OPNsense upgrade failure with Zenarmor (23.1.7)

Started by rfc805, May 16, 2023, 08:25:19 PM

Previous topic - Next topic
Print
Go Down Pages 1 2 3
User actions
June 02, 2023, 04:36:49 PM #15
Submitted a bug, got a blow off "we can't reproduce, go away" response.  Meh - think it's best to just avoid using Zenarmor in the future.
June 02, 2023, 06:14:39 PM #16
Hi,

Can you share the ticket ID? It could be a misunderstanding. We try to solve the issue via remote session if we can not reproduce it.
June 02, 2023, 06:35:39 PM #17
How would you solve the issue via a remote session for an upgrade failure?  Doesn't make much sense in the approach. 

I understand it as a general policy to troubleshooting, but can't see how it's relevant for this one.

It's also a bit of an uncomfortable approach with a firewall device.
June 13, 2023, 11:43:29 AM #18 Last Edit: June 13, 2023, 12:10:34 PM by almodovaris
I cannot get crash dumps, but every time I reinstall Zenarmor I get a kernel panic after Application category migration... done.

Panic happens each and every time I install Zenarmor, even if I had cleaned its every trace before reinstalling it.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
June 14, 2023, 03:11:06 PM #19
Hi Almodovaris,

Could you share the kernel panic message and the zenarmor* files under /tmp/ folder with the Zenarmor team?

Bests
June 14, 2023, 04:33:49 PM #20
Had this as well, intel nics.  This has happened on these nics for over a year, I did reach out to support who did offer to remote in, which is hard to do when interfaces are all down ;) I uninstalled, but have you tried emulated mode? Ive heard emulated is pretty stable now...
June 14, 2023, 07:05:36 PM #21
This happens before eastpect is even started.

I get a kernel panic and OPNsense reboots. There is nothing about kernel panic in /tmp. /tmp is volatile. If you show me how to capture Proxmox console, I can share the output, there are many pages of errors.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
June 14, 2023, 07:31:55 PM #22 Last Edit: June 14, 2023, 07:33:59 PM by almodovaris
Okay, made /tmp and /var stick. Still no logs in /usr/local/sensei/support/crash_dumps or /var/crash.

Nothing interesting in /tmp either. Nor in /var/log .
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
June 14, 2023, 09:05:16 PM #23
https://youtu.be/dRZDPivYrDA

At 01:30 begins the action.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
June 15, 2023, 12:15:31 AM #24
Hi,

It is crashing when tries to stop the engine. Can you try to remove /usr/local/sensei folder and kill all easpect process?
June 15, 2023, 02:11:16 PM #25
Already did that, several times. I had reinstalled Zenarmor after deleting its every folder and rebooting OPNsense before installing it. I still had the same crash.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
June 15, 2023, 03:37:41 PM #26
Hi,

Is there a chance to share screen video during the fresh install. In the previous video it was crashing while tries to stop Zenarmor engine. I wonder what is the cause of crash in fresh install.


June 15, 2023, 05:00:16 PM #27
Done.

https://youtu.be/QB4WGX-qnh8

Action begins at 01:40.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
June 15, 2023, 07:55:41 PM #28
Hi @almodovaris,

Thanks for the video. It was very helpful in understanding what's going on.

It looks like the crash is indeed caused by the 'sysctl' binary while trying to update net.inet.ip.intr_direct_queue_maxlen sysctl value.

Although the crash is not directly caused by zenarmor per se; something along the package install path seems to be triggering an operating system bug leading to an OS panic.

We're trying to reproduce this on our environment.
June 16, 2023, 01:26:43 AM #29
Well, it's not hard to reproduce on an APU2E4.
OPNsense HW:

Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
Print
Go Up Pages 1 2 3
User actions