1
20.7 Legacy Series / Issues with upgrade 20.7.1 -> 20.7.2
« on: September 22, 2020, 02:02:17 pm »
We had a cluster with meshed ipsec running between two locations. The setup was easy and worked without issues on 20.7.1.
Setup is like. 2 ha nodes on location A and 2 ha nodes on location B. Between each a transport ipsec connection.
So A1 - B1, A1 - B2, A2 - B1 and A2 - B2. These ipsec transport "tunnels" protected GRE tunnel over which routed traffic ran. With gateway detection (dping) and gateway groups.
This worked till I upgraded the A site to 20.7.2. The ipsec config still worked but gre was broken. Also rebuilding config from scratch does not work any more. I noticed during the rebuild that GRE interface now adds automatic a gateway and gateway detection does not work. Also the web interface and shell disconnects when creating this.
On B location the GRE tunnel creation does not cause any hickups or disconnects and does not create a gateway entry in system - gateways.
In the change log I could not find any reverence to change this. Am i missing the clue bat or is this type of setup not supported any more?
Setup is like. 2 ha nodes on location A and 2 ha nodes on location B. Between each a transport ipsec connection.
So A1 - B1, A1 - B2, A2 - B1 and A2 - B2. These ipsec transport "tunnels" protected GRE tunnel over which routed traffic ran. With gateway detection (dping) and gateway groups.
This worked till I upgraded the A site to 20.7.2. The ipsec config still worked but gre was broken. Also rebuilding config from scratch does not work any more. I noticed during the rebuild that GRE interface now adds automatic a gateway and gateway detection does not work. Also the web interface and shell disconnects when creating this.
On B location the GRE tunnel creation does not cause any hickups or disconnects and does not create a gateway entry in system - gateways.
In the change log I could not find any reverence to change this. Am i missing the clue bat or is this type of setup not supported any more?