Gateway drops and never comes back

pete35

I got the same issue here. instable celluar connection, gateway goes to pending, saving the gateway again makes it work again. Now i changed it from DHCP to static , will see if this will be better...

scottmsilver

@pete35 @rune-san I am sorry you are having these experiences. I just want to point you up thread to a fix I posted that you can make. It's not an elegant one, but for most people it will probably fix things. See "quick but wrong" fix above.

rune-san

@scottmsilver thanks for that. I had seen it while making my post and I can confirm it does the job on my side too. Was searching to see if you had opened a bug on redmine for this (I couldn't find one). If you had not, I was going to so that there's at least a chance this can get fixed in a future revision.

scottmsilver

@rune-san Yeah. I did and they are fixing it. It looks like they have it targeted now for 2.7.0.

pete35

@jimp
I got some systems with multiple WAN on unstable celluar connections, with GW groups.

Is there a chance to get this fix or changeset

https://redmine.pfsense.org/projects/pfsense/repository/1/revisions/ec73bb89489d830ec21c4e04ffa3ec401791b55d/diff

for 2.7 as a patch for 2.6?

SteveITS

@pete35 In System Patches, Add New Patch and use the ID on that diff page (ec73bb89489d830ec21c4e04ffa3ec401791b55d). The patches just apply the diff to the files on disk.

scottmsilver

@steveits That's pretty cool. I didn't know about that!

pete35

@steveits
ok thank you, done that.

Ludo9176

Old subject, but in case it can help someone, I found the solution this morning. :-)

Add the line "setup_gateways_monitor();" in the file /etc/rc.newwanip, at the end, after the last instruction ( "filter_configure();" ), still in the "else" condition.

This way, after a disconnection, gateway_monitor and dpinger will be reconfigured all the same even if WAN IP hasn't changed.
After a few seconds, WAN gateway will be automatically up again.

Tested with v2.6.0.

SteveITS

@ludo9176 If the patch in the above mentioned redmine didn't fix your issue you could post your solution in the redmine for devs to review.

Ludo9176

@steveits Sorry, didn't know where to find this. Thanks.

MindTwist

This is still an ongoing issue for me. Not a big deal, but I really would not feel confortable myself telneting on my pfSense boxes and manually editing some files (those changes I guess might be loss when pfSense updates itself?)

Running 22.05-RELEASE, and the issue is a described above. When a WAN connection with fixed IP goes down, it will come back up, but still appear as offline on pfSense until I change the monitor IP to something else.

My quick fix would be to just leave my ISP router IP as the monitor IP for that WAN connection, but of course then pfSense would not notice when the connection is really down (it rarely happens anyway).

SteveITS

@mindtwist You can use the System Patches package and enter the ID for the patch (ec73bb89489d830ec21c4e04ffa3ec401791b55d) and it will update the files.

I'm curious, does it work if you view the System\Routing\Gateways page or only if you change the IP? 2-3 years ago there was a similar issue but viewing the page fixed it so we set up a cron to run every so often...don't recall without looking but I think it called a function.

Ludo9176

@mindtwist : I confirm this change is permanent (I tested it, it survives a reboot), until an OS upgrade of course.
If you really don't feel comfortable, you may backup the original file, and work on a copy, so that you can restore it in case something goes wrong (WinSCP is perfect for this). But adding a single line is not a big deal, it's easy to revert. ;-)

@SteveITS : I tried the patch you mentioned, it actually doesn't work. Fortunately, the files are very well commented (thanks to the devs !), which make them quite easy to understand. The issue comes from the fact that dpinger is reset only when the new WAN IP is different from the previous one, whereas it would need to be even if the IP is the same (because of firewall states). This is corrected by adding this only code line.

MindTwist

@steveits said in Gateway drops and never comes back:

I'm curious, does it work if you view the System\Routing\Gateways page or only if you change the IP? 2-3 years ago there was a similar issue but viewing the page fixed it so we set up a cron to run every so often...don't recall without looking but I think it called a function.

The interface does come back online just by going to System/Routing/Gateways, hitting "Save", and then "Apply". I do not need to change the IP, but I do have to do a Save/Apply.

MindTwist

@ludo9176 said in Gateway drops and never comes back:

@mindtwist : I confirm this change is permanent (I tested it, it survives a reboot), until an OS upgrade of course.
If you really don't feel comfortable, you may backup the original file, and work on a copy, so that you can restore it in case something goes wrong (WinSCP is perfect for this). But adding a single line is not a big deal, it's easy to revert. ;-)

I am not even sure what is the file I have to modify, or what change to apply.

I think I need to make the change scottmsilver posted on 16/Dic/21 on line 204 of rc.newwanip, but I am unable to find that rc.newwanip file.

Ludo9176

@mindtwist : I hadn't read @scottmsilver message, didn't go backwards enough in the thread... this is almost the same solution indeed, at least same cause identified.

SteveITS

@mindtwist /etc/rc.newwanip as mentioned above, or apply the patch and not edit any files by hand.

Ludo9176

@mindtwist : Install WinSCP (if you run Windows), log in pfSense (using LAN IP, port 22, admin credentials), and browse to /etc. The file will be here.
If you run PFS v2.6.0, the line to modify is not 204 any more, but 214.

MindTwist

I am running PFS v22.05-RELEASE.

Ok, I think I got it figurd it out now. I do not know why, but I was actually looking for /src/etc/rc.newwanip. So I first created a copy of /etc/rc.newwanip as /etc/rc.newwanip.backup, just in case.

And then used the integrated file editor on Diagnostics/Edit file, on /etc/rc.newwanip I have on line 214:
if (!is_ipaddr($oldip) || ($curwanip != $oldip) || file_exists("{$g['tmp_path']}/{$interface}_upstart4") ||

I changed it to:
if (/added/ 1 || !is_ipaddr($oldip) || ($curwanip != $oldip) || file_exists("{$g['tmp_path']}/{$interface}_upstart4") ||

I power cycled my WAN2 router, and checked that it still does not come back to life :(
So just in case, I also reboot my PFS, and make sure that the change on line 214 of /etc/rc.newwanip is still there. Check again, and WAN2 still stays down with "Offline, Packetloss" when it is already up.

Going to System/Routing/Gateways and hitting Save+Apply brings it back, so it seems nothing has changed.

So I go the other route; undo the change on line 214, I add the "setup_gateways_monitor();" at the end. Try again power cycling WAN2, and same results, it will stay on "Offline, Packetloss".

Oh boy, do I suck at this... :(