Internet access randomly/frequently now drops out

automate

Hi All,

Im running pfsense 2.6.0 and have for many years without hiccup. Its running virtualised on a QNAP nap and connects via a VLAN on my network into a cable modem (this vlan is all layer 2, only the firewall and cable modem) where by it receives a DHCP address from my ISP

This has worked faultless.

Recently im seeing the firewall not able to resolve IPs or the IP will disappear, but more often then not, just unable to ping 1.1.1.1 for example.

I've spoken to the ISP who have verified with logs no service drop outs, I've even tried another ISP (because we can move between them fairly easily) - the issue remains. It will then start to work again without issue after a few minutes

Ive tried disabling all the gateway monitoring stuff and also pointing it to 1.1.1.1 with the same issue.

I'm a bit lost as to whats occuring. I checked my VLAN, no interface resets, no packet drops, nothing. Its all on Cisco catalyst switches (theres two, connected via Fibre). Modem on one switch, Pfsense on another

Any thoughts, just not sure what to look for/at

Cheers

stephenw10

First thing I would do is check the system logs when it happens to see what, if anything, is logged.

You can still access the pfSense webgui when this happens?

How exactly are you testing?

Steve

automate

@stephenw10 Yes, the system is all up, no loss of the firewall.

Im testing by resolving names during the issue . Ill paste the log when it occurs next, nothing was obvious

automate

Just dropped out and heres the log, nada

Nov 10 11:13:00 sshguard 42887 Exiting on signal.
Nov 10 11:13:00 sshguard 88843 Now monitoring attacks.
Nov 10 11:24:51 kernel arp: 192.168.0.89 moved from 00:03:ac:09:43:d4 to 00:06:c6:85:d9:39 on vtnet1
Nov 10 11:45:43 php-fpm 34444 /index.php: Session timed out for user 'admin' from: 192.168.0.10 (Local Database)
Nov 10 11:45:44 php-fpm 34444 /index.php: Successful login for user 'admin' from: 192.168.0.10 (Local Database)

stephenw10

Hmm, OK. How are you trying to resolve names? In Diag > DNS Lookup? At the firewall CLI? On a client behind it?
How does it fail, what error does it show?

But you're also unable to ping external sites by IP address directly?

You might try running a traceroute to something that you know usually works and see where it fails.

Steve

automate

@stephenw10 There is no error, thats the issue. The logs show nothing, so I need to get in deeper as the GUI log shows nothing (as above)

Its all being tested FROM the firewall. Unable to trace or ping. It fails at the first hop

stephenw10

How do those fail though? Just timeout?

automate

@stephenw10

yes timeout. Is there something I can run that will constantly ping and then data log when the issue happens to find out why?

stephenw10

That's what dpinger does for the gateway monitor and you said you tried setting it to 1.1.1.1. That should have logged the outage.
When this happens it just restores itself without intervention?

Do you have any access to the modem to check the connection or logs?

Steve