1
19.7 Legacy Series / Traffic from backup node getting "No route to host" after upgrading to 19.7.x
« on: August 29, 2019, 12:11:54 pm »
I run a high availability setup with two OPNsense firewalls in failover mode. Each node only has a single WAN interface.
Yesterday, I decided to upgrade to 19.7.x (I was on 19.1.10), and like I usually do I start with the backup node. The first jump to 19.7 went fine, but when the upgrade was finished and the system had rebooted, and I tried to do the minor update to 19.7.3, I got "No address record found for the selected mirror.". I tried multiple different mirrors but with the same result. I eventually discovered that the system could not resolve DNS, and I then tried pinging 8.8.8.8 and I got "No route to host".
On Twitter @opnsense hinting at it being a multi-WAN issue that was fixed in 19.7.3, so eventually I ended up setting up a local OPNsense mirror, and having my backup node get the update from there, which installed fine. But after it had finished and rebooted, the problem persisted.
I have not yet upgraded the primary node, because if this problem were to also occur on that one, then I would bring myself into deep doo-doo.
What could be causing this? I saw something about gateway issues in other posts, and I tried enabling the option "Disable Force Gateway" under Firewall > Settings, but that did not resolve the issue.
Yesterday, I decided to upgrade to 19.7.x (I was on 19.1.10), and like I usually do I start with the backup node. The first jump to 19.7 went fine, but when the upgrade was finished and the system had rebooted, and I tried to do the minor update to 19.7.3, I got "No address record found for the selected mirror.". I tried multiple different mirrors but with the same result. I eventually discovered that the system could not resolve DNS, and I then tried pinging 8.8.8.8 and I got "No route to host".
On Twitter @opnsense hinting at it being a multi-WAN issue that was fixed in 19.7.3, so eventually I ended up setting up a local OPNsense mirror, and having my backup node get the update from there, which installed fine. But after it had finished and rebooted, the problem persisted.
I have not yet upgraded the primary node, because if this problem were to also occur on that one, then I would bring myself into deep doo-doo.
What could be causing this? I saw something about gateway issues in other posts, and I tried enabling the option "Disable Force Gateway" under Firewall > Settings, but that did not resolve the issue.