Failure to update from 23

Started by charles.adams, July 16, 2024, 07:36:23 AM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
July 21, 2024, 04:40:30 PM #30
Quote from: doktornotor on July 21, 2024, 08:13:07 AM
See pkg.conf(5)

IP_VERSION
FETCH_RETRY
FETCH_TIMEOUT

Make a backup of /usr/local/etc/pkg.conf and experiments with the settings for your very much broken connectivity.

Setting IP_VERSION = 4 (per the man page should force ipv4 only use) it does not seem to change the results of the connectivity check in option 12 -> 'c' seen below:

Code Select
OPNsense 24.4.1_3 ***

GuestNetworkforWifiDevices (vlan01) -> v4: 192.168.69.1/32
IsolatedNetwork (vlan02) -> v4: 192.168.72.1/24
LAN (igc0)      -> v4: 192.168.1.1/24
WAN (igc1)      -> v4/DHCP4: *****/30

HTTPS: SHA256 ****

  0) Logout                              7) Ping host
  1) Assign interfaces                   8) Shell
  2) Set interface IP address            9) pfTop
  3) Reset the root password            10) Firewall log
  4) Reset to factory defaults          11) Reload all services
  5) Power off system                   12) Update from console
  6) Reboot system                      13) Restore a backup

Enter an option: 12

Fetching change log information, please wait... done

This will automatically fetch all available updates and apply them.

Proceed with this action? [y/N]: c

Checking connectivity for host: opnsense-update.deciso.com -> 89.149.211.205
PING 89.149.211.205 (89.149.211.205): 1500 data bytes

--- 89.149.211.205 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss
Checking connectivity for repository (IPv4): https://opnsense-update.deciso.com/SUBSCRIPTION/FreeBSD:13:amd64/24.4
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 849 packages processed.
All repositories are up to date.
Checking connectivity for host: opnsense-update.deciso.com -> 2001:1af8:4f00:a005:5::
ping: UDP connect: No route to host
Checking connectivity for repository (IPv6): https://opnsense-update.deciso.com/SUBSCRIPTION/FreeBSD:13:amd64/24.4
Updating OPNsense repository catalogue...
pkg: https://opnsense-update.deciso.com/SUBSCRIPTION/FreeBSD:13:amd64/24.4/latest/meta.txz: Non-recoverable resolver failure
repository OPNsense has no meta file, using default settings
pkg: https://opnsense-update.deciso.com/SUBSCRIPTION/FreeBSD:13:amd64/24.4/latest/packagesite.pkg: Non-recoverable resolver failure
pkg: https://opnsense-update.deciso.com/SUBSCRIPTION/FreeBSD:13:amd64/24.4/latest/packagesite.txz: Non-recoverable resolver failure
Unable to update repository OPNsense
Error updating repositories!
Checking server certificate for host: opnsense-update.deciso.com
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R11
verify return:1
depth=0 CN = opnsense-update.deciso.com
verify return:1
DONE

Press any key to return to menu.


The other two options I don't see a way to test until the next BE update is availible?
July 21, 2024, 04:51:02 PM #31
Quote from: charles.adams on July 21, 2024, 04:40:30 PM
Quote from: doktornotor on July 21, 2024, 08:13:07 AM
See pkg.conf(5)

IP_VERSION
FETCH_RETRY
FETCH_TIMEOUT

Make a backup of /usr/local/etc/pkg.conf and experiments with the settings for your very much broken connectivity.

Setting IP_VERSION = 4 (per the man page should force ipv4 only use) it does not seem to change the results of the connectivity check in option 12 -> 'c' seen below:

Code Select
OPNsense 24.4.1_3 ***

GuestNetworkforWifiDevices (vlan01) -> v4: 192.168.69.1/32
IsolatedNetwork (vlan02) -> v4: 192.168.72.1/24
LAN (igc0)      -> v4: 192.168.1.1/24
WAN (igc1)      -> v4/DHCP4: *****/30

HTTPS: SHA256 ****

  0) Logout                              7) Ping host
  1) Assign interfaces                   8) Shell
  2) Set interface IP address            9) pfTop
  3) Reset the root password            10) Firewall log
  4) Reset to factory defaults          11) Reload all services
  5) Power off system                   12) Update from console
  6) Reboot system                      13) Restore a backup

Enter an option: 12

Fetching change log information, please wait... done

This will automatically fetch all available updates and apply them.

Proceed with this action? [y/N]: c

Checking connectivity for host: opnsense-update.deciso.com -> 89.149.211.205
PING 89.149.211.205 (89.149.211.205): 1500 data bytes

--- 89.149.211.205 ping statistics ---
4 packets transmitted, 0 packets received, 100.0% packet loss
Checking connectivity for repository (IPv4): https://opnsense-update.deciso.com/SUBSCRIPTION/FreeBSD:13:amd64/24.4
Updating OPNsense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
OPNsense repository update completed. 849 packages processed.
All repositories are up to date.
Checking connectivity for host: opnsense-update.deciso.com -> 2001:1af8:4f00:a005:5::
ping: UDP connect: No route to host
Checking connectivity for repository (IPv6): https://opnsense-update.deciso.com/SUBSCRIPTION/FreeBSD:13:amd64/24.4
Updating OPNsense repository catalogue...
pkg: https://opnsense-update.deciso.com/SUBSCRIPTION/FreeBSD:13:amd64/24.4/latest/meta.txz: Non-recoverable resolver failure
repository OPNsense has no meta file, using default settings
pkg: https://opnsense-update.deciso.com/SUBSCRIPTION/FreeBSD:13:amd64/24.4/latest/packagesite.pkg: Non-recoverable resolver failure
pkg: https://opnsense-update.deciso.com/SUBSCRIPTION/FreeBSD:13:amd64/24.4/latest/packagesite.txz: Non-recoverable resolver failure
Unable to update repository OPNsense
Error updating repositories!
Checking server certificate for host: opnsense-update.deciso.com
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R11
verify return:1
depth=0 CN = opnsense-update.deciso.com
verify return:1
DONE

Press any key to return to menu.


The other two options I don't see a way to test until the next BE update is availible?

So a question.

For the first variable that @doktornotor suggested, it seems the place to change it per the man page is at "/usr/local/etc/pkg/repos/OPNsense.conf" and pkg.conf located at  /usr/local/etc/pkg.conf as the man page lists IP_VERSION as a variable at both locations? It doesn't explain which variable location is controlling or recommended?
July 21, 2024, 06:07:10 PM #32 Last Edit: July 21, 2024, 06:09:54 PM by doktornotor
There is nothing overriding IP_VERSION in the repo configuration. Also, I would leave those repo files alone, calls for a breakage sooner or later.
July 22, 2024, 09:16:57 AM #33
And let's not make the connectivity audit a benchmark for automatic connectivity as it forces -4 / -6 for pkg for troubleshooting reasons only. ;)


Cheers,
Franco
July 23, 2024, 03:12:52 AM #34
Quote from: franco on July 22, 2024, 09:16:57 AM
And let's not make the connectivity audit a benchmark for automatic connectivity as it forces -4 / -6 for pkg for troubleshooting reasons only. ;)


Cheers,
Franco

Sure, I guess at this point there is nothing I can do besides wait for another update to see if the IP_VERSION variable or the other two are effective?
Print
Go Up Pages 1 2 3
User actions