21.7.5 up to 21.7.6 The previously stable system was completely broken.

[wuwzy]

The previously stable system was completely broken.
Irregularly, the WEN port will be displayed as offline, with a red warning.
This is really a life-threatening upgrade.
How do I return to 21.7.5?

[franco]

Can you be more specific please.


Thanks,
Franco

[chemlud]

If you use suricata IPS I would try

https://forum.opnsense.org/index.php?topic=25750.msg124258#msg124258

first...

[wuwzy]

Thanks for replying, I read your other related content, our question should be the same. I am summing up your experience and try another round. If there are results, I will report to you.

https://forum.opnsense.org/index.php?topic=25750.msg124258#msg124258

[wuwzy]

If you use suricata IPS I would try

https://forum.opnsense.org/index.php?topic=25750.msg124258#msg124258

first...

Thanks for replying,

[franco]

For anyone else wondering: no, this is not how to report an issue. It's impossible to support.


Cheers,
Franco

[wuwzy]

After several days of testing, so far, it is still normal.
The problem is that there is no prompt for this crash, and I don't know how to describe it. The symptom is that the WAN port will go offline after a while. After restarting, it will be offline again after a period of time (the length of time may not be).
I refer to the reply from the enthusiastic chemlud above. I made a little change because I need IPS and cannot make IPS not work.
My approach is to remove the WAN from the IPS monitoring network card and only monitor other network cards. So far, everything looks normal.
I hope that friends who have the same problem can help you. Thanks again.

[wuwzy]

Can you be more specific please.


Thanks,
Franco

thanks Franco.. look here.

https://forum.opnsense.org/index.php?topic=25968.0

Thanks. 

[franco]

Don't use VLAN interfaces in IPS mode, or get someone who will tell you not to do it that you will listen to.


Cheers,
Franco

[pmhausen]

Just for the record: IDS/Alert only works fine with VLANs.

[franco]

True. It seems to be getting harder and harder to sift through unstructured reports that also don't know the difference of IDS/IPS, ignore documentation and best practice and don't search for previous forum advice.


Cheers,
Franco

[wuwzy]

Don't use VLAN interfaces in IPS mode, or get someone who will tell you not to do it that you will listen to.


Cheers,
Franco

BOOS, i no have setup VLAN.  only use IPS to WEB LAN.

[wuwzy]

True. It seems to be getting harder and harder to sift through unstructured reports that also don't know the difference of IDS/IPS, ignore documentation and best practice and don't search for previous forum advice.


Cheers,
Franco

Report to the boss again. Remove the WAN port from the IPS list. The WAN port is no longer offline. It has been 5 days now. Everything returned to calm.