Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    2.2.6 -> 2.3 Upgrade Issues

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    5 Posts 4 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Tubal
      last edited by

      We've been using pfSense at all of our locations (usually around 10) for the last 4-5 years, normally upgrading to the latest version without any issues at all.  We literally have never had an issue doing upgrades before, remote or local.

      Our hardware right now is typically a SuperMicro 5018-FTN4 (Atom C2758 w/4-8GB RAM, x4 intel interfaces)

      I have to say the upgrade to 2.3 hasn't been working as well as we'd hoped.

      We updated our first location 2 nights ago.  I flew a tech onsite in case anything went wrong.  The upgrade worked fine, and we booted up and had internet access, and all our settings seemed to move over just fine.  So we appeared to be good to go, and I brought my tech back home.

      • Since then, we've had many problems relating to the IPSec site to site connections between the 2.3 location and the other 2.2.6 locations.  I'm not sure what exactly changed with the IPSec, and it appeared to work fine for the first day, but we're no longer able to connect with a hostname.  We must have the IP address in the remote gateway field on both sides.  Once we solved that issue and connected, we were still unable to pass traffic because the traffic was being blocked in the firewall, even though we had pass rules that worked fine on 2.2.6 (and should work fine on 2.3).  So I added the Easy Rule to pass the specific traffic I was testing with, and the traffic was no longer being blocked at the firewall, but I'm still unable to connect.  We have 2 WAN connections, and the same thing is happening on both.  The first few connections seemed to work fine when I switched to the other WAN, but have since stopped.  It's almost as if the connection locks up after a period of time and nothing will bring it back up.  I've tried deleting/readding the connection, using a different WAN tunnel ( which in some cases works for a little while), using different P2 tunnels, different encryption protocols, etc.  I will try a reboot tonight to see if that does anything.

      • We have a dual wan connection in a failover gateway group that updates a dynamic dns address whenever it fails over.  Anytime this happens (3 times so far) we get a crash report on pfSense related to the Dynamic DNS.  This also happens anytime I do a Force Update in the Dynamic DNS.  Crash Report is below.  This doesn't seem to break anything or stop pfSense, but it gives me a crash report error on my dashboard every time.

      • The CPU Usage on the dashboard reports a constant 15-20%, even though the Monitoring (which is a big step down from the RRD Graphs) reports 0-1% across the board, and if I ssh in and run top, it reports 0-1%.  The locations using the same hardware and typically the same usage report 0-1% on the dashboard in 2.2.6.

      • The web interface seems to hang a LOT.  Sometimes I'll have to wait 30s-60s for a page to load.

      I really like pfSense and recommend it whenever I can.  But 2.3 so far has been a real disappointment.  I'm thinking I'll need to downgrade this one location back to 2.2.6 until 2.3 is a little more polished.

      Anyon else been seeing these issues?

      amd64
      10.3-RELEASE
      FreeBSD 10.3-RELEASE #6 05adf0a(RELENG_2_3_0): Mon Apr 11 18:52:07 CDT 2016     root@ce23-amd64-builder:/builder/pfsense-230/tmp/obj/builder/pfsense-230/tmp/FreeBSD-src/sys/pfSense
      
      Crash report details:
      
      PHP Errors:
      [22-Apr-2016 14:00:23 America/Denver] PHP Stack trace:
      [22-Apr-2016 14:00:23 America/Denver] PHP   1\. {main}() /usr/local/www/services_dyndns_edit.php:0
      [22-Apr-2016 14:00:23 America/Denver] PHP   2\. services_dyndns_configure_client() /usr/local/www/services_dyndns_edit.php:232
      [22-Apr-2016 14:00:23 America/Denver] PHP   3\. updatedns->updatedns() /etc/inc/services.inc:1930
      [22-Apr-2016 14:00:23 America/Denver] PHP   4\. updatedns->_update() /etc/inc/dyndns.class:274
      [22-Apr-2016 14:00:23 America/Denver] PHP   5\. updatedns->_checkStatus() /etc/inc/dyndns.class:808
      [22-Apr-2016 14:00:23 America/Denver] PHP   6\. notify_all_remote() /etc/inc/dyndns.class:1429
      [22-Apr-2016 14:00:23 America/Denver] PHP   7\. notify_via_growl() /etc/inc/notices.inc:468
      [22-Apr-2016 14:00:23 America/Denver] PHP   8\. dns_get_record() /etc/inc/notices.inc:431
      [22-Apr-2016 14:00:28 America/Denver] PHP Stack trace:
      [22-Apr-2016 14:00:28 America/Denver] PHP   1\. {main}() /usr/local/www/services_dyndns_edit.php:0
      [22-Apr-2016 14:00:28 America/Denver] PHP   2\. services_dyndns_configure_client() /usr/local/www/services_dyndns_edit.php:232
      [22-Apr-2016 14:00:28 America/Denver] PHP   3\. updatedns->updatedns() /etc/inc/services.inc:1930
      [22-Apr-2016 14:00:28 America/Denver] PHP   4\. updatedns->_update() /etc/inc/dyndns.class:274
      [22-Apr-2016 14:00:28 America/Denver] PHP   5\. updatedns->_checkStatus() /etc/inc/dyndns.class:808
      [22-Apr-2016 14:00:28 America/Denver] PHP   6\. notify_all_remote() /etc/inc/dyndns.class:1429
      [22-Apr-2016 14:00:28 America/Denver] PHP   7\. notify_via_growl() /etc/inc/notices.inc:468
      [22-Apr-2016 14:00:28 America/Denver] PHP   8\. dns_get_record() /etc/inc/notices.inc:431
      
      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        For the growl crash report, I expect you have some (usually accidental) erroneous name in the "IP Address" field of the Growl settings (System->Advanced, Notifications).

        Fix that and the crash report will go away.

        The Growl crash report problem is fixed by https://github.com/pfsense/pfsense/commit/642c6023fea2957bb646b1290371ead508f5cc67 - which prevents the warning message and instead does a "file notice" so that you will get a sensible message as a notice on the dashboard when this problem occurs. That fix will be in 2.3.1, or you can install System Patches package and then apply that commit as a patch.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • T
          Tubal
          last edited by

          That seems to have fixed that issue.  Thanks.

          We've never used Growl, so I'm not sure how that became enabled.

          1 Reply Last reply Reply Quote 0
          • K
            kpk
            last edited by

            Regarding the slow interface:
            It seems, that disc speed is much more important in 2.3 than in 2.2.
            I gave my APU some love and upgraded from CF to SSD - and what can I say… normal speed back again.

            But I do have some other problem... I didn't remove the deprecated packages and now they show in the menu but can't be removed.
            And no, I don't want to install from the scratch an reconfigure everything again.
            Any help?
            ...solved:
            https://forum.pfsense.org/index.php?topic=110096.msg613161#msg613161

            1 Reply Last reply Reply Quote 0
            • D
              dusan
              last edited by

              Regarding crashes, in 2.3-RELEASE (i386) I see frequent crash reports due to errors on physical Internet links (i.e. ISP errors)regardless of site, platform (physical or virtual machine) and method of installation (upgrade from 2.2.2 or 2.2.6). The crashes are true. I'm not sure if this is relevant, we use IPsec, but not HA IPsec/Dynamic DNS.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.