topic Re: PBR Bug - Cannot delete it in General Topics

PBR Bug - Cannot delete it

Edu_Amores — Fri, 27 Sep 2019 10:09:03 GMT

Hello all,

I am having an issue with a Security Gateway (R80.10, build number 1) to delete a Policy Rule. I have tried to delete is from GUI and CLI but it is still listed in Expert Mode:

[Expert@GW1:0]# ip rule list
19: from 192.168.50.0/29 lookup 9 hit 90788 <----

Weirdest thing is that if I add a new Policy Rule with ID 19, the old one Policy Rule which should be deleted still appear there:

[Expert@GW1:0]# ip rule list
19: from 192.168.50.0/29 lookup 9 hit 90788
19: from 192.168.80.0/25 lookup 9

Can you please tell me if there is a way to delete this Policy Rule from the Expert mode directly (this Policy Rule is aleready deleted from GUI/CLI)?. Thank you very much.

Best Regards.

Re: PBR Bug - Cannot delete it

PhoneBoy — Sat, 28 Sep 2019 02:33:56 GMT

If the clish command isn't properly removing the route, it's likely a bug and you should probably open a TAC case.

Re: PBR Bug - Cannot delete it

Tiago_Cerqueira — Sat, 23 May 2020 11:27:56 GMT

Hi guys,

Just to chime in, ran into this issue today. Tried deleting the PBR rules, then cpstop;cpstart, and ip rule list still showed the wrong rules. A little bit expected, as restarting the cp daemons shouldn't affect the inner working of the system in this case.

Was tempted to remove it manually via the ip command, but since that's generally not advisable and as this had a maintenance window, I rebooted the node and everything is fine now.

This was under R80.20 take 141

Re: PBR Bug - Cannot delete it

rdevarak — Sun, 24 May 2020 23:06:15 GMT

There are multiple parts to the problem. Leaving PBR rule in the kernel happens whenever user tried to delete it and it is deleted from the configuration database as well as from routed.conf but the back-end process 'routed' didn’t get a chance to delete it from the kernel. Mostly routed is crashed or something went wrong with the routed.conf file.

Once the system is in the weird state, here is the suggested approach:

Check the config system with ‘dbget –arv routed:instance:default:pbrrules”, if it doesn’t exists then
Check with “ip rule list”, if it exists only way to remove is using ‘ip rule delete’ command or
Reboot the system to reset the PBR rules in the kernel.

We need to find out the root cause of routed crash and this is only a side effect. This can happen with any other feature also.

Since you are able to add PBR rule later, mostly something to do with some other configuration that you have done along with PBR configuration.

If the problem still persists, you can upgrade to new JHF or release. You can also open a ticket with TAC for further help.

-Raghu

Re: PBR Bug - Cannot delete it

Tiago_Cerqueira — Mon, 25 May 2020 07:52:37 GMT

Hi,

I actually viewed the state of routed, via the cpwd_admin list and show cluster-state and it seemed that everything was fine. Additionally, there were no core dumps under the /var/log/dumps

Re: PBR Bug - Cannot delete it

rdevarak — Tue, 26 May 2020 21:09:57 GMT

In some scenarios, routed just restarts without dumping core. You will get to know from syslog messages. You can see the process id also changes. You can open a ticket with TAC, still if you need help with it.

Re: PBR Bug - Cannot delete it

AllenSaldanha — Thu, 31 Oct 2024 14:56:47 GMT

I managed to solve my problem by deleting it from the rule list with the command below:

ip rule del from <ip> lookup <id>