Gateway drops and never comes back
-
@steveits That's pretty cool. I didn't know about that!
-
@steveits
ok thank you, done that. -
Old subject, but in case it can help someone, I found the solution this morning. :-)
Add the line "setup_gateways_monitor();" in the file /etc/rc.newwanip, at the end, after the last instruction ( "filter_configure();" ), still in the "else" condition.
This way, after a disconnection, gateway_monitor and dpinger will be reconfigured all the same even if WAN IP hasn't changed.
After a few seconds, WAN gateway will be automatically up again.Tested with v2.6.0.
-
-
@steveits Sorry, didn't know where to find this. Thanks.
-
This is still an ongoing issue for me. Not a big deal, but I really would not feel confortable myself telneting on my pfSense boxes and manually editing some files (those changes I guess might be loss when pfSense updates itself?)
Running 22.05-RELEASE, and the issue is a described above. When a WAN connection with fixed IP goes down, it will come back up, but still appear as offline on pfSense until I change the monitor IP to something else.
My quick fix would be to just leave my ISP router IP as the monitor IP for that WAN connection, but of course then pfSense would not notice when the connection is really down (it rarely happens anyway).
-
@mindtwist You can use the System Patches package and enter the ID for the patch (ec73bb89489d830ec21c4e04ffa3ec401791b55d) and it will update the files.
I'm curious, does it work if you view the System\Routing\Gateways page or only if you change the IP? 2-3 years ago there was a similar issue but viewing the page fixed it so we set up a cron to run every so often...don't recall without looking but I think it called a function.
-
@mindtwist : I confirm this change is permanent (I tested it, it survives a reboot), until an OS upgrade of course.
If you really don't feel comfortable, you may backup the original file, and work on a copy, so that you can restore it in case something goes wrong (WinSCP is perfect for this). But adding a single line is not a big deal, it's easy to revert. ;-)@SteveITS : I tried the patch you mentioned, it actually doesn't work. Fortunately, the files are very well commented (thanks to the devs !), which make them quite easy to understand. The issue comes from the fact that dpinger is reset only when the new WAN IP is different from the previous one, whereas it would need to be even if the IP is the same (because of firewall states). This is corrected by adding this only code line.
-
@steveits said in Gateway drops and never comes back:
I'm curious, does it work if you view the System\Routing\Gateways page or only if you change the IP? 2-3 years ago there was a similar issue but viewing the page fixed it so we set up a cron to run every so often...don't recall without looking but I think it called a function.
The interface does come back online just by going to System/Routing/Gateways, hitting "Save", and then "Apply". I do not need to change the IP, but I do have to do a Save/Apply.
-
@ludo9176 said in Gateway drops and never comes back:
@mindtwist : I confirm this change is permanent (I tested it, it survives a reboot), until an OS upgrade of course.
If you really don't feel comfortable, you may backup the original file, and work on a copy, so that you can restore it in case something goes wrong (WinSCP is perfect for this). But adding a single line is not a big deal, it's easy to revert. ;-)I am not even sure what is the file I have to modify, or what change to apply.
I think I need to make the change scottmsilver posted on 16/Dic/21 on line 204 of rc.newwanip, but I am unable to find that rc.newwanip file.
-
@mindtwist : I hadn't read @scottmsilver message, didn't go backwards enough in the thread... this is almost the same solution indeed, at least same cause identified.
-
@mindtwist /etc/rc.newwanip as mentioned above, or apply the patch and not edit any files by hand.
-
@mindtwist : Install WinSCP (if you run Windows), log in pfSense (using LAN IP, port 22, admin credentials), and browse to /etc. The file will be here.
If you run PFS v2.6.0, the line to modify is not 204 any more, but 214. -
I am running PFS v22.05-RELEASE.
Ok, I think I got it figurd it out now. I do not know why, but I was actually looking for /src/etc/rc.newwanip. So I first created a copy of /etc/rc.newwanip as /etc/rc.newwanip.backup, just in case.
And then used the integrated file editor on Diagnostics/Edit file, on /etc/rc.newwanip I have on line 214:
if (!is_ipaddr($oldip) || ($curwanip != $oldip) || file_exists("{$g['tmp_path']}/{$interface}_upstart4") ||I changed it to:
if (/added/ 1 || !is_ipaddr($oldip) || ($curwanip != $oldip) || file_exists("{$g['tmp_path']}/{$interface}_upstart4") ||I power cycled my WAN2 router, and checked that it still does not come back to life :(
So just in case, I also reboot my PFS, and make sure that the change on line 214 of /etc/rc.newwanip is still there. Check again, and WAN2 still stays down with "Offline, Packetloss" when it is already up.Going to System/Routing/Gateways and hitting Save+Apply brings it back, so it seems nothing has changed.
So I go the other route; undo the change on line 214, I add the "setup_gateways_monitor();" at the end. Try again power cycling WAN2, and same results, it will stay on "Offline, Packetloss".
Oh boy, do I suck at this... :(
-
First, I do want to try to redirect you to the post up-thread where you can apply a patch that probably makes this fix correctly. Though I have been safely using my changes for a long time, I don't use all the features of pfSense, so I'm sure my fix isn't without collateral damage
Second, if you want to use my changes, It looks like you are missing the asterisks around the comment "added."
To fix this you can:
- delete the word and the slashes around added, as it is just a comment
- make it a comment by adding the asterisks e.g. /* added */ vs /added/
-
@mindtwist :
I'm thinking of something : have you specified monitor IPs for your WAN connections ? Or did you let the default gateway IPs ? -
@scottmsilver said in Gateway drops and never comes back:
First, I do want to try to redirect you to the post up-thread where you can apply a patch that probably makes this fix correctly. Though I have been safely using my changes for a long time, I don't use all the features of pfSense, so I'm sure my fix isn't without collateral damage
I also looked at that, but I saw I had to install some package in "System/Package manager/Available" packages in order to aply that patch? It didn't seem so straight forward. I will look at it again.
@scottmsilver said in Gateway drops and never comes back:
Second, if you want to use my changes, It looks like you are missing the asterisks around the comment "added."
To fix this you can:delete the word and the slashes around added, as it is just a comment
make it a comment by adding the asterisks e.g. /* added */ vs /added/Oops, that got messed up I guess when pasting here on the forum, but I did the change just fine. I just tried again, with no comments this time, with the same results (WAN2 will stay at "Offline, Packetloss").
@ludo9176 said in Gateway drops and never comes back:
I'm thinking of something : have you specified monitor IPs for your WAN connections ? Or did you let the default gateway IPs ?
Yes, I do have two different monitor IPs, one for each WAN. Using my default gateway (each ISP router IP address) would do no good for me, since the connection might go down, but the router will still reply to pings.
Thanks a lot to both of you!
-
@mindtwist :
It does work on pfSense CE v2.6.0. Maybe give a chance to pfSense CE ? -
Re: Gateway drops and never comes back
So, I am looking at the patch:
https://redmine.pfsense.org/projects/pfsense/repository/1/revisions/ec73bb89489d830ec21c4e04ffa3ec401791b55d/diffAnd all of this changes already seem to be applied on my PFS version?
No, I have not installed any patch manually.Some of the line numbers differ, but everything is there.
Even with a comment about issue 11570.
rc.newwanip
rc.newwanipv6
-
@ludo9176 said in Gateway drops and never comes back:
@mindtwist :
It does work on pfSense CE v2.6.0. Maybe give a chance to pfSense CE ?I guess it sucks to be me.
I know there are two branches for PFSense, PFSense CE (community edition?) and PFSense Plus that Netgate installs on their hardware? I really do not know the differences besides version numbers, 22.01 seems to be 2.6.0 I think.
https://docs.netgate.com/pfsense/en/latest/releases/22-01_2-6-0.htmlBut I do have 4pc of Netgate hardware equipment, I do not think it would be a good idea to reinstall everything on them from Plus 22.05 to CE 2.6.0 just to see if this actually works.