Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 27 subscribers
  • Views 1855 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG Firewall 18.0 GA-Build379 routing table inconsistent after backup restore

Samuel Heinrich

fyi...

we've noticed an issue after restoring a backup to fresh re-imaged (18.0 GA-Build379) XG330 appliances.

after restoring the backup, some branches were not reachable, because of missing static routes in the routing table, although they were clearly visible in the GUI. 

 

We were able to fix the issue by editing each missing route in the GUI and save it. To force it we changed metric from 0 to 1

 

 

unfortunately, this is not the first time we've experienced such problems that "GUI" does not reflect the "running-config"...



This thread was automatically locked due to age.
  • 0

    There are logs which try to import those settings into the kernel / routing stacks. 

    https://community.sophos.com/kb/en-us/132211

     

    Try to find any indication by looking into all Logs.

    Simple: grep "10.9.104.0" /log/*.log | less 

    Then try to find the first entry and note the time / logfile.

    Go into the log file and browse to the time, try to find any related information to this issue. It seems like the kernel tried to import this route, but failed. 

  • 0

    Hi  

    Sorry for the inconvenience caused! Could you please share the output of the given command from CLI console.

    console > system link_failover show

    Please let us know from which firmware the backup has been taken and restored to 18.0 GA-Build379

  • 0 in reply to Keyur

    Keyur

    thank you for your fast response.

    backup was taken before the SQL Attack (19.04.2020) running version V18 GA 339 and was restored to 379.

     

    console> system link_failover show
    Interface Tunnel Protocol Host Port Tunnel-Type

    console>

     

    The static routes point to different routers (l2 "mpls") over Port6 vlan 227, which is not a default gateway path, although there is a default gateway on Port6 but in another vlan. 

    route precedence is set to:
    1. SD-WAN policy routes
    2. VPN routes
    3. Static routes

     

     

    during the backup restore and re-creating the HA Cluster, the firewall changes its mac address from physical to virtual. it is possible that in that some of the routers temporarily were not reachable because of a bogus arp entry...

     

    but I guess that's all irrelevant, the XG should always install routes in the tables, even if the gateway is not reachable.

    also what you can't see in the screenshot, because it was taken after the fix.

     

    10.9.0.0        10.***   255.255.248.0   UG    1      0        0 Port6.227   was installed

    192.168.142.0   10.***  255.255.255.0   UG    1      0        0 Port6.227 was not installed.

     

    both point to the same gateway and use the same interface. I'm aware that changing interface parameters afterward, can delete routes/acl referenced by that interface.  but in those cases they usually disappear in the GUI. 

  • 0 in reply to LuCar Toni

    Hi Toni

    Thank you also for your fast response.

    great hint, looks like there is a logfile "zebra.log" for static routing, but it is not located in /log/ 

     

    XG330_WP02_SFOS 18.0.0 GA-Build379.HF043020# find /* | grep zebra.log
    /var/tslog/zebra.log

    unfortunately, there is no indication for unsuccessful route installation:

     

    XG330_WP02_SFOS 18.0.0 GA-Build379.HF043020# cat /var/tslog/zebra.log
    2020/05/04 15:22:48 ZEBRA: ####The file fd = 9, Added ZEBRA read thread successfully
    2020/05/04 15:22:48 ZEBRA: Zebra 0.99.22 starting: vty@2709
    2020/05/04 15:22:49 ZEBRA: client 10 says hello and bids fair to announce only rip routes
    2020/05/04 15:22:49 ZEBRA: client 11 says hello and bids fair to announce only bgp routes
    2020/05/04 15:22:51 ZEBRA: client 13 says hello and bids fair to announce only ospf routes
    2020/05/04 16:28:26 ZEBRA: Terminating on signal
    2020/05/04 16:28:26 ZEBRA: IRDP: Received shutdown notification.
    2020/05/04 16:30:26 ZEBRA: ####The file fd = 9, Added ZEBRA read thread successfully
    2020/05/04 16:30:26 ZEBRA: Zebra 0.99.22 starting: vty@2709
    2020/05/04 16:30:27 ZEBRA: client 10 says hello and bids fair to announce only rip routes
    2020/05/04 16:30:27 ZEBRA: client 11 says hello and bids fair to announce only bgp routes
    2020/05/04 16:30:34 ZEBRA: client 13 says hello and bids fair to announce only ospf routes
    2020/05/04 16:30:46 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:47 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:47 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:47 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:47 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:47 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:48 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:48 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:48 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:49 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:49 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:49 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:49 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:50 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:50 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:50 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:50 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:51 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:51 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:51 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:51 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:51 ZEBRA: ####Applied static route successfully
    2020/05/04 16:30:52 ZEBRA: ####Applied static route successfully

    -> I count 23 routes, which is equal with the number of routes in the GUI. 

     

    no other matched in logfiles from yesterday, after backup restore.

     

  • 0 in reply to Samuel Heinrich

    Hi  

    Could you please raise a support case to investigate the issue further? Please share the service request number through the message.

    Please also execute the below given command in the advanced shell of the firewall.

    tar -cvzf filename.tar.gz /log/*.log*