FW hangs
-
I have a virtual machine running pfsense for about a year. up until a few days ago it was very stable using version 2.3
a few days ago I upgraded to version 3, today the FW was stuck in a most bizarre way:
I could login to the web ui, one of the four cpu cores was at 100% non stop for over 30 minutes, both the WAN and LAN addresses of the FW responded to ping but other VM's behind the FW NAT where not ping-able or reachable
I did a restart of the VM running pfsense and it was all resolvedIs there anything I can look for in the logs for the reason? Even if the logs are useless now, any instructions on how to find the reason before the reset in the logs would be helpful
Thanks
-
Using IPsec? If so, that's this. https://redmine.pfsense.org/issues/6296
-
cmb, Thank for the quick response. I am using IPSec so this is probably the same (description fits in symptoms to what I saw)
Except for waiting for the bug to be fixed, is there a way to ensure my FW keeps running so that customers are not affected? will high availability detect this machine as a failed one?
-
The failure modes can vary in that case, it often would trigger CARP failover, but not necessarily.
If you reduce your VM to a single vCPU, it won't happen.
We've identified a fix and should have it merged into 2.3.1 in the next day or so.
-
I'm using version 3 so the issue is probably there as well
Thanks -
There is no version 3. :) You're running 2.3(.0) I'm sure.
-
Sorry. My mistake (too many nights of little sleep) :-)
2.3-RELEASE (amd64)
built on Mon Apr 11 18:10:34 CDT 2016
FreeBSD 10.3-RELEASE