plugins icon indicating copy to clipboard operation
plugins copied to clipboard
verified publisher icon opnsense

Firewall services reload hangs when routing enable

Open DavideFreggiaro opened this issue 2 months ago • 3 comments

Important notices Before you add a new report, we ask you kindly to acknowledge the following:

  • [ ] I have read the contributing guide lines at https://github.com/opnsense/plugins/blob/master/CONTRIBUTING.md
  • [ ] I have searched the existing issues, open and closed, and I'm convinced that mine is new.
  • [ ] The title contains the plugin to which this issue belongs

Describe the bug I have installed "os-frr" plugin. When i use opnsense-shell reload if Routing -> General -> Enable is True the reload hangs at "Waiting for children to finish applying config...". To be able to reuse the shell I have to "ctrl + c".

Tip: to validate your setup was working with the previous version, use opnsense-revert (https://docs.opnsense.org/manual/opnsense_tools.html#opnsense-revert)

To Reproduce Steps to reproduce the behavior:

  1. Install "os-frr" plugin
  2. Routing -> General -> Enable -> True
  3. Connect ssh to firewall and get a shell with option 8
  4. Type "opnsense-shell reload"
  5. See error

Expected behavior Services reload without hanging on "Waiting for children to finish applying config..."

Screenshots

root@OPNsense:~ # opnsense-shell reload
Writing firmware settings: FreeBSD OPNsense
Writing trust files...done.
Scanning /usr/share/certs/untrusted for certificates...
Scanning /usr/share/certs/trusted for certificates...
Scanning /usr/local/share/certs for certificates...
certctl: No changes to trust store were made.
Writing trust bundles...done.
Configuring login behaviour...done.
Configuring cron...done.
Setting timezone: Etc/UTC
Setting hostname: OPNsense.internal
Generating /etc/resolv.conf...done.
Generating /etc/hosts...done.
Configuring loopback interface...done.
Configuring LAGG interfaces...done.
Configuring VLAN interfaces...done.
Configuring LAN interface...done.
Configuring WAN interface...done.
Setting up routes...done.
Setting up gateway monitor...done.
Configuring firewall.......done.
Starting Dnsmasq...done.
Starting NTP service...done.
Configuring OpenSSH...done.
Starting Unbound DNS...done.
Starting web GUI...done.
Syncing OpenVPN settings...done.
Stopping lldpd.
Waiting for PIDS: 65341.
Stopping watchfrr.
Waiting for PIDS: 60520.
Stopping staticd.
Waiting for PIDS: 76620.
Stopping bgpd.
Waiting for PIDS: 14589.
Stopping zebra.
Waiting for PIDS: 74706.
Stopping mgmtd.
Waiting for PIDS: 66336.
Checking intergrated config...
Starting watchfrr.
Starting mgmtd.
Starting zebra.
Starting bgpd.
Starting staticd.
Starting CARP event handler now
2025/10/30 10:24:30 [H0DHT-S9KF2][EC 100663299] setsockopt_so_recvbuf: fd 5: SO_RCVBUF set to 2097152 (requested 16777216)
2025/10/30 10:24:30 [H0DHT-S9KF2][EC 100663299] setsockopt_so_recvbuf: fd 6: SO_RCVBUF set to 2097152 (requested 16777216)
2025/10/30 10:24:30 [H0DHT-S9KF2][EC 100663299] setsockopt_so_recvbuf: fd 7: SO_RCVBUF set to 2097152 (requested 16777216)
2025/10/30 10:24:30 [H0DHT-S9KF2][EC 100663299] setsockopt_so_recvbuf: fd 8: SO_RCVBUF set to 2097152 (requested 16777216)
2025/10/30 10:24:30 [H0DHT-S9KF2][EC 100663299] setsockopt_so_recvbuf: fd 9: SO_RCVBUF set to 2097152 (requested 16777216)
[2194|mgmtd] sending configuration
[2871|zebra] sending configuration
[2871|zebra] done
[5348|bgpd] sending configuration
[2194|mgmtd] done
[9243|watchfrr] sending configuration
[9772|staticd] sending configuration
[9243|watchfrr] done
[5348|bgpd] done
Waiting for children to finish applying config...
[9772|staticd] done
Starting lldpd.
[95367|mgmtd] sending configuration
[95571|zebra] sending configuration
[98402|bgpd] sending configuration
[1696|watchfrr] sending configuration
[2364|staticd] sending configuration
Waiting for children to finish applying config...

Relevant log files

2025-10-30T10:31:50	Debug	bgpd	 [G6NKK-8C6DV] end_config: VTY:0x24eda74422c0, pending SET-CFG: 0
2025-10-30T10:31:50	Informational	bgpd	 [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2025-10-30T10:31:50	Debug	zebra	 [G6NKK-8C6DV] end_config: VTY:0x28393b55b80, pending SET-CFG: 0
2025-10-30T10:31:50	Informational	zebra	 [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2025-10-30T10:31:50	Error	bgpd	 [N945F-NP6FF][EC 100663299] setsockopt_so_sendbuf: fd 24: SO_SNDBUF set to 2097152 (requested 16777216)
2025-10-30T10:31:50	Error	zebra	 [N945F-NP6FF][EC 100663299] setsockopt_so_sendbuf: fd 48: SO_SNDBUF set to 2097152 (requested 16777216)
2025-10-30T10:31:50	Error	frr_carp	 no frr deamons active.
2025-10-30T10:31:50	Debug	bgpd	 [G6NKK-8C6DV] end_config: VTY:0x24eda7442900, pending SET-CFG: 0
2025-10-30T10:31:50	Informational	bgpd	 [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2025-10-30T10:31:50	Debug	zebra	 [WMBNH-V6XN6] Unable to find specified Interface for default
2025-10-30T10:31:50	Debug	zebra	 [WMBNH-V6XN6] Unable to find specified Interface for default
2025-10-30T10:31:50	Debug	zebra	 [G6NKK-8C6DV] end_config: VTY:0x28393ede700, pending SET-CFG: 0
2025-10-30T10:31:50	Informational	zebra	 [VTVCM-Y2NW3] Configuration Read in Took: 00:00:00
2025-10-30T10:31:45	Notice	frr_carp	 FRR received carp configuration event.
2025-10-30T10:31:45	Informational	zebra	 [QS0NJ-H5QKJ] Zebra final shutdown
2025-10-30T10:31:45	Notice	zebra	 [XVBTQ-5QTVQ] Terminating on signal
2025-10-30T10:31:45	Notice	zebra	 [S929C-NZR3N] client 42 disconnected 0 bgp nhgs removed from the rib
2025-10-30T10:31:45	Notice	zebra	 [JPSA8-5KYEA] client 42 disconnected 0 bgp routes removed from the rib
2025-10-30T10:31:45	Error	zebra	 [KQB7H-NPVW9] zebra/zebra_ptm.c:1283 failed to find process pid registration
2025-10-30T10:31:45	Debug	zebra	 [YDZ55-W3VM6] release_daemon_table_chunks: Released 0 table chunks
2025-10-30T10:31:45	Notice	zebra	 [S929C-NZR3N] client 27 disconnected 0 bgp nhgs removed from the rib
2025-10-30T10:31:45	Notice	zebra	 [JPSA8-5KYEA] client 27 disconnected 0 bgp routes removed from the rib
2025-10-30T10:31:45	Debug	zebra	 [YDZ55-W3VM6] release_daemon_table_chunks: Released 0 table chunks
2025-10-30T10:31:45	Notice	zebra	 [S929C-NZR3N] client 30 disconnected 0 vnc nhgs removed from the rib
2025-10-30T10:31:45	Notice	zebra	 [JPSA8-5KYEA] client 30 disconnected 0 vnc routes removed from the rib
2025-10-30T10:31:45	Debug	zebra	 [YDZ55-W3VM6] release_daemon_table_chunks: Released 0 table chunks
2025-10-30T10:31:45	Warning	zebra	 [M7R0J-VQ66A][EC 4043309121] Client 42 'bgp' (session id 1) encountered an error and is shutting down.
2025-10-30T10:31:45	Warning	zebra	 [M7R0J-VQ66A][EC 4043309121] Client 27 'bgp' (session id 0) encountered an error and is shutting down.
2025-10-30T10:31:45	Warning	zebra	 [M7R0J-VQ66A][EC 4043309121] Client 30 'vnc' (session id 0) encountered an error and is shutting down.
2025-10-30T10:31:45	Notice	bgpd	 [ZW1GY-R46JE] Terminating on signal
2025-10-30T10:31:45	Notice	zebra	 [S929C-NZR3N] client 37 disconnected 0 static nhgs removed from the rib
2025-10-30T10:31:45	Notice	zebra	 [JPSA8-5KYEA] client 37 disconnected 0 static routes removed from the rib
2025-10-30T10:31:45	Error	zebra	 [KQB7H-NPVW9] zebra/zebra_ptm.c:1283 failed to find process pid registration
2025-10-30T10:31:45	Debug	zebra	 [YDZ55-W3VM6] release_daemon_table_chunks: Released 0 table chunks
2025-10-30T10:31:45	Warning	zebra	 [M7R0J-VQ66A][EC 4043309121] Client 37 'static' (session id 0) encountered an error and is shutting down.

Additional context If i disable BGP from gui the error still persist. I have also os-lldpd as installed plugin.

Environment OPNsense 25.7.6-amd64 FreeBSD 14.3-RELEASE-p4 OpenSSL 3.0.18 os-frr 1.47_1 os-lldpd 1.2

DavideFreggiaro avatar Oct 30 '25 10:10 DavideFreggiaro

We have same problem for OPNsense

kazzuu00 avatar Nov 02 '25 16:11 kazzuu00

@kazzuu00 Did you manage to find a workaround?

PaoloB98 avatar Nov 03 '25 10:11 PaoloB98

Same problem here :-(

hochdruckspezialist avatar Nov 21 '25 07:11 hochdruckspezialist