1.2.3 to 2.0 upgrade loses vlans/interface configuration



  • tried this week again but an upgrade from 1.23 fails on my alix embedded.
    the upgrade does not transfer my vlans over (5 vlans)

    logging in through console asks me if i want to configure vlans & pressing no takes me to the auto detection for wan/lan etc.
    so, it's back to 1.23 for me again.


  • Rebel Alliance Developer Netgate

    I seem to recall this working the last time I tried it, but it's been a while.

    Can you e-mail me a copy of your config with passwords and such removed or changed? E-mail it to jimp (at) pfsense (dot) org.



  • emailed. thank you



  • i can't see anything wrong with my interfaces. it simply forgets them on the reboot from 1.23 to 2.0.
    here's my interfaces config attached with wan ip *** out.

    uploaded as txt as forum wouldn't allow xml. please rename to xml

    interfaces-config-pfsense.mydomain.local-201009250132011.txt


  • Rebel Alliance Developer Netgate

    @louis-m:

    i can't see anything wrong with my interfaces. it simply forgets them on the reboot from 1.23 to 2.0.
    here's my interfaces config attached with wan ip *** out.

    uploaded as txt as forum wouldn't allow xml. please rename to xml

    If yours only happens during a 1.2.3 to 2.0 upgrade, that is not the same as the problem being discussed in this thread. This is for existing 2.0 installs that 'forget' their interfaces after a given time. Yours may be a config upgrade issue, which is just as important (if not more) to resolve, but belongs in another thread.
    [EDIT: Thread split for different issue. Former topic was [url=http://forum.pfsense.org/index.php/topic,28543.0.html]here]



  • sorry jimp, i thought it was on about the same thing.


  • Rebel Alliance Developer Netgate

    It's OK, it sounded similar at first, and it's still something we need to track down and solve.


  • Rebel Alliance Developer Netgate

    It might be the same problem from this thread: http://forum.pfsense.org/index.php/topic,28202.0.html

    I have that guy's config but haven't had a chance to look it over yet.



  • lol…. jimp. that's my post. i thought you had forgot about it, but apparently not. sorry for the double post's. won't happen again.


  • Rebel Alliance Developer Netgate

    yeah… not sure where my brain was. Probably lost between 50 tabs. %)


  • Rebel Alliance Developer Netgate

    I merged the threads together so it wouldn't be a duplicate. :-)


  • Rebel Alliance Developer Netgate

    Looking back and this and trying it out, my ALIX upgrades fine with VLANs. I suspect you were hitting this issue due to having the snort package installed:
    http://forum.pfsense.org/index.php/topic,28543.msg150170/topicseen.html#msg150170

    And that should be fixed now on newer versions of snort.



  • i was thinking the same as snort cocked up on resetting to the original slice but…..
    i've tried again tonight and no success.
    i've cleaned out my packages and package config and at one stage thought it was down to an old vnstat package but......

    on a reboot
    "invalid argument supplied for each() in /etc/inc/util.inc on line 708" and there ain't no line 708


  • Rebel Alliance Developer Netgate

    At this point I would just do a fresh image of the card with 2.0 and restore your configuration. Something has to have gotten corrupted somewhere along the line.

    To be safe, I'd remove the package data from the backup file.



  • aha…...
    are you saying i can do a fresh install and then use my 1.23 config to bring the v2 to how it was under v1.23? i didn't realise that you could do that.

    if so, can't i just temporarily configure a lan at the moment after the upgrade and then import the 1.23 config?



  • If that was a recent snapshot, that error would suggest that you have no interfaces section in your config.xml at all when it is happening or that there was an error parsing config.xml.


  • Rebel Alliance Developer Netgate

    yeah, backup the config, write out a card with 2.0, drop that in and connect to LAN, then restore config, and when it reboots it will be ready with all your other configuration. Still not sure I'd trust packages in that scenario just yet but it might be safe.



  • just checked and there are interfaces there. i'll keep ploding on just to see incase it helps anybody later on but any help or pointers would be appreciated.



  • Maybe something invalid got into your config.xml somehow so that it wasn't able to parse it?  Something could somehow be going wrong with the config upgrade process, making a configuration that causes it to error out when parsing.  If this is happening, I think it would cause the equivalent of having a blank config.xml.



  • ummm….
    i'll probably have to go to a fresh v2 as jimp says but that's giving up to me so i wanna keep trying. i notice when it boots up it looks for packages, says it reinstalling packages and then says done. and there's no packages there in the gui or when you run pkg_info.
    what i did try was clearing all my backups & cache out and then upgrade to v2.
    still the same so i then name the interfaces vr0, vr1 & vr2 (thinking i'd get it going and then do the config import) but then i got:
    cannot use a scalar value as an array in /etc/inc/config.console
    cannot unset offset in a non-array variable in /etc/inc/config.console



  • Have you kept a backup of the working configuration from before the upgrade so that you can reproduce this at any time?



  • yes, i backup using an "all" & "all without packages" config. still the same result.



  • sorry to bring this up again but i'm looking for advice as we draw ever closer to v2.
    i tried this again the other night (with latest snapshot) and still had the same issue. so i suppose the only way i'm gonna get v2 going is with a fresh install.
    problem is, pfsense is configured with 5 vlans, ipsec tunnels etc and i don't want to lose the config or start from scratch.

    can i do a fresh install and then restore from config?
    i'm thinking of doing multiple backups eg one for packages, one for firewall, one for ipsec etc and restoring them (if i can) one by one in case there is anything in there.
    would this be the way to go?

    i don't want to buy another industrial grade cf card so i may use a normal cf just to see if it goes prior to switching over to the working card.



  • Please email me your config that won't upgrade.  cmb at pfsense dot org



  • sent the config. thank you for your time with this.



  • I see exactly the same behavior at my side: after the upgrade the boot process asks for assigning interfaces which fails due to the "scalar problem". I was working for some time with 1.2.3 but had problems with voip phone disconnects and since nothing helped so far my last resort was giving 2.0 Beta 4 a try. But as reported, no luck so far. I would be really happy to get some help with the upgrade process…

    Thanks a lot!



  • Please give full error message and config.xml if possible.



  • Here is the section of the log when it jumps into the interface configuration after the "network interface mismatch"…

    *** Start LOG ***
    The interfaces will be assigned as follows:

    LAN  -> vr1
    WAN  -> vr0
    OPT1 -> vr2

    Do you want to proceed [y|n]?y

    Warning: Cannot use a scalar value as an array in /etc/inc/config.console.inc on line 322

    Warning: Cannot use a scalar value as an array in /etc/inc/config.console.inc on line 323

    Warning: Cannot unset offset in a non-array variable in /etc/inc/config.console.inc on line 375

    Warning: Cannot use a scalar value as an array in /etc/inc/config.console.inc on line 378

    Warning: Cannot use a scalar value as an array in /etc/inc/config.console.inc on line 379

    Warning: Cannot unset offset in a non-array variable in /etc/inc/config.console.inc on line 385

    Warning: Cannot use a scalar value as an array in /etc/inc/config.console.inc on line 390

    Warning: Cannot use a scalar value as an array in /etc/inc/config.console.inc on line 392

    Warning: Cannot unset offset in a non-array variable in /etc/inc/config.console.inc on line 399

    Warning: Cannot unset offset in a non-array variable in /etc/inc/config.console.inc on line 402

    Warning: Cannot use a scalar value as an array in /etc/inc/config.console.inc on line 403

    Writing configuration…
    Warning: Cannot use a scalar value as an array in /etc/inc/config.lib.inc on line 488

    Warning: Cannot use a scalar value as an array in /etc/inc/config.lib.inc on line 494

    Warning: Cannot use a scalar value as an array in /etc/inc/config.lib.inc on line 495

    Warning: Invalid argument supplied for foreach() in /etc/inc/xmlparse.inc on line 211
    done.

    Network interface mismatch -- Running interface assignment option.

    Valid interfaces are:

    vr0  00:0d:b9:1f:db:90  (up)  VIA VT6105M Rhine III 10/100BaseTX
    vr1  00:0d:b9:1f:db:91  (up)  VIA VT6105M Rhine III 10/100BaseTX
    vr2  00:0d:b9:1f:db:92  (up)  VIA VT6105M Rhine III 10/100BaseTX

    Do you want to set up VLANs first?

    If you are not going to use VLANs, or only for optional interfaces, you should
    say no here and use the webConfigurator to configure VLANs later, if required.

    Do you want to set up VLANs now [y|n]?

    *** End LOG ***



  • I added some more checks for the errors you mentioned to code so you can try with latest snapshots.

    But without posting the config i cannot tell.



  • Unfortunately, the new build with the additional debug messages did not help. Still exactly the same errors when the router boots into the image and then restarts assigning interfaces. Please find below the extract of the 1.2.3 config.xml file. Anyone any ideas?

    <interfaces><lan><if>vr1</if>
    <ipaddr>192.168.100.1</ipaddr>
    <subnet>24</subnet>
    <media><mediaopt><bandwidth>100</bandwidth>
    <bandwidthtype>Mb</bandwidthtype></mediaopt></media></lan>
    <wan><if>vr0</if>
    <mtu><ipaddr>dhcp</ipaddr>
    <subnet><gateway><blockpriv>on</blockpriv>
    <blockbogons>on</blockbogons>
    <disableftpproxy><dhcphostname><media><mediaopt><bandwidth>100</bandwidth>
    <bandwidthtype>Mb</bandwidthtype>
    <spoofmac></spoofmac></mediaopt></media></dhcphostname></disableftpproxy></gateway></subnet></mtu></wan>
    <opt1><if>vr2</if>
    <descr>OPT1</descr>
    <bridge>lan</bridge>
    <enable><ipaddr>dhcp</ipaddr>
    <subnet>32</subnet>
    <gateway><spoofmac><mtu><dhcphostname></dhcphostname></mtu></spoofmac></gateway></enable></opt1></interfaces>



  • It may not be relevant, but you shouldn't have DHCP client enabled on a bridged interface (OPT = vr2).

    (I'm presuming that what the <ipaddr>dhcp</ipaddr> means.)



  • I did change it, but there is no better behavior during upgrade to 2.0 Beta 4 (latest snapshot 101224).



  • Do you see any error messages or warnings during boot? (especially PHP errors or warnings)



  • Please put the config without private info either here or mail to me.
    Otherwise we cannot help on this.



  • I seen a hint in another post concerning the usage of special characters (Umlaute). I went through my config and finally found one such character. After this correction, the upgrade to the latest Beta 5 went smoothly. I am currently just trying to rebuild the openVPN config which was apparently not converted due to a completely different way of handling certificates (I assume). But otherwise I am now on pfsense 2.0! Thanks for pushing me with hints and questions.

    I will report on the outcome as soon as I have further news.

    Felix


  • Rebel Alliance Developer Netgate

    OpenVPN should have been converted. What didn't work?

    We have a lot of upgrade code that should be taking care of importing what you have into the new certificate manager.

    And also, what field had the special character in it? I assume some kind of description field, but where in the config?

    The more issues we can smooth out for people, the better.



  • Dear Jimp,

    just sent a PN with the config file. Indeed, the problem was a description field where I use "Büro" instead of "Buero". But unfortunately, other problems were buried. So after messing around for almost a day, I went along and did a manual clean config by copy/paste data from the old config.xml file. 2hours later I had it again up and running. Currently I am just struggling with setting up OpenVPN again since the masks look different and request different information than outlined in the official book…

    Felix


  • Rebel Alliance Developer Netgate

    Yeah importing an OpenVPN connection is a bit more complex now (import the CA, then import the Cert, then re-create the connection) but it can be done. You probably could have fixed that one special character in the original config and re-run the upgrade. I didn't see anything else wrong with the config at a quick glance.



  • I did as you suggested but I was not able to fix it with the import. I also tried to partially import piece by piece over a virgin installation. That did not work out either. Hence I was really lost and needed to have the link up and running again.

    But seriously: I don't want to complain. Overall the pfsense router is a great piece of SW on the ALIX boards, and also very low power. This is exactly what I was looking for.


Locked