Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Replies 4 replies
  • Subscribers 5 subscribers
  • Views 1678 views
  • Users 0 members are here
Options
Suggested

Interface rename: Triggers interface "renew" drops everything :-)

twister5800

What feature is impacted?

Internet, thus RED, IPSEC, all connectivity!

What is the severity of the issue? (High, medium, low, minimal)

Low - But you need to know about it.

Summary of the issues:

Observed behavior (What it did or didn’t do):

When you go to Interfaces, to rename it, when you save, it triggers a DHCP release / renew, dropping all traffic for 5 secs.

Desired behavior (How is it expected to or should behave):

When you JUST rename an Interface, there is absolutely no need to do anything else, than rename it :-)

How do we reproduce it (Provide instructions to help us reproduce the behavior):

Try "ping 8.8.8.8 -t", go and rename a Interface, ex. PortB for WAN, press Update, and watch the ping packets.

Other (Any other detail that we need to know about):

No, it would be great to fix this annoying thing.

Supporting logs, pcaps, etc.:

N/A

  • 0

    I can agree it takes a long time to do the simple interface rename 5-10 seconds.

  • 0

    I am not sure but maybe the service network is rebooted...let's see!

  • 0 in reply to lferrara

    It sure looks like's something's restarting ;-)

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v20 Technician

  • +1

    Hi Twister,

    Confirmed, in the networkd log you see the configuration being applied:

    WARNING ; Oct 11 14:58:50 ; ADMIN ; JSON_PARSOR ; Unable to find handler for key: if_config;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; ;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; interface = Port1;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; zonetype = 1;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; zoneid = 1;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; gatewayid = 0;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; gatewayid6 = 0;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; enabled = Yes;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; linktype = Physical;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; mtu = 1500;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; mss = 1460;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; interface_speed = 1000fd;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; mac-address = (null);
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; parent_ifname = ;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; system interface = ;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK ; master = ;
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; Total Interface = 1;
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; interface = Port1;
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; Total IP addresses = 1;
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; address[0] = 10.250.251.1;
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; peeraddr[0] = (null);
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; netmask[0] = 24;
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; family[0] = 0;
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; ip_assignment[0] = 0;
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; scope[0] = 0;
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; sequence[0] = -1;
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; mtu[0] = 1500;
    INFO ; Oct 11 14:58:50 ; ADMIN ; NEIGH ; Total Interface = 0;
    INFO ; Oct 11 14:58:50 ; ADMIN ; DHCPRELAY ; Total Interface = 0;
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK_COMMON ; Command; ethtool -s Port1 speed 1000 duplex full
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK_COMMON ; ioctl: interface 'Port1' group '1';
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK_COMMON ; ioctl: interface 'Port1' nettype '1';
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK_COMMON ; ioctl: interface 'Port1' gateway '0';
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK_COMMON ; ioctl: interface 'Port1' gateway '0';
    INFO ; Oct 11 14:58:50 ; ADMIN ; LINK_COMMON ; Command; ip link set dev Port1 mtu 1500 up
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; IP Command; ip -4 address flush dev Port1
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; IP Command; ip -4 address add 10.250.251.1/24 broadcast + dev Port1 scope global
    Cannot set new settings: Operation not supported
    not setting speed
    not setting duplex
    INFO ; Oct 11 14:58:50 ; ADMIN ; IP ; Reply = '0';
    INFO ; Oct 11 14:58:50 ; ADMIN ; ND_MAIN ; time taken for do_nd_action is 0.000000.;
    INFO ; Oct 11 14:58:50 ; ADMIN ; ND_MAIN ; sending reply: 0;

    And in garner.log:

    MESSAGE Oct 11 14:58:38 [4153906944]: Daemon reconfiguration complete
    MESSAGE Oct 11 14:58:50 [4153906944]: Daemon reconfiguring...
    printing udp input list
    '232' '1414' '1415' '1416' '1417' '2929'
    MESSAGE Oct 11 14:58:52 [4127058752]: do_reconfig_sysconfig: called
    ERROR Oct 11 14:58:52 [4127058752]: sync_zone: received zone string[wan:Port2#WAN].
    ERROR Oct 11 14:58:52 [4127058752]: sync_zone: received zone string[wan:Port2#WAN].
    ERROR Oct 11 14:58:52 [4127058752]: sync_zone: added zone[wan].
    buf : WAN
    dest : WAN
    ERROR Oct 11 14:58:52 [4127058752]: sync_zone: added interface[Port2] to zone[wan].
    sync_isp: found Port2
    [ghb] Connection to heartbeatd closed
    [ghb] ghb_init successful
    MESSAGE Oct 11 14:58:52 [4153906944]: [SCM::scm_reconfig] /cfs/system/logging/cm.conf
    MESSAGE Oct 11 14:58:52 [4130294592]: [SCM::sophos_central_management] exit
    ERROR Oct 11 14:58:52 [4153906944]: [SCM::scm_set_data] 'aux_appliancekey' data not found in data json '{ "is_b
    ackup_enable": 1, "fwdisplayversion": "SFV2C4_SO01_SFOS 18.0.0 EAP1", "hostname": "testxg.test.globelinkuk.com", "fw
    version": "SF01V_SO01_18.0.0.102", "deviceid": "xxx", "appliancekey": "xxx" }'
    MESSAGE Oct 11 14:58:52 [4130294592]: [SCM::sophos_central_management] start
    [ghb] Connection to heartbeatd established
    MESSAGE Oct 11 14:58:52 [4153906944]: Daemon reconfiguration complete
    ERROR Oct 11 14:58:57 [4153906944]: sync_ips_sig: '/tmp/ips.sig.db' file is not exist
    MESSAGE Oct 11 14:58:57 [4153906944]: parse_nw_inf_data: args: 'Port1###Clients
    '
    (if_name => disp_if_name)'Port1' => 'Clients'
    (if_name => disp_if_name)'Port1' => 'Clients'
    MESSAGE Oct 11 14:58:57 [4153906944]: parse_nw_inf_data: args: 'Port2###Port2
    '
    (if_name => disp_if_name)'Port2' => 'Port2'
    (if_name => disp_if_name)'Port2' => 'Port2'
    MESSAGE Oct 11 14:58:57 [4153906944]: parse_nw_inf_data: args: 'Port3###Port3
    '
    (if_name => disp_if_name)'Port3' => 'Port3'
    (if_name => disp_if_name)'Port3' => 'Port3'
    MESSAGE Oct 11 14:58:57 [4153906944]: height_of_tree : 2
    MESSAGE Oct 11 14:58:57 [4153906944]: no_of_nodes: 3
    MESSAGE Oct 11 14:58:57 [4153906944]: size of tree 60
    MESSAGE Oct 11 14:58:57 [4153906944]: Daemon reconfiguring...
    printing udp input list
    '232' '1414' '1415' '1416' '1417' '2929'
    MESSAGE Oct 11 14:58:59 [4127058752]: do_reconfig_sysconfig: called

    It looks like from the Garner.log that it takes around 5 seconds to complete the configuration which is about how long it takes for it to start the reconfig and to apply the config. This is the same length of time it currently takes on the XG to perform an interface reconfiguration.

    I agree that renaming an interface should not be tied to the whole interface being renamed. However, unlike the UTM we are directly manipulating interfaces from the GUI and not a virtual interface bound to hardware like in the UTM. So although I disagree with the fact an interface rename should not down an interface, it may not be possible with the current implementation of the XG.

    I would rather see the XG return to virtual interfaces attached to hardware like in the UTM which will also fix this problem but will allow much more capability.

    Emile

Unfiltered HTML