This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM - adding a NIC causes strange problem

Hi,

Long time lurker here...

I tried adding a NIC to my Sophos UTM running under vSphere ESXi 5.1, and that pretty much killed the firewall. I managed to bring it back up by deleting recently added NIC, but the behavior is definitely strange. So now to the explanation of what I observed:

1. Current config: 3 NICs VMXNET3 (eth0, eth1, eth2)

2. Added 4th NIC VMXNET3, rebooted the firewall - eth2 disappeared, new NIC shows up as eth3. So ended up with eth0, eth1, eth3. Firewall is dead.

3. Analyzed boot messages in the log. Here is where it gets funky:

vmxnet3 0000:04:00.0 eth0: NIC Link is Up 10000 Mbps
vmxnet3 0000:0b:00.0 eth1: NIC Link is Up 10000 Mbps
vmxnet3 0000:13:00.0 eth2: NIC Link is Up 10000 Mbps

so it does detect eth2. Then it detects a new NIC eth3

vmxnet3 0000:1b:00.0 eth3: NIC Link is Up 10000 Mbps

and things go haywire:

irqd[3642]:  eth0 ether (mac address of eth0) <broadcast,multicast> group 0
irqd[3642]:  rename3 (mac address of eth2) <broadcast,multicast> group 0
irqd[3642]:  eth1 ether (mac address of eth1) <broadcast,multicast> group 0
irqd[3642]:  eth3 ether (mac address of eth3) <broadcast,multicast> group 0

Ethernet adapter eth2 gets the name "rename3" and doesn't show up under adapters list in Sophos.

Any Linux gurus who know how to fix it? I'd like to avoid rebuilding the firewall if possible.



This thread was automatically locked due to age.
Parents
  • Hi and welcome to the UTM Community!

    This "smells" like a VMware problem to me.  You might make backups of your VMs and re-install VMware.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Hi,

    Actually Sophos problem, surprise surprise...

    Rebuild the FW, restored from backup, and it detected all NICs.

    The question why it renames the existing NIC when adding a new one remains a mystery...

  • This may answer the question as I've had this problem before.

    Linux (erego Sophos UTM) assigns eth# based on Mac addresses in a hexadecibetical order so adding the new vNIC may have shifted the NIC ordering. If you CLI on the UTM, this guide by NetworkGuy may still apply and you can then see what VMWare and Linux have decided to do with the new NIC.

    https://networkguy.de/?p=577

    You may have to re-assign the old eths back to their old NICs.

     I remember a Sophos guy saying that old guide was not possible anymore but was brought back to be possible to re-order NICs, is this still the case?

    Emile

Reply
  • This may answer the question as I've had this problem before.

    Linux (erego Sophos UTM) assigns eth# based on Mac addresses in a hexadecibetical order so adding the new vNIC may have shifted the NIC ordering. If you CLI on the UTM, this guide by NetworkGuy may still apply and you can then see what VMWare and Linux have decided to do with the new NIC.

    https://networkguy.de/?p=577

    You may have to re-assign the old eths back to their old NICs.

     I remember a Sophos guy saying that old guide was not possible anymore but was brought back to be possible to re-order NICs, is this still the case?

    Emile

Children