[8.965][BUG] HA Selfchek

Morning Robert,

can you please post the referring lines from the /var/log/confd.log, /var/log/confd-debug.log and the /var/log/high_availability.log.

Cheers,
Cristof

Hi Christof,

here we go:

confd.log

2012:06:01-06:16:33 firewall-1 confd[2109]:  id="3100" severity="warn" sys="System" sub="confd" name="NODE_OBJECT_TYPE (The HA backup interface cannot use wireless access point group objects.)" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" call="set" goodclass="itfhw" nodelist="ha->itfhw_backup" badtype="awe_network_group" check="input" badref="REF_ItfAweDuckmobil"
2012:06:01-06:31:32 firewall-1 confd[7726]: W main::cleanup_sessions:1002() => id="3100" severity="warn" sys="System" sub="confd" name="timeout: removing session" user="system" srcip="127.0.0.1" sid="uOcHGiMnkJsvBvynILhm" facility="system" client="sethacfg"
2012:06:01-07:06:35 firewall-1 confd[12571]:  id="3100" severity="warn" sys="System" sub="confd" name="NODE_OBJECT_TYPE (The HA backup interface cannot use wireless access point group objects.)" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" call="set" goodclass="itfhw" nodelist="ha->itfhw_backup" badtype="awe_network_group" check="input" badref="REF_ItfAweDuckmobil"
2012:06:01-07:12:59 firewall-1 confd[13253]: I Role::authenticate:147() => id="3106" severity="info" sys="System" sub="confd" name="authentication successful" user="admin" srcip="2001:a60:f0a4:1040::fab1" sid="bZLVgziZfoDMOkwbuJiw" facility="webadmin" client="webadmin.plx" call="new"
2012:06:01-07:14:39 firewall-1 confd[7726]: I main::top-level:536() => id="310c" severity="info" sys="System" sub="confd" name="node changed" node="notifications->reboot_reason" value="{'1' => 'Rebooted via WebAdmin','3' => 'Rebooted via WebAdmin','0' => '','2' => 'Rebooted by Up2Date'}" oldvalue="{'1' => 'Rebooted by Up2Date','3' => 'Rebooted via WebAdmin','0' => '','2' => 'Rebooted by Up2Date'}" user="admin" srcip="2001:a60:f0a4:1040::fab1" sid="bZLVgziZfoDMOkwbuJiw" facility="webadmin" client="webadmin.plx" pid="13565"
2012:06:01-07:14:39 firewall-1 confd[7726]: I main::cleanup_changelog:964() => id="3100" severity="info" sys="System" sub="confd" name="trimmed version 45 from changelog"
2012:06:01-07:14:39 firewall-1 confd[7726]: I main::top-level:749() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="admin" srcip="2001:a60:f0a4:1040::fab1" sid="bZLVgziZfoDMOkwbuJiw" facility="webadmin" client="webadmin.plx" pid="13565" version="47" storage="/cfg"
2012:06:01-07:14:52 firewall-1 confd[13954]:  id="3100" severity="warn" sys="System" sub="confd" name="NODE_OBJECT_TYPE (The HA backup interface cannot use wireless access point group objects.)" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" call="set" goodclass="itfhw" nodelist="ha->itfhw_backup" badtype="awe_network_group" check="input" badref="REF_ItfAweDuckmobil"
2012:06:01-07:14:52 firewall-1 confd[13959]:  id="3100" severity="warn" sys="System" sub="confd" name="NODE_OBJECT_TYPE (The HA backup interface cannot use wireless access point group objects.)" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" call="set" goodclass="itfhw" nodelist="ha->itfhw_backup" badtype="awe_network_group" check="input" badref="REF_ItfAweDuckmobil"
2012:06:01-07:16:16 firewall-1 confd[15501]:  id="3100" severity="warn" sys="System" sub="confd" name="NODE_OBJECT_TYPE (The HA backup interface cannot use wireless access point group objects.)" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" call="set" goodclass="itfhw" nodelist="ha->itfhw_backup" badtype="awe_network_group" check="input" badref="REF_ItfAweDuckmobil"
2012:06:01-07:16:16 firewall-1 confd[15506]:  id="3100" severity="warn" sys="System" sub="confd" name="NODE_OBJECT_TYPE (The HA backup interface cannot use wireless access point group objects.)" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" call="set" goodclass="itfhw" nodelist="ha->itfhw_backup" badtype="awe_network_group" check="input" badref="REF_ItfAweDuckmobil"
2012:06:01-07:22:39 firewall-1 confd[7726]: W main::cleanup_sessions:1002() => id="3100" severity="warn" sys="System" sub="confd" name="timeout: removing session" user="system" srcip="127.0.0.1" sid="SaIRhXDrDRHfDJzcVkqt" facility="system" client="sethacfg"
2012:06:01-07:32:55 firewall-1 confd[7726]: W main::cleanup_sessions:1002() => id="3100" severity="warn" sys="System" sub="confd" name="timeout: removing session" user="system" srcip="127.0.0.1" sid="cTcIbdnJnKAsxIyXHtXE" facility="system" client="red_server.plc"
2012:06:01-08:06:16 firewall-1 confd[27135]:  id="3100" severity="warn" sys="System" sub="confd" name="NODE_OBJECT_TYPE (The HA backup interface cannot use wireless access point group objects.)" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" call="set" goodclass="itfhw" nodelist="ha->itfhw_backup" badtype="awe_network_group" check="input" badref="REF_ItfAweDuckmobil"
2012:06:01-08:24:10 firewall-1 confd[7726]: W main::cleanup_sessions:1002() => id="3100" severity="warn" sys="System" sub="confd" name="timeout: removing session" user="system" srcip="127.0.0.1" sid="MdBqxOvmTTdxXySgbJFY" facility="system" client="sethacfg"
2012:06:01-08:28:25 firewall-1 confd[13565]: I Session::terminate:285() => id="3100" severity="info" sys="System" sub="confd" name="closing session" user="admin" srcip="2001:a60:f0a4:1040::fab1" sid="bZLVgziZfoDMOkwbuJiw" facility="webadmin" client="webadmin.plx" call="logout" function="logout"
2012:06:01-08:28:25 firewall-1 confd[13253]: I Session::terminate:285() => id="3100" severity="info" sys="System" sub="confd" name="closing session" user="admin" srcip="2001:a60:f0a4:1040::fab1" sid="bZLVgziZfoDMOkwbuJiw" facility="webadmin" client="webadmin.plx" function="reload" reason="session expired"

high_availability.log

2012:06:01-07:14:50 firewall-1 ha_daemon[3821]: id="38C1" severity="info" sys="System" sub="ha" name="Node 2 is dead, received no heart beats!"
2012:06:01-07:14:51 firewall-1 ha_daemon[3821]: id="38A0" severity="info" sys="System" sub="ha" name="Activating sync process for database on node 2"
2012:06:01-07:16:11 firewall-1 ha_daemon[3821]: id="38A0" severity="info" sys="System" sub="ha" name="Access granted to remote node 2!"
2012:06:01-07:16:14 firewall-1 ha_daemon[3821]: id="38A0" severity="info" sys="System" sub="ha" name="Node 2 joined with version 8.965007"
2012:06:01-07:16:14 firewall-1 ha_daemon[3821]: id="38C0" severity="info" sys="System" sub="ha" name="Node 2 is alive!"
2012:06:01-07:16:14 firewall-1 ha_daemon[3821]: id="38A0" severity="info" sys="System" sub="ha" name="Node 2 changed state: DEAD -> SYNCING"
2012:06:01-07:51:34 firewall-1 slon_control[6878]: Initial synchronization for node 2 finished!
2012:06:01-07:51:34 firewall-1 ha_daemon[3821]: id="38A0" severity="info" sys="System" sub="ha" name="Deactivating sync process for database on node 2"
2012:06:01-07:51:51 firewall-1 ha_daemon[3821]: id="38A0" severity="info" sys="System" sub="ha" name="Node 2 changed state: SYNCING -> ACTIVE"

i rebooted node2 for testing ... but no luck [:)]

should i try to reboot node 1?

as a note, all my Uplink-Interfaces are shown as ERROR

Robert

confd-debug.log

2012:06:01-08:06:16 firewall-1 confd[27135]: D sys::AUTOLOAD:298() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" lock="auto" method="set"
2012:06:01-08:06:16 firewall-1 confd[27135]: >=========================================================================
2012:06:01-08:06:16 firewall-1 confd[27135]: D Node::set:582() => id="3100" severity="debug" sys="System" sub="confd" name="set" node="ha" value="$VAR1 = {
2012:06:01-08:06:16 firewall-1 confd[27135]:           'cluster' => {
2012:06:01-08:06:16 firewall-1 confd[27135]:                          'waf' => [],
2012:06:01-08:06:16 firewall-1 confd[27135]:                          'ftp' => [],
2012:06:01-08:06:16 firewall-1 confd[27135]:                          'smtp' => [],
2012:06:01-08:06:16 firewall-1 confd[27135]:                          'http' => [],
2012:06:01-08:06:16 firewall-1 confd[27135]:                          'pop3' => [],
2012:06:01-08:06:16 firewall-1 confd[27135]:                          'ipsec' => [],
2012:06:01-08:06:16 firewall-1 confd[27135]:                          'snort' => []
2012:06:01-08:06:16 firewall-1 confd[27135]:                        },
2012:06:01-08:06:16 firewall-1 confd[27135]:           'network' => '198.19.250.0',
2012:06:01-08:06:16 firewall-1 confd[27135]:           'slave_ip' => '',
2012:06:01-08:06:16 firewall-1 confd[27135]:           'sync' => {
2012:06:01-08:06:16 firewall-1 confd[27135]:                       'database' => 1,
2012:06:01-08:06:16 firewall-1 confd[27135]:                       'conntrack' => 1,
2012:06:01-08:06:16 firewall-1 confd[27135]:                       'files' => 1,
2012:06:01-08:06:16 firewall-1 confd[27135]:                       'syslog' => 1,
2012:06:01-08:06:16 firewall-1 confd[27135]:                       'ipsec' => 1
2012:06:01-08:06:16 firewall-1 confd[27135]:                     },
2012:06:01-08:06:16 firewall-1 confd[27135]:           'mode' => 'master',
2012:06:01-08:06:16 firewall-1 confd[27135]:           'itfhw_backup' => 'REF_ItfAweDuckmobil',
2012:06:01-08:06:16 firewall-1 confd[27135]:           'status' => 'hot_standby',
2012:06:01-08:06:16 firewall-1 confd[27135]:           'itfhw' => 'REF_ItfEthEth8IntelCorpo',
2012:06:01-08:06:16 firewall-1 confd[27135]:           'master_ip' => '',
2012:06:01-08:06:16 firewall-1 confd[27135]:           'advanced' => {
2012:06:01-08:06:16 firewall-1 confd[27135]:                           'cold_rollback' => 0,
2012:06:01-08:06:16 firewall-1 confd[27135]:                           'virtual_mac' => 1,
2012:06:01-08:06:16 firewall-1 confd[27135]:                           'load_takeover' => 50,
2012:06:01-08:06:16 firewall-1 confd[27135]:                           'preempt' => '1',
2012:06:01-08:06:16 firewall-1 confd[27135]:                           'load_warn' => 10,
2012:06:01-08:06:16 firewall-1 confd[27135]:                           'netconsole' => 0,
2012:06:01-08:06:16 firewall-1 confd[27135]:                           'max_nodes' => 10,
2012:06:01-08:06:16 firewall-1 confd[27135]:                           'autojoin' => 1,
2012:06:01-08:06:16 firewall-1 confd[27135]:                           'mtu' => '1496',
2012:06:01-08:06:16 firewall-1 confd[27135]:                           'unique_id' => 620
2012:06:01-08:06:16 firewall-1 confd[27135]:                         },
2012:06:01-08:06:16 firewall-1 confd[27135]:           'device_name' => 'Node1',
2012:06:01-08:06:16 firewall-1 confd[27135]:           'password' => 'FSXhjdZtCA1SKJIu',
2012:06:01-08:06:16 firewall-1 confd[27135]:           'node_id' => 1,
2012:06:01-08:06:16 firewall-1 confd[27135]:           'times' => {
2012:06:01-08:06:16 firewall-1 confd[27135]:                        'load_time' => 30,
2012:06:01-08:06:16 firewall-1 confd[27135]:                        'dead_time' => 10
2012:06:01-08:06:16 firewall-1 confd[27135]:                      }
2012:06:01-08:06:16 firewall-1 confd[27135]:         };" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" call="set" external="1"
2012:06:01-08:06:16 firewall-1 confd[27135]:  id="3100" severity="warn" sys="System" sub="confd" name="NODE_OBJECT_TYPE (The HA backup interface cannot use wireless access point group objects.)" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" call="set" goodclass="itfhw" nodelist="ha->itfhw_backup" badtype="awe_network_group" check="input" badref="REF_ItfAweDuckmobil"
2012:06:01-08:06:16 firewall-1 confd[27135]: D Storage::unlock:286() => id="3100" severity="debug" sys="System" sub="confd" name="discarded changes and released lock" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" storage="/cfg"
2012:06:01-08:06:16 firewall-1 confd[27135]: D sys::AUTOLOAD:298() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" lock="none" method="logout"

2012:06:01-08:06:16 firewall-1 confd[27135]: W Message::err_set:1017() => id="3100" severity="warn" sys="System" sub="confd" name="NODE_OBJECT_TYPE (The HA backup interface cannot use wireless access point group objects.)" user="system" srcip="127.0.0.1" facility="system" client="confd-ha_mode" call="set" goodclass="itfhw" nodelist="ha->itfhw_backup" badtype="awe_network_group" check="input" badref="REF_ItfAweDuckmobil"

How did you manage do get this as Backup Interface? [:)]

i don't know? [[[:)]]] just set to "auto config" and made yesterday the update [[[:)]]] not more, not less [[[:)]]]

What did you configure for HA Backup interface?

only eth8, a normal interface ...

Can make a screenshot?

According to the confd error message, there is a Wireless Network Group in there...

any more whishes? [:)]))

Do you ever had a HA Backup interface configured?

There is non in the WebAdmin shows, but confd complains...
What do you get on the command line with "cc get ha itfhw_backup" and "cc get ha mode"?