31
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
32
23.1 Legacy Series / Re: Occasional interface flapping on all interfaces
« on: June 04, 2023, 03:33:54 pm »
Finally flapped again, but it's much rarer on the emulated driver. I do see the "eastpack exit code 11" wrapped up in the latest flapping in dmesg. Still can't understand if the flapping is related to Zenarmor crashing or restarting or if the flapping is causing the zenarmor service to suffer.
Here is a snip of the log.
Had some arp issue for the WAN in the log I haven't seen before, not sure if it's related or not. Lot's of the below line spammed in dmesg.
Here is a snip of the log.
Code: [Select]
228.835337 [1173] generic_netmap_attach Emulated adapter for wg0 created (prev was NULL)
228.835361 [1078] generic_netmap_dtor Emulated netmap adapter for wg0 destroyed
228.835421 [1173] generic_netmap_attach Emulated adapter for wg0 created (prev was NULL)
228.957825 [ 321] generic_netmap_register Emulated adapter for wg0 activated
228.960569 [1173] generic_netmap_attach Emulated adapter for ix0 created (prev was ix0)
228.960590 [1070] generic_netmap_dtor Native netmap adapter for ix0 restored
228.960607 [1078] generic_netmap_dtor Emulated netmap adapter for ix0 destroyed
228.960708 [1173] generic_netmap_attach Emulated adapter for ix0 created (prev was ix0)
228.960797 [ 321] generic_netmap_register Emulated adapter for ix0 activated
283.117371 [1173] generic_netmap_attach Emulated adapter for igb1 created (prev was igb1)
283.117394 [1070] generic_netmap_dtor Native netmap adapter for igb1 restored
283.117411 [1078] generic_netmap_dtor Emulated netmap adapter for igb1 destroyed
283.118795 [1173] generic_netmap_attach Emulated adapter for igb1 created (prev was igb1)
283.118850 [ 321] generic_netmap_register Emulated adapter for igb1 activated
pid 19676 (eastpect), jid 0, uid 0: exited on signal 11
101.698911 [ 296] generic_netmap_unregister Emulated adapter for ix0 deactivated
101.698959 [1070] generic_netmap_dtor Native netmap adapter for ix0 restored
101.698976 [1078] generic_netmap_dtor Emulated netmap adapter for ix0 destroyed
115.720185 [1173] generic_netmap_attach Emulated adapter for ix0 created (prev was ix0)
115.720288 [1070] generic_netmap_dtor Native netmap adapter for ix0 restored
115.720371 [1078] generic_netmap_dtor Emulated netmap adapter for ix0 destroyed
115.720605 [1173] generic_netmap_attach Emulated adapter for ix0 created (prev was ix0)
115.721066 [ 321] generic_netmap_register Emulated adapter for ix0 activated
pid 25846 (eastpect), jid 0, uid 0: exited on signal 11
393.730419 [ 296] generic_netmap_unregister Emulated adapter for ix0 deactivated
393.733183 [1070] generic_netmap_dtor Native netmap adapter for ix0 restored
393.733200 [1078] generic_netmap_dtor Emulated netmap adapter for ix0 destroyed
407.026824 [1173] generic_netmap_attach Emulated adapter for ix0 created (prev was ix0)
407.026928 [1070] generic_netmap_dtor Native netmap adapter for ix0 restored
407.027042 [1078] generic_netmap_dtor Emulated netmap adapter for ix0 destroyed
407.027289 [1173] generic_netmap_attach Emulated adapter for ix0 created (prev was ix0)
407.027683 [ 321] generic_netmap_register Emulated adapter for ix0 activated
pid 46025 (eastpect), jid 0, uid 0: exited on signal 11
894.655312 [ 296] generic_netmap_unregister Emulated adapter for ix0 deactivated
894.655371 [1070] generic_netmap_dtor Native netmap adapter for ix0 restored
894.655390 [1078] generic_netmap_dtor Emulated netmap adapter for ix0 destroyed
907.750498 [1173] generic_netmap_attach Emulated adapter for ix0 created (prev was ix0)
907.750606 [1070] generic_netmap_dtor Native netmap adapter for ix0 restored
907.750691 [1078] generic_netmap_dtor Emulated netmap adapter for ix0 destroyed
907.750924 [1173] generic_netmap_attach Emulated adapter for ix0 created (prev was ix0)
907.751373 [ 321] generic_netmap_register Emulated adapter for ix0 activated
igb2: link state changed to DOWN
igb2: link state changed to UP
igb2: link state changed to DOWN
igb2: link state changed to UP
igb2: link state changed to DOWN
igb2: link state changed to UP
ix1: link state changed to DOWN
Had some arp issue for the WAN in the log I haven't seen before, not sure if it's related or not. Lot's of the below line spammed in dmesg.
Code: [Select]
arpresolve: can't allocate llinfo for X.X.X.X on ix1
33
23.1 Legacy Series / Re: No alerts in latest Crowdsec
« on: June 04, 2023, 03:13:59 pm »Worked, thanks!Thanks for the quick patch.Opnsense newbie here. How would I go about applying this patch? Thx!
You'll need to SSH into your OPNsense box, press 8, then simply copy and paste(or type)Code: [Select]opnsense-patch -c plugins b465377760
into your SSH session. Then restart the crowdsec service.
Excellent, you're welcome.
34
23.1 Legacy Series / Re: No alerts in latest Crowdsec
« on: June 04, 2023, 03:02:12 pm »Thanks for the quick patch.Opnsense newbie here. How would I go about applying this patch? Thx!
You'll need to SSH into your OPNsense box, press 8, then simply copy and paste(or type)
Code: [Select]
opnsense-patch -c plugins b465377760
into your SSH session. Then restart the crowdsec service.
35
23.1 Legacy Series / Re: No alerts in latest Crowdsec
« on: June 02, 2023, 02:50:57 pm »
Pro tip: if you manually edited the opnsense.yaml file the patch provided by franco will duplicate the line you manually added and the service will fail to start.
36
23.1 Legacy Series / Re: No alerts in latest Crowdsec
« on: June 02, 2023, 02:44:55 pm »
Thanks for the quick patch.
37
23.1 Legacy Series / No alerts in latest Crowdsec
« on: June 01, 2023, 08:27:44 pm »
I was noticing I'm no longer seeing alerts in Crowdsec. Anyone else noticing this after the latest update?
I found a reddit thread with the same issue was just curious how wide spread this might be or if anyone knew why it might be happening.
https://www.reddit.com/r/CrowdSec/comments/13xd7xf/no_decisions_or_alerts_in_5_days/
I found a reddit thread with the same issue was just curious how wide spread this might be or if anyone knew why it might be happening.
https://www.reddit.com/r/CrowdSec/comments/13xd7xf/no_decisions_or_alerts_in_5_days/
38
23.1 Legacy Series / Re: Occasional interface flapping on all interfaces
« on: May 31, 2023, 02:51:08 pm »
Doubt anyone is following along, but I've now went the longest period of time in ages without any interface flapping after moving fully to the emulated driver. I'm up roughly a week now, where before I rarely made it 24 hours. Will continue to monitor but so far this looks promising.
39
23.1 Legacy Series / Re: Occasional interface flapping on all interfaces
« on: May 24, 2023, 06:37:21 pm »
Well... removing wireguard to try and use only the native netmap driver didn't correct the issue. I guess let's try using emulated for everything, maybe the emulated driver fixes will help me here.
40
23.1 Legacy Series / Re: Occasional interface flapping on all interfaces
« on: May 22, 2023, 09:33:06 pm »
As a test I'm going to remove my wireguard interface so that the emulated driver isn't being used, that way only the native driver is being utilized. I don't know that will fix anything but will help narrow down why this became so frequent of late. I'm not sure if it was the implementation of wireguard or the latest update, but it's become a nearly daily occurrence now.
41
23.1 Legacy Series / Re: Occasional interface flapping on all interfaces
« on: May 22, 2023, 09:24:26 pm »
I did run across this post, https://forum.opnsense.org/index.php?topic=26583.0, seems to be nearly identical to my issue. So is the fix to just not run applications needing netmap (i.e., zenarmor, suricata) on interfaces that have vlans trunked? Are there any tunables or best practices to improve this?
42
23.1 Legacy Series / Re: Occasional interface flapping on all interfaces
« on: May 22, 2023, 07:04:05 pm »
This problem is starting to wear on me, anyone have any other thoughts on how to track this down? Currently sitting here waiting on my vlans to come back online, watching the unbound_dhcp service flap, watching interfaces flap. I don't' know what's happening.
43
23.1 Legacy Series / Re: Occasional interface flapping on all interfaces
« on: May 17, 2023, 09:48:44 pm »Yes if the netmap process exists all devices are moved back into non-netmap mode which toggles link-down because some hardware flags are set back to defaults. This is actually netmap trying to disable hardware features in order to be able to read packets correctly.
Cheers,
Franco
I guess the real question in my instance is determining what is causing netmap mode changes. I would assume a change would only cause an up down up, not flapping for 2-3 minutes.
44
23.1 Legacy Series / Re: Occasional interface flapping on all interfaces
« on: May 17, 2023, 09:12:09 pm »As far as I know that is unfortunate behaviour of the adapter detaching to enter or exit netmap mode. Should be the same for native mode.
We were discussing this for the previous project but it didn't match the scope back then.
Depending on how Murat and team view this as an issue to tackle we might start another netmap improvement round. But I'm just theorizing here.
Cheers,
Franco
Do I understand this to mean this is expected behavior when a service using netmap restarts or has an issue?
45
23.1 Legacy Series / Re: Occasional interface flapping on all interfaces
« on: May 17, 2023, 05:13:14 pm »
Since I have Zenarmor on my Wireguard interface any chance this is just a bug with the emulated netmap driver? Any thoughts on better logging or another place I an look for more detail?