ZeroTier interface nuked.

[Cavallo]

OK - so I updated my 20.7 to the latest this morning, which handily cleared up my issues with ClamAV, but an odd thing happened.

My ZeroTier interface was down after the update. I noticed this hours later, since my workday had me inside our LAN, and I had no need of ZT. I saw nothing much in the logs. I tried restarting the service. I tried deactivating/reactivating the interface itself. When I did this, I noticed that my assignment (named ZT1) appeared to be assigned to a physical interface on my 4-port NIC, not to the ZT software interface. "Prevent interface removal" was still checked. VERY odd. I wish I'd had the presence of mind to screen shot it. Next, I checked all the settings under VPN for ZT. Either it was a coincidence, or something I did there brought it back up. Not sure which. So, the Dashboard showed the interface was up. The assignment pointed to a ZT interface, but nothing worked. There was no IP assigned. I checked ZeroTier Central, and it said the box hadn't been seen since about the same time as my updates, so that tracked. It was then that I noticed ZT on the OPNSense box suddenly had a completely different node ID, as if it had been set up from scratch. I had to go to ZT Central, remove all trace of the old auth and assignments, and authorize/configure this new node ID.

It's all working fine now, but YIKES. Hopefully this won't be a pattern. We pay for and rely on ZT. It may not have been the biggest, but it was still a significant factor in choosing OPNSense. I'm kind of worried about doing the next update now. I certainly won't try to do it remotely.

Has anyone else had this happen? Is there something I can do to avoid having to completely reconfigure ZT after every update?

[Cavallo]

I think I know what happened. I'm using mfs for var and tmp to spare my SSD from being trampled by a Squid. Looks like ZT stores config in /var/db, so I guess I would expect it to be completely obliterated on every reboot. Sigh. Time to get creative...