1771
20.7 Legacy Series / Re: Update 20.7.6 to 20.7.7 Update ERR_SSL_PROTOCOL_ERROR
« on: December 22, 2020, 05:53:51 pm »
Then just wait a week or so
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Are their any plans for some kind of on-board rollback to an update so when faced with even worse, no Internet, then we can get back working? I don't have the luxury of stand-by devices or the ability to run VM versions with snapshots. Had my Internet been inaccessible I would have be royally screwed as my mobile access is next to nothing here, and mostly sub-3G which did fortunately work on this occasion to find this thread - without Internet trying to find help is a nightmare.
The gateway log is full of this now:
(the gw is fine, i do a ping test all the time from my control machine, not a single packet loss or higher latency ping)
This was not happened with 20.7.6
Affected multiple opnsense in my company. The affected systems are: vmware VM with vmxnet, pcengine APU box with igb
Attached the screenshot, everything was unchecked except ipv6, now i checked the sticky connections and the disable the state killing feautre. With the disabled gateway monitoring and this two checked options the firewall is working fine now. The problematic system's where we have multiple gw with load balancing. These are broken.
2020-11-23T14:25:02 dpinger[8525] GW_WAN <redacted>: Clear latency 304us stddev 71us loss 5%
2020-11-23T14:23:53 dpinger[57575] GATEWAY ALARM: GW_WAN (Addr: <redacted> Alarm: 1 RTT: 271ms RTTd: 53ms Loss: 22%)
2020-11-23T14:23:53 dpinger[8525] GW_WAN <redacted>: Alarm latency 271us stddev 53us loss 22%
2020-11-23T14:22:18 dpinger[29789] GATEWAY ALARM: GW_WAN (Addr: <redacted> Alarm: 0 RTT: 2538ms RTTd: 16750ms Loss: 5%)
2020-11-23T14:22:18 dpinger[8525] GW_WAN <redacted>: Clear latency 2538us stddev 16750us loss 5%
2020-11-23T14:21:21 dpinger[20904] GATEWAY ALARM: GW_WAN (Addr: <redacted> Alarm: 1 RTT: 288ms RTTd: 53ms Loss: 22%)
2020-11-23T14:21:21 dpinger[8525] GW_WAN <redacted>: Alarm latency 288us stddev 53us loss 22%
2020-11-05T17:14:27 dpinger[73947] GATEWAY ALARM: GW_WAN (Addr: <redacted> Alarm: 0 RTT: 343ms RTTd: 274ms Loss: 5%)
2020-11-05T17:14:27 dpinger[8525]
In the meantime i did reinstall a simple 20.7 and skip any further update. Reenabled gw monitoring and revert all settings back to what was like. No issues. Upgraded to 20.7.7_1, issues again. So something is wrong either with the dpinger or the ethernet kernel module. Hope i can help.
You always create a rules close to the source direction inbound. Just Like the default accept rules on LAN. When you already accept there, too late to block outbound on WAN