Modify

Opened 3 years ago

Last modified 3 years ago

#19560 new defect

Sysupgrade to newest trunk results in router blocking all local ports

Reported by: anonymous Owned by: developers
Priority: normal Milestone:
Component: packages Version: Trunk
Keywords: Cc:

Description

I just decided to do another sysupgrade after 2 months to newest trunk, bad idea. The router somehow blocks shortly after reboot all communications to itself in the LAN. If I reboot the device and the moment it comes up, I can connect via SSH and to the LUCI web interface, but about 10-15 seconds later, the router blocks all communication to itself. Routing still works fine and I can browse the Internet, but cant reach any service running on the router anymore (SSH, LUCI, ect). I came from: r44622 and did a normal sysupgrade 30 minutes ago to trunk build from yesterday (self compile).

Attachments (0)

Change History (1)

comment:1 Changed 3 years ago by anonymous

Same person who opened the ticket. After some troubleshooting, the problem is caused by a change in behavior how the command "ip" works it seems, because now it always will use a priority of 0 instead of automatically downgrading it from 32765. I cant imagine this is intended behavior, but more of a bug. The problem was triggered by executing OpenVPN which added a default route to the table "vpn1", but the ip rules were wrong and all had a priority of 0. I fixed it by adding a priority by hand to my ip rules like:

#ip rules
ip rule add prio 32765 fwmark 1 table alice
ip rule add prio 32764 fwmark 2 table vpn1
ip rule add prio 32763 fwmark 3 table vpn2
ip rule add prio 32762 fwmark 4 table vpnkue
ip rule add prio 32761 fwmark 5 table main
ip rule add prio 32760 from 10.0.0.11 table alice
ip rule add prio 32759 from 10.0.0.22 table alice
and so on...

Why was this changed? Before, over the last two years, it worked that it automatically would use the next lower priority starting from 32765 downwards.

Add Comment

Modify Ticket

Action
as new .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.