PfSense 2.2.4 (charon), uid 0: exited on signal 6 (core dumped)



  • Hello everybody,

    since Version 2.2.x i have the problem that my IPSEC tunnels (with PSK) disconnect randomly all together and they don't get up alone. I have to start them manually on the status site.
    When i look in the system log, i find this entry: kernel: pid 65899 (charon), uid 0: exited on signal 6 (core dumped). How can i figure out what problem this is?

    Thanks in advance.



  • Can you find the core dumps?

    https://www.freebsd.org/doc/en_US.ISO8859-1/books/faq/advanced.html#idp60781776
    _To capture a crash dump, edit /etc/rc.conf and set dumpdev to point to either the swap partition or AUTO. This will cause the rc(8) scripts to use the dumpon(8) command to enable crash dumps. This command can also be run manually. After a panic, the crash dump can be recovered using savecore(8); if dumpdev is set in /etc/rc.conf, the rc(8) scripts will run savecore(8) automatically and put the crash dump in /var/crash.
    Note:

    FreeBSD crash dumps are usually the same size as physical RAM. Therefore, make sure there is enough space in /var/crash to hold the dump. Alternatively, run savecore(8) manually and have it recover the crash dump to another directory with more room. It is possible to limit the size of the crash dump by using options MAXMEM=N where N is the size of kernel's memory usage in KBs. For example, for 1 GB of RAM, limit the kernel's memory usage to 128 MB, so that the crash dump size will be 128 MB instead of 1 GB.

    Once the crash dump has been recovered , get a stack trace as follows:

    % kgdb /usr/obj/usr/src/sys/MYKERNEL/kernel.debug /var/crash/vmcore.0
    (kgdb) backtrace_



  • There is no /etc/rc.conf, there are only rc.conf_mount_ro and rc.conf_mount_rw. But there is PHP code and if i set dumpdev in there, the webgui shows an error in these files. Or should i create the /etc/rc.conf file?


  • Banned

    No, you should NOT create any rc.conf file. It won't work anyway.



  • Great, so what to do now?

    I set up a new installation on an apu board with msata ssd and just imported the certs trough backup and restore and nothing else. Then i set up my 17 IPSEC tunnels and they where up for about 22 hours. Now charon exited again. I think there must be an issue with pfsense. Has anybody an advice?



  • After about 20 hours is Charon eating up a lot of memory? (How much memory do you have in your box?) You might be running into this issue.

    https://forum.pfsense.org/index.php?topic=96767.0



  • The APU Board has 2gig RAM, i also used a board with 4GB, the RAM isn't the issue, the maximum RAM usage was about 20 %. :(