OPNsense Forum

English Forums => General Discussion => Topic started by: nines on July 08, 2018, 09:25:01 pm

Title: cant update via gui/cli
Post by: nines on July 08, 2018, 09:25:01 pm

unfortunately I cant update my installation anymore. 

opnsense-update gives me:

opnsense-update
Updating OPNsense repository catalogue...
pkg-static: Repository OPNsense load error: access repo file(/var/db/pkg/repo-OPNsense.sqlite) failed: No such file or directory

and update via gui gives my a timeout.

This is definetely not a dns issue!

Thanks for helping me out :)

Title: Re: cant update via gui/cli
Post by: franco on July 08, 2018, 09:27:58 pm

Can you do these three commands and provide the output?

# pkg info | wc -l
# pkg update -f
# pkg upgrade -n


Thanks,
Franco

Title: Re: cant update via gui/cli
Post by: nines on July 08, 2018, 09:29:46 pm

Code: [Select]

root@OPNsense:/home/shelladmin # pkg info | wc -l
     145
root@OPNsense:/home/shelladmin # pkg update -f
Updating OPNsense repository catalogue...
pkg: Repository OPNsense load error: access repo file(/var/db/pkg/repo-OPNsense.sqlite) failed: No such file or directory
^C <- never finishes
root@OPNsense:/home/shelladmin # pkg upgrade -n
Updating OPNsense repository catalogue...
pkg: Repository OPNsense load error: access repo file(/var/db/pkg/repo-OPNsense.sqlite) failed: No such file or directory
^C <- never finishes

Thanks
André

Title: Re: cant update via gui/cli
Post by: franco on July 09, 2018, 01:08:18 pm

Hi André,

Can't see what's going on just yet, next try with more debug output:

# pkg -d update -f


Cheers,
Franco

Title: Re: cant update via gui/cli
Post by: nines on July 09, 2018, 10:01:14 pm

Hi Franco

here we go:

pkg -d update -f
DBG(1)[9773]> pkg initialized
Updating OPNsense repository catalogue...
DBG(1)[9773]> PkgRepo: verifying update for OPNsense
pkg: Repository OPNsense load error: access repo file(/var/db/pkg/repo-OPNsense.sqlite) failed: No such file or                                                                                                    directory
DBG(1)[9773]> PkgRepo: need forced update of OPNsense
DBG(1)[9773]> Pkgrepo, begin update of '/var/db/pkg/repo-OPNsense.sqlite'
DBG(1)[9773]> Fetch: fetching from: http://pkg.opnsense.org/FreeBSD:11:amd64/18.1/libressl/meta.txz with opts "i                                                                                                   "

I can downlad the mentioned meta.txz file using another mashine in the same lan (e.g. using the same router/fw/dns

Title: Re: cant update via gui/cli
Post by: franco on July 11, 2018, 04:10:50 pm

Looks like an IPv6 setup issue.

Try these two...

# ping6 pkg.opnsense.org

# ping pkg.opnsense.org


Cheers,
Franco

Title: Re: cant update via gui/cli
Post by: nines on July 11, 2018, 04:18:03 pm

Code: [Select]

root@OPNsense:/home/shelladmin # ping6 pkg.opnsense.org
ping6: UDP connect: No route to host
root@OPNsense:/home/shelladmin # ping pkg.opnsense.org
PING pkg.opnsense.org (212.32.245.132): 56 data bytes
64 bytes from 212.32.245.132: icmp_seq=0 ttl=54 time=42.443 ms
64 bytes from 212.32.245.132: icmp_seq=1 ttl=54 time=33.263 ms
64 bytes from 212.32.245.132: icmp_seq=2 ttl=54 time=33.601 ms
^C
--- pkg.opnsense.org ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 33.263/36.436/42.443/4.250 ms

in case you are interested

root@OPNsense:/home/shelladmin # ifconfig
vmx0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=60009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,RXCSUM_IPV6,TXCSUM_IPV6>
        ether 00:0c:29:32:22:e3
        hwaddr 00:0c:29:32:22:e3
        inet 192.168.100.253 netmask 0xffffff00 broadcast 192.168.100.255
        inet6 fe80::20c:29ff:fe32:22e3%vmx0 prefixlen 64 scopeid 0x1
        nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
        media: Ethernet autoselect
        status: active


Title: Re: cant update via gui/cli
Post by: franco on July 11, 2018, 04:27:00 pm

Yes, go to Interfaces: [WAN], set IPv6 to "none", save and apply.

That should fix it.


Cheers,
Franco

Title: Re: cant update via gui/cli
Post by: nines on July 11, 2018, 04:54:32 pm

It's already set to "none" on all interaces :/

Title: Re: cant update via gui/cli
Post by: franco on July 11, 2018, 06:03:58 pm

Oh, okay, then set "Prefer IPv4 over IPv6" in System: Settings: General.


Cheers,
Franco

Title: Re: cant update via gui/cli
Post by: nines on July 11, 2018, 06:52:30 pm

already set too! Doesnt make a difference

Title: Re: cant update via gui/cli
Post by: franco on July 11, 2018, 07:08:12 pm

Something is definitely off here...

# fetch -v http://pkg.opnsense.org/FreeBSD:11:amd64/18.1/libressl/meta.txz

What does this print?

Title: Re: cant update via gui/cli
Post by: nines on July 11, 2018, 07:13:24 pm

interesting:

Code: [Select]

root@OPNsense:/tmp # fetch -v http://pkg.opnsense.org/FreeBSD:11:amd64/18.1/libressl/meta.txz
resolving server address: pkg.opnsense.org:80
^Cfailed to connect to pkg.opnsense.org:80
fetch: transfer interrupted

<- never replies with an ip


root@OPNsense:/tmp # ping pkg.opnsense.org
PING pkg.opnsense.org (212.32.245.132): 56 data bytes
64 bytes from 212.32.245.132: icmp_seq=0 ttl=54 time=36.669 ms
64 bytes from 212.32.245.132: icmp_seq=1 ttl=54 time=33.050 ms
^C
--- pkg.opnsense.org ping statistics ---
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 33.050/34.859/36.669/1.809 ms


Title: Re: cant update via gui/cli
Post by: franco on July 11, 2018, 07:22:24 pm

So, err...

# cat /etc/resolv.conf


Cheers,
Franco

Title: Re: cant update via gui/cli
Post by: nines on July 11, 2018, 07:23:24 pm

Code: [Select]

root@OPNsense:/tmp # cat /etc/resolv.conf
domain unimatrix01.local
nameserver 192.168.254.251
nameserver 1.1.1.1

but it doenst make difference if I switch them around or use a completely new one

Title: Re: cant update via gui/cli
Post by: franco on July 11, 2018, 07:30:21 pm

Do you have "Do not use the DNS Forwarder/Resolver as a DNS server for the firewall" set under System: Setting: General? If yes, does toggling this help?


Cheers,
Franco

Title: Re: cant update via gui/cli
Post by: nines on July 11, 2018, 07:37:54 pm

yes I've set this to enabled but toggling it doesnt make a difference -_-

Title: Re: cant update via gui/cli
Post by: franco on July 11, 2018, 08:22:04 pm

Sorry, out of ideas... There is probably an obvious reason, but we have tried all usual suspects within OPNsense. :(

Title: Re: cant update via gui/cli
Post by: franco on July 13, 2018, 12:10:11 pm

This turned out to be an update to ESXi from 6.5 to 6.7 which seemed to have enabled LRO/TSO and caused packets to be sent out with a corrupt checksum for the OPNsense guest.


Cheers,
Franco