OPNsense Forum
Archive => 19.7 Legacy Series => Topic started by: firewall on August 09, 2019, 12:17:34 am
-
After my upgrade to OPNsense 19.7.2 any attempt to apply FW or NAT rules will cause the web-based administration page to "hang", wait for connection, and eventually timeout. A subsequent refresh of the page shows the "Apply changes" button has disappeared as though the changes were accepted, and in testing thus far it seems the rules do indeed stick.
Any suggestions as to where I might start troubleshooting?
-
Update:
Here's a screenshot of 'top' via shell right after hitting apply. The shell session also froze and disconnected...
(https://i.imgur.com/DymmUzU.png)
:-\
-
For developers: I think I determined what the root cause here but it would be something requiring accounting for in applying configurations, as desired.
My syslog was chock full of the following:
Aug 11 12:39:36 buttery-corn kernel: arpresolve: can't allocate llinfo for 192.168.1.1 on igb0
Aug 11 12:39:37 buttery-corn kernel: arpresolve: can't allocate llinfo for 192.168.1.1 on igb0
Aug 11 12:39:38 buttery-corn kernel: arpresolve: can't allocate llinfo for 192.168.1.1 on igb0
Aug 11 12:39:39 buttery-corn kernel: arpresolve: can't allocate llinfo for 192.168.1.1 on igb0
Aug 11 12:39:40 buttery-corn kernel: arpresolve: can't allocate llinfo for 192.168.1.1 on igb0
Aug 11 12:39:41 buttery-corn kernel: arpresolve: can't allocate llinfo for 192.168.1.1 on igb0
Aug 11 12:39:42 buttery-corn kernel: arpresolve: can't allocate llinfo for 192.168.1.1 on igb0
I had a secondary/failover wan configured on another interface, using an entirely different (internal) netblock than norm (192.x rather than 10.x). After disabling that, the arpresolve errors went away and I can now save rules across the platform.
-
The cryptic error happens when your IPv4 default gateway isn't reachable (outside your network scope). It would make sense that you can't get to the box anymore in these cases.
Cheers,
Franco