@dobby_ Firewall > Traffic Shaper > Limiters LW has a video explaining this also link text

The majority of VPN tunnels? Show as disconnected when they are actually up?

@stephenw10 So if I try to access 192.168.5.6 (an iDrac that sits behind the pfSense box) I get "192.168.5.6 took too long to respond." but I dont see the firewall logging anything like it did before (see below). The 5.6 address is perfectly accessable by a laptop sitting behind the pfSense box, and the laptop can access the external web just fine. [image: 1666135100503-2022-10-18_16h18_17-resized.png]

@globus243 I've had a similar experience, which may or may not be related. Netgate 5100 locks up shortly after either 6 a.m. or 6 p.m. but not always on the same day of the week. Finally traced the problem to pfblockerng-devel updating its block lists. For some reason this results in "insufficient swap space," even though no swap space is shown in use. My wife first noticed this phenomenon because her Amazon Alexa console, which is connected wirelessly, shows "no network." I'm not competent to delve into what's actually happening, so I just reboot the firewall and everything is fine.

Mmm, those look like real upstream issues unless you have something that shows otherwise. Steve

@steveits said in Spontaneous reboots.: @aaronouthier said in Spontaneous reboots.: After 5 minutes, when Internet was not restored, the power cord was pulled try to avoid turning off power on any device with a file system, to avoid file system damage. The proper way to shut down pfSense is Diagnostics/Halt. I am aware. I didn’t say I pulled the power. My roommate got impatient and did things his way… that's a different problem than the spontaneous reboots...? Yes, I was confused initially. I had thought the system was rebooting when the power was pulled. It wasn’t until the next morning and saw the logs that I realized that wasn’t the case. Also, since it wasn’t rebooting, it means I just lost access to the system, which means ssh and web access weren’t an option. I was attempting to access by ssh when the power was pulled, and I had already determined the web UI was not accessable. @aaronouthier said in Spontaneous reboots.: centigrade Google will do the conversion/math for you: https://www.google.com/search?q=35+celsius+to+fahrenheit I know how to do the conversion. What I consider to be hot, and what a computer chip considers hot, are 2 different things. My home doesn’t quite get to 25 degrees Celsius, for example. At 35 degrees, I’d be about dead… —Aaron

Hmm, that's odd!

@johnpoz said in Specific app doesn't connect to its server when on my network, but does while off: @scottlindner you don't need to do that, you can just set your packet capture to the IP of the phone. You could setup a reservation in your dhcp so the phone always get the same IP. Ahhh.. I see it now. I'll do that the next time she is over. Thank you! I'll follow up here regardless. If I figure it out, I'll post what was wrong and the solution, and obviously if it doesn't make sense to me I'll be asking for more guidance. Appreciate you guys!!

Multicast MACs are known on wifi mesh systems like that, yes. https://docs.netgate.com/pfsense/en/latest/install/upgrade-before-2.2.html#microsoft-load-balancing-open-mesh-traffic Steve

Not if it's a remote device. ARP is not involved there. Steve

Exactly. No difference.

@stephenw10 You make a point there ... I have a "Major Brand" PBX that absolutely won't work if NAT'ed. /Bingo

Yes, more info required. What did you increase the memory from and to? Are you running FRR with a lot of routes passed? Steve

Yes, that setting makes no difference if you don't have any hn(4) NICs. And yes they are found in Hyper-V (and Azure). The 'the multi Queue API' here applies only to hn NICs. You sacrificed mutiqueue to enable AltQ there but not on any other NIC. You can apply FQ_CoDel using Limiters, yes. https://docs.netgate.com/pfsense/en/latest/recipes/codel-limiters.html Steve

@rcoleman-netgate good to know. Thank so much!

Yes, it could be. I'll try to replicate and open something if there isn't anything already open.

@doguibnu I suspect the url mentioned is a place to go for help with the error, not a url being accessed during the boot process. If memory serves (it’s been many years since I’ve done ltsp), after the bios file is loaded via tftp, the initramfs file is loaded via nfs. First step here, however, would be to go to the client machine, and load a local os (from the hard drive or a flash drive, etc - not via netboot), and attempt to manually load the file in question via tftp. If it loads, then the file exists on the ltsp server and is accessible.

Well the port test only checks the initial TCP handshake. It could still be failing later in the sequence for clients. I would probably be trying to get a packet capture of a client failing to connect and seeing exactly how it's failing. Steve