Commit-confirm/delayed reload?

Started by hbmnyc, April 22, 2017, 06:22:04 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 22, 2017, 06:22:04 PM Last Edit: April 22, 2017, 09:00:49 PM by hbmnyc
(Sorry if this is a faq, I did search forum and docs, but didn't find anything.)

Does opnsense currently have, or are there plans to implement, a "scheduled roll-back" feature, similar to Ubiquiti's commit-confirm, ciscos delayed reload (in connection with separation between running and saved config), or even solaris's boot environments?  For remote management of devices without lom, it's an invaluable feature.

Thanks!
April 22, 2017, 07:46:05 PM #1
not exactly F but is an AQ ;-)

https://forum.opnsense.org/index.php?topic=4407.msg16580

Bart...
May 07, 2017, 03:43:16 AM #2
On Cisco gear, I rely heavily on "reload in X" and "reload cancel".

In short, when I have some big change to make on something with no OOB access, I'll do the following:


  • take a good guess at how long I need to make the change and what the max outage I'll accept is - in this example, 10 minutes
  • make sure my current config is saved (local and remote)
  • type "reload in 10"
  • set my phone timer to 9 minutes
  • make my changes
  • verify changes, watch traffic levels, watch for alerts, etc.
  • type "reload cancel"
  • save changes
In that scenario, if something went wrong with my changes, the scheduled reboot would bring me back to my original config, saving my ass, since I don't save the confing until the changes are verified.

Is there any way to replicate this behavior?  If you had some type of "relaod in X" equivalent in the GUI, I imagine the following could happen:


  • In your config section you select a time and hit start on the "reload in X" feature
  • All pages show a small alert/banner/whatever indicating that any changes being made are not written to the bootup config and that the firewall will reboot in X minutes. Some options to cancel/quit/revert are in the banner as well
  • You make some changes and all is well, you cancel the process and are prompted to either save the running config or revert to the config from when the "reload in X" was started - you're done, exit
  • You make some changes and get locked out
  • In X minutes, the shutdown process starts and the config saved when "reload in X" was activated is moved into place over the current config file
  • System reboots in X minutes, you login and try to figure out how you broke things

That would be awesome to have on opnsense.  On the Cisco platform, that has saved me a number of times.
May 08, 2017, 06:57:36 AM #3
Some pages do a save/apply split, namely firewall rules, interfaces, VPNs and other services. It's not perfect but it's something. The bigger question is if this was to be improved how would that look in practice? And I don't mean how Ubiquiti/Cisco works now, but how we can add something in a limited time frame that works on the code that we have and offers a noticeable improvement?


Cheers,
Franco
May 12, 2017, 11:21:17 PM #4
Quote from: franco on May 08, 2017, 06:57:36 AM
Some pages do a save/apply split, namely firewall rules, interfaces, VPNs and other services. It's not perfect but it's something. The bigger question is if this was to be improved how would that look in practice? And I don't mean how Ubiquiti/Cisco works now, but how we can add something in a limited time frame that works on the code that we have and offers a noticeable improvement?

How about autosaved config snapshots and an easy way to select them on boot from the console?  More fancy would be a "nextboot" option that says regardless of any changes, on next boot, roll back to snapshot-xxx.  Combine that with typing "shutdown" with a time delay in the ssh shell and you have *something*.

Even simpler, how about a single snapshot of a known-good config?  And a watchdog that will load that config if internet access is not detected in X minutes?
Print
Go Up Pages1
User actions