[Feedback] fresh install + config restore = mess



  • Hi all  :-*

    Some feedback:

    • Backup machine: Dell R200. Installed 2.2-1 on there, and com-ple-te-ly customized it by hand, as an upgrade never worked for me. This has an Intel Dual NIC and 2 onboard bge(0/1). I did this two weeks ago and tested since. Seemed stable, so went on to get the same 2.2.-1 on my primary box. Plan: fresh install of 2.2.-1, then config restore from the freshly customized backup machine, the Dell R200.

    • Primary machine: Intel mini-ITX. Installed, freshly, 2.2.-1 on it today.

    • Contrary to previous versions it doesn’t ask to assign interfaces, nope, it simply says this NIC is WAN and that NIC is LAN. Precisely wrong. So, can’t connect to it from my PC. Go to console, re-assign, still can’t connect. Reboot the box: pffff. Connected.

    • Ok, so now me thinks he’s happy: now restore that config backup from the Dell, all that hard manual work, to this primary machine and be done with it.

    • Not.

    • First it complains about ‘interface-misassignment’. It says bge0 = WAN**. THERE IS NO “bge0” on this machine.**

    • Says I need to fix that first before the reboot.

    • I can’t delete it, nor change it to em1…

    • Then, by trying 1001 things (don't recall what I did, too much things, such a small brain), finally allowed me to reboot so it could restore the remainder of the config.

    • BUT (T: big butt): after reboot it has restored bge0 as WAN (there is no bge0), hence couldn’t go out to install the packages it had to install as part of config restore.

    • BUT: it did add all the menu items on it.

    • So when I came back to see what the machine was doing I clicked on Snort, thinking that was installed: BAM, crash kernel panic.

    • Here I am, installing all packages by hand  :-[ [/li]

    • I really hate it if it is now so messed up that I need to customize this by hand too. That will, again, take a lot of time.



  • Yeah, I had this issue awhile back.  If changing hardware, note the NIC type and driver and then do a find/replace in your config.xml to change NICs.



  • @KOM:

    Yeah, I had this issue awhile back.  If changing hardware, note the NIC type and driver and then do a find/replace in your config.xml to change NICs.

    Thanks KOM  ;D

    So I wasted 4 hours and a zillion clicks on this. Times 10k members who face the same problem.

    Making it easy for customers would mean solving this problem as a HiPrio. I once gave a speech on a seminar where I explained IT people can benefit from us economists by understanding it is about customer comfort. They all ran away, to the new Intel NIC presentation.

    ;D ;D ;D ;D ;D

    ( :'( )



  • Sorry you wasted time on this.  Just changing em0 to vmx0, for instance, was all it took for me.  Save & import.  Done.

    BLAP!

    https://vine.co/v/hJhz627JmvJ



  • I've experienced this before a long time ago. Since then I have made sure that my test box has exactly the same hardware inside so that I can restore a backup from a production host to a test host and use it as a new replacement production host. Since 2.1.5 my pfSense hosts have been swapped in and out round-robin style for upgrade ISO installs and I can no longer remember what machine the original test host was.



  • @vbentley:

    I've experienced this before a long time ago. Since then I have made sure that my test box has exactly the same hardware inside so that I can restore a backup from a production host to a test host and use it as a new replacement production host.

    On first sight that makes sense. Yet:
    1. it's not always possible to get the same hardware (sold out, my Nr1).
    2. Worse, from a risk management perspective you might want to source different vendors; if one has problem hardware, hopefully the other one did not.



  • Yes, I agree (2) is a risk but if you have a test box hardware related problems should be found during proper use case acceptance testing. I learned this the hard way upgrading from 2.2RC to 2.2 Release without adequate use case testing.

    In the event of an unpatchable hardware specific vulnerability, second hand kit capable of running pfSense is both cheap and abundant.


Log in to reply