25.07 ran for 24 hours and then ????

bbrendon

I've been running a cluster for many years (ESXi previously and now PVE). Upgraded to 25.07 yesterday morning and this morning the primary node was in a strange state. I could access the web interface but I couldn't ping 8.8.8.8. Also other strange things. I tried stopping pfblocker, reloading filter log, and a few other things. I saved some logs but had to punt because I was in a rush and revert the snapshot.

Very strange. I've never had this happen.

stephenw10

Hmm, hard to say from that. Do you have any logs from the failed node we can review?

bbrendon

@stephenw10 here is something. It died at about 9am. I had to remove a few lines for safety. I should have more time to look at it tonight.

https://docs.google.com/spreadsheets/d/1WdXVI9-O1V3m0XHQPCDse6P3A--XDm6-ZRFlFG8iRgY/edit?usp=sharing

stephenw10

Hmm, well hard to be sure I'd guess that Unbound was restarted when pfBlocker updated and then failed to restart for some reason.

However that wouldn't prevent pinging 8.8.8.8. So another possibility is that one of the pfBlocker feeds had some rogue entry blocking far too much when it updated.