 was all that was available in the web GUI. Either that or 23.05.

johnpoz

@DaveQB I would upgrade to the current 24.11 or beta is 25.03 - and if still seeing the problem it will be easier to help you figure out what is going on.

DaveQB

@johnpoz Thank you. I agree. That resolves it.

DaveQB

All upgraded to 24.11 yet issue remains unfortunately.

Here's the output I am seeing on a reboot over serial. I think the key is this line:

Warning: Configuration references interfaces that do not exist: mvneta1.99

I am not sure why this is the case exactly. Is there anything from the config

Welcome to Netgate pfSense Plus 24.11-RELEASE...

...ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg /usr/local/lib/compat/pkg /usr/local/lib/ipsec /usr/local/lib/perl5/5.36/mach/CORE
32-bit compatibility ldconfig path:
done.
2880
>>> Removing vital flag from php83...done.
External config loader 1.0 is now starting...
Launching the init system... done.
Initializing.................... done.
Starting device manager (devd)...2025-03-22T21:35:48.582133+11:00 - php-fpm 465 - - /rc.linkup: Ignoring link event during boot sequence.
2025-03-22T21:35:48.591626+11:00 - php-fpm 466 - - /rc.linkup: Ignoring link event during boot sequence.
2025-03-22T21:35:48.708691+11:00 - php-fpm 465 - - /rc.linkup: Ignoring link event during boot sequence.
2025-03-22T21:35:48.758862+11:00 - php-fpm 1181 - - /rc.linkup: Ignoring link event during boot sequence.
done.
Loading configuration...2025-03-22T21:35:48.835769+11:00 - php-fpm 466 - - /rc.linkup: Ignoring link event during boot sequence.
done.
Updating configuration...done.
Warning: Configuration references interfaces that do not exist: mvneta1.99

Network interface mismatch -- Running interface assignment option.
mvneta0: link state changed to DOWN

Valid interfaces are:

mvneta0 90:ec:77:0d:c5:b0 (down) NETA controller
mvneta1 90:ec:77:0d:c5:b1   (up) NETA controller

Do VLANs need to be set up first?
If VLANs will not be used, or only for optional interfaces, it is typical to
say no here and use the webConfigurator to configure VLANs later, if required.

Should VLANs be set up now [y|n]? 2025-03-22T21:35:50.446791+11:00 - php-fpm 466 - - /rc.linkup: Ignoring link event during boot sequence.
n


VLAN interfaces:

mvneta1.99      VLAN tag 99, parent interface mvneta1

If the names of the interfaces are not known, auto-detection can
be used instead. To use auto-detection, please disconnect all
interfaces before pressing 'a' to begin the process.

Enter the WAN interface name or 'a' for auto-detection
(mvneta0 mvneta1 mvneta1.99 or a): mvneta0

Enter the LAN interface name or 'a' for auto-detection
NOTE: this enables full Firewalling/NAT mode.
(mvneta1 mvneta1.99 a or nothing if finished): mvneta1

Optional interface 1 description found: BACKUPWAN
Enter the Optional 1 interface name or 'a' for auto-detection
(mvneta1.99 a or nothing if finished): mvneta1.99

The interfaces will be assigned as follows:

WAN  -> mvneta0
LAN  -> mvneta1
OPT1 -> mvneta1.99

Do you want to proceed [y|n]? y
mvneta1: link state changed to DOWN
Setting up gateway monitors...done.
Setting up gateway monitors...done.

Writing configuration...done.
One moment while the settings are reloading... done!

rsherga

@DaveQB did you ever arrive at a solution? This has been an issue for me as well for quite some time.

SteveITS

pfSense will always stop if it detects a change in interfaces.

Was the goal here to make one of the switch ports a discrete port? There's a doc page for that for the 2100.

Or in other cases sometimes things like USB Etherner adapter drivers aren't loaded yet so that interface doesn't exist that early.

rsherga

@SteveITS Thanks Steve.

It looks like it was due to my tailescale0 interface being assigned. But pfsense doesn't behave as an exit node once I unassign. If I reassign the interface, all expected traffic routes through it again. Time to figure out why though....

I tried outbound NAT settings and firewall rules, but zilch so far.

SteveITS

@rsherga I have seen comments it should not be assigned. That's the same symptom but a different reason than OP who was using VLANs.

I found posts like:

@stephenw10 said in Error "loading the rules" after reboot:

Mmm the tailscale interface should not be assigned. Usually doing that causes boot to fail because the interface doesn't exist when the interface-check runs.

@Adam-Bristol said in Netgate 6100 with Tailscale fails to reboot:

Craig at Netgate was kind enough to respond directly to me on this. Evidently this is a bug caused by assigning Tailscale to an interface, which seemed to me like a thing that should be done, but is not the case.

https://redmine.pfsense.org/issues/14780

rsherga

@SteveITS Yeah it makes sense. Just confused about what to do next.

Anyway, thanks again. I'll make a new post for this issue if I can't find a recent one.

Cheers

DaveQB

Edit: I just found this draft waiting for me to post. Sorry for not sharing earlier.

Solution for anyone following at home. Credit goes to ChatGPT. I am not sure why the vlanif line was missing; this was all made in the web GUI. All I can think of was this was made on version 23.01 or 23.05. ChatGPT said this became a requirement in 24.X but I had this issue while still on 23.X.

--- /conf/config.xml    2025-03-23 22:02:52.977293000 +1100
+++ config.xml  2025-03-23 22:02:14.882342000 +1100
@@ -325,7 +325,6 @@
                        <tag>99</tag>
                        <pcp>0</pcp>
                        <descr><![CDATA[BackupWAN]]></descr>
-                       <vlanif>mvneta1.99</vlanif>
                </vlan>
        </vlans>
        <staticroutes></staticroutes>