DNS Forwarder: stopped registering static leases out of a sudden (x86, full)

mxx

Hi,

Two days before I upgraded to pfsense snapshot built on 14th oct. Today morning I noticed that static dhcp leases weren't resolvable.
I then just restarted the service and everything was fine again.
There were NO errors or anything unusual in the system logs.

I hadn't had any issues with this ever. I was very long on sept. 9th snapshot and then decided upgrading since load balancer problems were resolved.

Are there currently any code changes that could have an impact on this?

I'm afraid that this could happen again and am considering downgrading to 9th Sept. snapshot again.

BTW:
Since I upgraded from 9th sept. I get some of these:
php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'pfctl: DIOCADDRULE: Device busy'
php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'pfctl: DIOCADDRULE: Device busy'
php: : There were error(s) loading the rules: pfctl: DIOCADDRULE: Device busy - The line in question reads [ DIOCADDRULE]:
php: : New alert found: There were error(s) loading the rules: pfctl: DIOCADDRULE: Device busy The line in question reads [ DIOCADDRULE]:
php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'pfctl: DIOCADDRULE: Device busy'

Thank you very much!

eri--

Please upgrade to latest snap.

mxx

Thank you is there something resolved related to this (since 14th?)?

mxx

I guess this hasn't anything to do with DNS Forwarder and static mappings, but since I mentioned it in my previous post:

After upgrading to 20th oct. I still get:

Oct 20 20:41:18 php: : There were error(s) loading the rules: pfctl: DIOCADDRULE: Device busy - The line in question reads [ DIOCADDRULE]:
Oct 20 20:41:18 php: : New alert found: There were error(s) loading the rules: pfctl: DIOCADDRULE: Device busy The line in question reads [ DIOCADDRULE]:
Oct 20 20:41:18 php: : There were error(s) loading the rules: pfctl: DIOCADDRULE: Device busy - The line in question reads [ DIOCADDRULE]:
Oct 20 20:41:18 php: : New alert found: There were error(s) loading the rules: pfctl: DIOCADDRULE: Device busy The line in question reads [ DIOCADDRULE]:
Oct 20 20:41:18 php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'pfctl: DIOCADDRULE: Device busy'
Oct 20 20:41:18 php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'pfctl: DIOCADDRULE: Device busy'
Oct 20 20:41:18 php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'pfctl: DIOCADDRULE: Device busy'

eri--

Can you describe more in depth what you have running on this fw?

mxx

Thanks Ermal,

3 static wan ifs, 2 of them have virtual ips (type carp) used in snat
2 lan if,
2 Gateway groups for failover in my case. (group1: 1x tier1, 2x tier2, group2: 1x tier1, 1x tier2)
2 OpenVPN servers on different if + ip,
ipsec tunnels with 2 p2s each,
traffic shaper on all interfaces
AON,
DNATs,
DNS forwarder,
dhcp enabled on 1 interface (lan)
static dhcp mappings,
register dyn+static mappings in dns forwarder
override one host's ip in dns forwarder,

Packages: just openvpn export utility

Downgraded to 6th sept. again and these messages disappeared.

Do you have any idea what could be the reason for this?

Thanks a lot,

Max

eri--

Can you give me the full log?
I need the action the triggered a filter reload which then goes to ruleset loading failure.

mxx

Hi,

I'd love to do that, but I can't re-upgrade the box right now.
I will re-upgrade to latest snapshot as soon as possible and post the logs.

Thanks again

mxx

Hi Ermal,

I just upgraded to todays snapshot, copied all the logs in /var/log and downgraded.
The errors appear with snapshot from 21st too.

Could I mail you the zipped log dir?

Thanks,

Max

jimp

Have you tried with any of the new snapshots over the weekend? Any changes there?

mxx

Hi jimp,

sorry for the very late answer. I wasn't able to upgrade since those multi wan and nat issues.

Now I upgraded to today's snapshot and those "pfctl: DIOCADDRULE: Device busy" errors disappeared completely.

Thank you very much for the fantastic work!