Netgate 6100 dropping LAN

stephenw10

Is that the first part of that log sequence?:

Nov 10 03:29:59	check_reload_status	392	Linkup starting igc0

What is igc connected to?

Do you have gateways defined on all those VLANs? I would not expect it to run rc.newwanip otherwise.

Steve

rpungello

@steveits said in Netgate 6100 dropping LAN:

@rpungello said in Netgate 6100 dropping LAN:

link state changed to DOWN

Presumably a cable didn't get unplugged at 3:30 am, but that's what it looks like. Did you try a different cable? Different switch port?

When an interface is reconnected it triggers a handful of things, in case there is a new IP.

Correct, nothing was happening at 3:30am. Bad cable was my first though, but I replaced the cable after the first time it happened and it still happens every few days. I guess I’ll try a different port on the switch it’s connected to next.

rpungello

@stephenw10 said in Netgate 6100 dropping LAN:

Is that the first part of that log sequence?:

Nov 10 03:29:59	check_reload_status	392	Linkup starting igc0

What is igc connected to?

Do you have gateways defined on all those VLANs? I would not expect it to run rc.newwanip otherwise.

Steve

Yes, that’s the first log entry in over two hours.

igc0 is the LAN interface, which has a bunch of VLANs defined as well. There is an OpenVPN server running in pfSense as well, which I guess defines a gateway. Not sure if that counts as being on the LAN port (igc0) or WAN (ix3).

It’s physically connected to a Ubiquiti 10G Flex XG switch (so link running at 2.5G).

mer

@rpungello Is there anything in the logs on the Ubiquiti around that time? To me these logs are saying the 6100 has detected link down/up events. That can happen from either end. If you have another switch, what about plugging it in between the 6100 and the Ubiquiti? That should give the 6100 a constant link and the Ubiquiti could flap all it wants.

rpungello

@mer said in Netgate 6100 dropping LAN:

@rpungello Is there anything in the logs on the Ubiquiti around that time? To me these logs are saying the 6100 has detected link down/up events. That can happen from either end. If you have another switch, what about plugging it in between the 6100 and the Ubiquiti? That should give the 6100 a constant link and the Ubiquiti could flap all it wants.

No, radio silence from the Flex XG. Guess I’ll try plugging the Netgate box into the other (1G) switch, at least for now.

What’s interesting is the UniFi software doesn’t show a dropped connection to the Netgate. It thinks it’s been online for almost two months, but this has happened a few times in that timeframe.

stephenw10

Hmm, pretty much the only thing that can down/up an interface like that (other than it actually reconnecting) is if you gave Snort or Suricata running in in-line mode on the parent NIC. If the service is restarted it will appear like that.
It's still odd it shows rc.newwanip run for each vlan though without a gateway defined on them.

Steve

rpungello

@stephenw10 said in Netgate 6100 dropping LAN:

Hmm, pretty much the only thing that can down/up an interface like that (other than it actually reconnecting) is if you gave Snort or Suricata running in in-line mode on the parent NIC. If the service is restarted it will appear like that.
It's still odd it shows rc.newwanip run for each vlan though without a gateway defined on them.

Steve

I'm pretty sure I don't have any extraneous gateways defined. Here's what shows up under Status > Gateways

No IDS/IPS running either.

stephenw10

Hmm, OK that looks fine.

Are you able to trigger that same action manually at all? From Status > Filter Reload for example?

nikolaosinlight

@rpungello

On your dashboard are there any mentions of crashing / dumps or do you just see it drop and reconnect without any crash issue?

rpungello

@nikolaosinlight said in Netgate 6100 dropping LAN:

@rpungello

On your dashboard are there any mentions of crashing / dumps or do you just see it drop and reconnect without any crash issue?

Nothing shows up on the pfSense dashboard, it just reconnects with almost no issues. The only issue is the Avahi service stops working when this happens until I restart it, which means HomeKit devices on the IoT VLAN stop responding. This is the only reason I even realized this is happening, as so far the disconnects have only been in the middle of the night, so I didn’t notice anything performance-wise.

stephenw10

Does the Avahi service actually stop? If so a possible workaround would be using the service watchdog package.

Steve

rpungello

@stephenw10 said in Netgate 6100 dropping LAN:

Does the Avahi service actually stop? If so a possible workaround would be using the service watchdog package.

Steve

It doesn’t seem to stop, or if it does, it doesn’t seem to stay stopped as the icon in Status > Services shows a green check when I’ve gone in to restart it.