Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Permit Interface removal
« previous
next »
Print
Pages: [
1
]
Author
Topic: Permit Interface removal (Read 1245 times)
mtelle
Newbie
Posts: 4
Karma: 0
Permit Interface removal
«
on:
February 01, 2023, 04:41:48 pm »
I have a problem with the topic "permit interface removal".
I expect with the selection of this box the interface will not be removed - the ip4 and ip6 will still exist.
On this Interface (LAN) I have 1 pc connected - if the pc is on I have on this interface my ip's without problem.
If I turn off the pc, the ip's from this interface will be removed, and all services bound to this interface are not working! This only happens with version 23.1!
With opnsense version 22.x the ip's are still alive (with pc turned off or on) - is this an bug?
Regards, Martin
Logged
franco
Administrator
Hero Member
Posts: 17669
Karma: 1612
Re: Permit Interface removal
«
Reply #1 on:
February 01, 2023, 04:50:39 pm »
Prevent interface removal will skip over interfaces that are not in the system anymore instead of doing a full recovery. Stripped IP addresses point to custom tunables as reported by others for 23.1...
Cheers,
Franco
Logged
mtelle
Newbie
Posts: 4
Karma: 0
Re: Permit Interface removal
«
Reply #2 on:
February 01, 2023, 05:26:35 pm »
Sorry - I do not understand, and nevertheless thanks for your help Franco...
If you mean an reset to the tunables (system:setting) with the right trash icon - this did not solve the problem.
This opnsense is an update from the latest 22.7 (I think) to 23.1_6. On the 22.7 version, and before, everything was fine, the 1. problem was with 23.1...
And, that is really a problem, every service bound to this ip is not working if the pc connected to opnsense on this interface is down - for example unbound.
Martin
Logged
franco
Administrator
Hero Member
Posts: 17669
Karma: 1612
Re: Permit Interface removal
«
Reply #3 on:
February 02, 2023, 09:44:32 am »
Hi Martin,
First I need to understand the problem. Disappearing IP points to bad manual tunables, but it could be something else. For this to make sense we need logs and good and bad state of the firewall to inspect, e.g. ifconfig output.
Cheers,
Franco
Logged
mtelle
Newbie
Posts: 4
Karma: 0
Re: Permit Interface removal
«
Reply #4 on:
February 03, 2023, 07:15:25 am »
I tried to solve the problem - with no success.
I have now build a fresh installation 23.1 with an old board with 4 interfaces. No additional configuration.
next steps: update to 23.1_6, setup 1 ip to every interface (4 interfaces), setting the LAN interface as default gw. Only the LAN interface is connected.
Now the test, reboot the system. ifconfig shows 4 interfaces with the corresponding ip - fine. Now I unplug the LAN interface and put it in another port -> the ip of the LAN is away! Same, if I unplug the new port and put it into LAN, the LAN ip goes up, and the "new port" ip goes away.
I have tried to solve the issue with selecting the button "prevent interface removal" in the interface section for all interfaces - no change.
ifconfig (after reboot, connected LAN):
igb0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=4802028<VLAN_MTU,JUMBO_MTU,WOL_MAGIC,NOMAP>
ether 00:0d:b9:4e:88:00
inet 192.168.20.101 netmask 0xffffff00 broadcast 192.168.20.255
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb1: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: WAN (wan)
options=4802028<VLAN_MTU,JUMBO_MTU,WOL_MAGIC,NOMAP>
ether 00:0d:b9:4e:88:01
inet 192.168.80.101 netmask 0xffffff00 broadcast 192.168.80.255
media: Ethernet autoselect
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
...
and ifconfig after unplug LAN and put to igb1:
igb0: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: LAN (lan)
options=4802028<VLAN_MTU,JUMBO_MTU,WOL_MAGIC,NOMAP>
ether 00:0d:b9:4e:88:00
media: Ethernet autoselect
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
igb1: flags=8863<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
description: WAN (wan)
options=4802028<VLAN_MTU,JUMBO_MTU,WOL_MAGIC,NOMAP>
ether 00:0d:b9:4e:88:01
inet 192.168.80.101 netmask 0xffffff00 broadcast 192.168.80.255
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
...
Attached the corresponding config file (with option "prevent interface removal").
Regards, Martin
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Permit Interface removal