SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264

0004337: With multiple uplinks only one is usable. - MantisBT
MantisBT - Endian Firewall
View Issue Details
0004337Endian FirewallNetwork related (VPN, uplinks)public2012-04-23 21:082012-07-30 13:34
timupci 
lorenzo-endian 
normalmajorhave not tried
feedbackopen 
2.5 
 
0004337: With multiple uplinks only one is usable.
I have 3 Red Uplinks that I had working in 2.4. Specific Traffic was mapped to go out the specific uplinks. IE Orange to Red 1, Blue to Red 2, Green to Red 3, or IP/MAC Address to a specific uplink.

After the upgrade this function does not work. When pinging out the specific connection you receive a "Destination Host Unreachable". If you disable all but one, the connection will work.

If you disable all red connections and then turn them on one at a time, the "default via" will change to the last Red Uplink turned on.
I have deleted all red connections, re-added them and the problem persists. I have not wiped the EFW and installed from scratch. (Main EFW for nine sites).
ping google.com -I eth3
PING google.com (74.125.224.104) from 50.115.70.130 eth3: 56(84) bytes of data.
From 50-115-70-130.static-ip.telepacific.net (50.115.70.130) icmp_seq=1 Destination Host Unreachable


# ip route
74.93.179.120/29 dev eth0 proto kernel scope link src 74.93.179.121
50.115.70.128/29 dev eth3 proto kernel scope link src 50.115.70.130
10.0.0.0/24 dev br2 proto kernel scope link src 10.0.0.3
10.0.1.0/24 dev br1 proto kernel scope link src 10.0.1.1
10.0.80.0/24 via 10.0.1.250 dev br1
10.0.2.0/24 dev br0 proto kernel scope link src 10.0.2.1
192.100.51.0/24 dev br0 proto kernel scope link src 192.100.51.253
10.0.90.0/24 via 10.0.1.252 dev br1
default via 74.93.179.126 dev eth0
No tags attached.
Issue History
2012-04-23 21:08timupciNew Issue
2012-04-23 21:31timupciNote Added: 0007843
2012-04-26 05:56timupciNote Added: 0007846
2012-07-30 13:34lorenzo-endianNote Added: 0007969
2012-07-30 13:34lorenzo-endianAssigned To => lorenzo-endian
2012-07-30 13:34lorenzo-endianStatusnew => feedback

Notes
(0007843)
timupci   
2012-04-23 21:31   
Using a static route does not resolve the issue either.
(0007846)
timupci   
2012-04-26 05:56   
Completely wiped the system and re-installed EFW 2.5.1. Uploaded backup. Issue still happens.

#ping google.com -I eth8
PING google.com (74.125.224.137) from 50.115.70.130 eth8: 56(84) bytes of data.
From 50-115-70-130.static-ip.telepacific.net (50.115.70.130) icmp_seq=1 Destination Host Unreachable

#ping google.com -I eth4
PING google.com (74.125.224.38) from 74.93.179.121 eth4: 56(84) bytes of data.
64 bytes from nuq04s06-in-f6.1e100.net (74.125.224.38): icmp_seq=0 ttl=46 time=83.7 ms

#ip route
74.93.179.120/29 dev eth4 proto kernel scope link src 74.93.179.121
50.115.70.128/29 dev eth8 proto kernel scope link src 50.115.70.130
10.0.0.0/24 dev br2 proto kernel scope link src 10.0.0.3
10.0.1.0/24 dev br1 proto kernel scope link src 10.0.1.1
10.0.80.0/24 via 10.0.1.240 dev br1
10.0.2.0/24 dev br0 proto kernel scope link src 10.0.2.1
192.100.51.0/24 dev br0 proto kernel scope link src 192.100.51.253
10.0.90.0/24 via 10.0.1.241 dev br1
default via 74.93.179.126 dev eth4

My next step is to install from scratch with out using the backup with 2.5.1. If that does not work, I will roll back to 2.4 and restore the back up.


Also as a note, when I use the upgrade function from 2.4 - 2.5 at other locations, I had to completely re-install to get the red connection to work for 5 of my 9 off site locations. This could be related to that. But it seems like only 1 red connection can work at 1 time.
(0007969)
lorenzo-endian   
2012-07-30 13:34   
hi timupci,

i tried to reproduce this issue but without success....

i read your comment and i saw that you uploaded the backup but something went wrong because it is not attached.

can you both provide more information about the process you used to configure the machine and provide the settings backup of the machine?

thanks in advance!

Lo