Show Posts
1
24.1 Legacy Series / [SOLVED] Really strange routes change after 24.1.9 upgrade
« on: July 16, 2024, 11:14:19 pm »
Hello
I tested upgrade from 24.1.6 to 24.1.9.
After reboot, from the LAN, I was't able to log in. Normal : I was unable to ping the LAN OPNsense fw interface from the LAN.
Well, as the FW is VM hosted, I connected to the console to debug this issue. The interfaces state and setup seemed OK, without any change. I pinged the LAN router interface : OK !
Well, I checked the routes with an HUGE surprise. Totally incomprehensible for me !
The FW has 3 interfaces :
#5 LAN (hn0) : 90.0.90.2
#7 WAN1 (hn2) : X.X.X.X
#8 WAN2 (hn3) : X.X.X.X
--> no change
Note : the routing is only static : no RIP, no OSPF, no BGP !
Behind the LAN interface, there's a router with 10.x.0/24 subnets that are statically declared in OPNsense FW, with the 90.0.90.2 next-hop address. The router address : 90.0.90.1/24 for the OPNsense side, 10.0.1.1/24 for one LAN subnet side.
Lets take a look at the routing table in 24.1.6 :
90.0.90.0/24 link#5 U hn0
90.0.90.2 link#5 UHS lo0
10.0.1.0/24 90.0.90.1 UGS hn0
10.0.2.0/24 90.0.90.1 UGS hn0
etc.
And now the routing table after 24.1.9 :
90.0.90.0/24 link#5 UGS hn0
90.0.90.2 10.0.1.1 UHS hn0 !!!!!
90.0.90.0/24 10.0.1.1 UGS hn0 !!!!!!
10.0.1.1 link#5 UHS hn0 !!!!!!
10.0.1.0/24 10.0.1.1 UGS hn0 !!!!!!
10.0.2.0/24 10.0.1.1 UGS hn0 !!!!!!
etc.
I don't have a single idea where OPNsense got the 10.0.1.1 address : it doesn't exist in its settings !!!!!! (well, to be precise, it exists one time, in an alias content definition)
An why this mess inside the routing table
!!!
I change/delete the routes and I could connect to OPNsense which has worked normally after that.
As a precaution, I made a failback to 24.1.6, the time to understand what was wrrong !
Thank you in advance for yours lights !
I tested upgrade from 24.1.6 to 24.1.9.
After reboot, from the LAN, I was't able to log in. Normal : I was unable to ping the LAN OPNsense fw interface from the LAN.
Well, as the FW is VM hosted, I connected to the console to debug this issue. The interfaces state and setup seemed OK, without any change. I pinged the LAN router interface : OK !
Well, I checked the routes with an HUGE surprise. Totally incomprehensible for me !
The FW has 3 interfaces :
#5 LAN (hn0) : 90.0.90.2
#7 WAN1 (hn2) : X.X.X.X
#8 WAN2 (hn3) : X.X.X.X
--> no change
Note : the routing is only static : no RIP, no OSPF, no BGP !
Behind the LAN interface, there's a router with 10.x.0/24 subnets that are statically declared in OPNsense FW, with the 90.0.90.2 next-hop address. The router address : 90.0.90.1/24 for the OPNsense side, 10.0.1.1/24 for one LAN subnet side.
Lets take a look at the routing table in 24.1.6 :
90.0.90.0/24 link#5 U hn0
90.0.90.2 link#5 UHS lo0
10.0.1.0/24 90.0.90.1 UGS hn0
10.0.2.0/24 90.0.90.1 UGS hn0
etc.
And now the routing table after 24.1.9 :
90.0.90.0/24 link#5 UGS hn0
90.0.90.2 10.0.1.1 UHS hn0 !!!!!
90.0.90.0/24 10.0.1.1 UGS hn0 !!!!!!
10.0.1.1 link#5 UHS hn0 !!!!!!
10.0.1.0/24 10.0.1.1 UGS hn0 !!!!!!
10.0.2.0/24 10.0.1.1 UGS hn0 !!!!!!
etc.
I don't have a single idea where OPNsense got the 10.0.1.1 address : it doesn't exist in its settings !!!!!! (well, to be precise, it exists one time, in an alias content definition)
An why this mess inside the routing table
!!! I change/delete the routes and I could connect to OPNsense which has worked normally after that.
As a precaution, I made a failback to 24.1.6, the time to understand what was wrrong !
Thank you in advance for yours lights !