@4eanlss Okay, so, after looking at the boot log I've found that there are a number of core-dumps on pkg-static. Looks like install from fresh image is in order.

Yeah you need to policy route traffic over the GRE tunnel otherwise it will jst use the default gateway which is probably the WAN.

If ICMP and UDP work but TCP fails you probably have an asymmetric route in there somewhere.

You only need 1:1 NAT at the remote end. You don't need the port forwards. The outbound NAT rules you have there are wrong and not doing anything anyway. But you don't need those either.

You didn't show it but I assume you have a static route at the remote side for the local NEW_LAN subvnet via the GRE tunnel.

Yup more info needed. What hardware is that? How are those WAN NICs connected?

@stephenw10 Oki))

@stephenw10 Oki)))

Yup, that^. Restoring a config is easy compared with trying to create a mirror after install.

@stephenw10 Thanks much!!

@stephenw10 That's neat! Thanks for the information 👍

Hello Steve,

Thank you for replying.
In fact, we were listening to IPv4+IPv6 in bind.
I just changed that parameter to listen only on IPv4.

Waiting to see if this happens again.

Thanks a lot.
Birama

Hi,
I was looking for the same thing and found that there is a "/etc/pfSense-rc.shutdown" script. At the bottom it runs all executable scripts in "/usr/local/etc/rc.d/shutdown.*.sh". So I'm guessing that creating such a script will achieve what we are both looking for. The catch now would be to guarantee that the creation of such a script will survive an update. I would guess yes. What it won't survive is a reinstall.

The filer package addon can be used to create this script and also sync it in a ha cluster.

Mmm, latency like that can really only be traffic shaping in pfSense, if it was something in pfSense.

Some cable modems are known to behave like that though.

That doesn't appear to be a specific exploit/vulnerability so it's difficult to assess.

The usual precautions apply though; don't open services on your firewall to the internet.

@NickJH said in Why does losing internet make me lose my LAN?:

May 16 11:54:44 pfSense php-fpm[75615]: /rc.start_packages: Restarting/Starting all packages.
May 16 11:54:44 pfSense anmuscle[85684]: Starting anmuscle
May 16 11:54:44 pfSense anmuscle[4545]: Stopping anmuscle
May 16 11:54:46 pfSense anmuscle[11836]: Successfully stopped anmuscle
May 16 11:54:46 pfSense anmuscle[13056]: Finished configuring DTTS pf rules
May 16 11:54:47 pfSense anmuscle[14274]: Successfully started anmuscle on 13443

Something looks like it's out of sequence here.
When packages are restarted they are all first "stopped".
Then started.

Here, for "anmuscle" : the stop starts with a start (now two instances are running ?), then a stop ....
and then a start again.
Strange.
I also upvote unbound here.

Thanks, that fixed it! Not sure why I was too afraid to try that.

@stephenw10
Yes, on aws EC2s

hi @Gertjan thanks for the replies

Alrighty! Thank you so much for the explanations... and for writing it in a way I can understand. That message makes sense now. I really appreciate everyone's help!

Since I can't edit my post anymore.

The problem fixed itself after about 3 hours?
How is that a thing?

Edit"2".
https://tweakers-net.translate.goog/nieuws/221976/delta-en-caiway-klanten-hebben-problemen-met-google-diensten-door-storing.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp

Still.... amazing how it was working on the phone without a vpn to the router and not with, whilst some clients were having no issues at all and others just plain refusing...

Does WAN2 actually have a DHCP lease? Is the WAN2 gateway shown in Diag > ARP?

It could just be an upstream issue at the ISP.