2.2.3 Upgrade Lost Virtual IPs



  • I lost all of my virtual IPs during the 2.2.2 to 2.2.3 upgrade.  I had a client call because their test site was inaccessible, and after looking around I realized all of my virtual IPs were missing.  Not too bad since there were only 3-4 of them, but FYI in case this is an upgrade bug.


  • Banned

    Thanks man! Hasnt upgraded production yet and each of them has a /26 subnet on VIP's.


  • Netgate Administrator

    You were able to put them back again without issue then?
    What type of VIPs were they?
    I have some IPAliases on my main box here that survived the update without issue.
    Thanks,

    Steve



  • Yes, I could manually enter them again and everything was working afterwards.

    IP Aliases.

    My pfBlocker package also didn't survive, but it's a beta, and I'm still working through that issue.  I'm not entirely sure if it is an upgrade issue per se, but it's the only thing that I can tell so far that didn't fare well during the upgrade.


  • Netgate Administrator

    Hmm, it's hard to see how those could be removed. Were they not in the config file?
    If you have a config which has it's VIPs removed repeatably at upgrade we'd love to see it.

    Steve



  • I always do a full backup prior to an upgrade, but for some reason the file won't decompress on my Mac.  I can post them for download if you want to grab them.  I assume the settings are backed up in there.


  • Netgate Administrator

    Yes, the config file is included there. Do you have the config from the file from after the upgrade for comparison?

    Steve



  • in my config I have a bridge group comprising LAN and WiFi.  the BG was assigned a static in the 192 network from the BG configuration page.

    I was experimenting with the openvpn server and created a VIP in 172, intending to bind incoming connections  to that network.

    the 172 address was being assigned to the bridge group after restart.

    I just finished getting rid of the VIP, after getting rid of the ovpn server config first but still having to use the console to reassign the LAN IP at boot.

    definitely new behavior in 2.2.3, and the recovery required console acess each time


  • Banned

    Did the upgrade in production and no issues with VIP's running as IP Alias.


  • Netgate Administrator

    Ok, so looking at Tims config the thing that immediately stands out is that it has an IPAlias that looks to have been added by pfBlocker.
    I confess I'm not familiar with that feature in pfBlocker but I can imagine that at first boot when pfBlocker is re-installing it might give issues.

    Steve



  • The interesting thing is that pfBlocker was the only Virtual IP showing after reboot.  I am using the beta, and it didn't reload properly, so those two seemingly unrelated events could be related.

    At least in my case there were only a tiny handful of Virtual IPs, and I seem to be the only one with the issue.


  • Banned

    PfblockerNG only has URL alias and no IP alias here.

    Everything is working as expected.

    @stephenw10:

    Ok, so looking at Tims config the thing that immediately stands out is that it has an IPAlias that looks to have been added by pfBlocker.
    I confess I'm not familiar with that feature in pfBlocker but I can imagine that at first boot when pfBlocker is re-installing it might give issues.

    Steve


  • Banned

    Did the 1st major upgrade one some of the heavier ones in production running about 20 VIP's and shitload of aliases and VLAN's.

    No issues at all. Everything checked and running with no errors WSE.

    Very smooth.


Log in to reply