Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
haproxy won't start after WAN IP change
« previous
next »
Print
Pages: [
1
]
Author
Topic: haproxy won't start after WAN IP change (Read 415 times)
mgeoffriau
Newbie
Posts: 12
Karma: 0
haproxy won't start after WAN IP change
«
on:
October 11, 2024, 04:05:41 pm »
Alright, seriously need some help, been banging my head against the wall on this yesterday. Will try to break it down as clearly as possible.
Background: I have haproxy routing traffic to a few resources inside my network. My original config had the front ends bound to the WAN IP address on ports 80 and 443 (and the opnsense web UI available locally on the private IP on ports 80/443). Running OPNsense 24.7.4 currently but the haproxy config has been in place for a while now.
Apparently, something happened with my internet provider the night before last and my WAN IP changed (unbeknownst to me). I noted those internal resources were down from external traffic (I have freshping monitors pointed at them) but it was nothing critical so I waited till yesterday to investigate.
First thing I noticed was that haproxy wasn't running. When I would start the service from the UI, it would spin for a moment, then just return to stopped status. Then I noticed the WAN IP was different, so I did the following:
Updated my HTTP and HTTPS front ends in haproxy to bind to the new WAN IP on ports 80 and 443 respectively.
Updated the public DNS records for those internal resources in Route53 to point to the new public IP (I previously had this setup to update automatically, but was caught out by the drop in support for dyndns and haven't set up a ddclient replacement yet).
I thought that would be it, but nope...haproxy service still fails to start. Nothing writing to the haproxy log either. Did some reading, seeing suggestions to try binding to 0.0.0.0 instead. Try that, whoops locked myself out of the web UI due to the port conflict.
SSH in, kill haproxy, log back into the web UI, change the web UI port to 4443, try restarting haproxy with the front ends bound to 0.0.0.0 again. Yay, haproxy starts! But...my freshping monitors don't come back up, and I can't hit those internal resources from outside either.
Did some more reading, checked the port bindings, noted that the opnsense web UI was still binding to port 80, and thought maybe that was an issue. Disabled the HTTP redirect option in opnsense, confirmed it was no longer binding to port 80, bounced the haproxy service, still no traffic reaching the internal resources. Tried rebinding back to the (new) WAN IP just to see if the other changes I'd made would allow the service to start, but no, back to the service failing to start (and still nothing writing to the haproxy log).
To summarize, after a WAN IP change, I am stuck between two nonfunctional configs:
Binding to the new WAN IP, the haproxy service fails to start
Binding to 0.0.0.0, the haproxy service starts but no traffic appears to be successfully routed to those internal resources
Appreciate any thoughts on what to look at or investigate next. I can share my cfg file here if that will help.
Logged
mgeoffriau
Newbie
Posts: 12
Karma: 0
Re: haproxy won't start after WAN IP change
«
Reply #1 on:
October 11, 2024, 11:41:16 pm »
Finally figured it out. Stepped back, reread my post, and went back to review the basics.
Wrong IP was copied, didn't match the actual IP of the interface. Fixed that, it's working again.
When your eyes are crossing, take a break and start from step 1.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
haproxy won't start after WAN IP change