Upgrade to 23.01 resulted in no internet access
-
Thanks for your reply guys!
@jimp
So what might be wrong with DNS settings, which they are the same as the working version?
Is there any way to get the log of errors to figure this out? -
Well first try to determine if it really is a DNS issue.
Try to resolve something at a client behind pfSense.
Use Diag > DNS Lookup to test what pfSense can resolve against.
If that fails make sure the DNS service in pfSense us actually running. Check the DNS resolver logs for errors.
Steve
-
I've hit a similar issue. Upgraded a Netgate 6100 from 22.05 to 23.01. After the upgrade completes there is absolutely no internet connectivity. Unable to ping 1.1.1.1 or 8.8.8.8. I get an IP on my WAN interface (DHCP from ISP), but the route is stated as "down" by pfSense.
Reverting back to 22.05 through boot environments and it works immediately.
In my case, there is no double NAT, HA or anything like that. Just plain and simple network connection to ISP.
-
If the WAN gateway shows as down that's because it stopped responding to the monitoring pings. First make sure it exists in the ARP table. If it doesn't that that's some low level problem like failing to link.
-
@stephenw10 in my issue it states that the gateway is up but still no connectivity.
@stephenw10 That's what I'm gonna do this weekend and I'll keep you posted.
Thanks!
-
@najm any news on this "issue"
Experienced the same issue. Reverted back via boot environment so for now issue resolved temporary offcourse.
Connections IPv4 and IPv6 seemed up. But no connectivity. Ping to 8.8.8.8 no reponse directly from PFsense.Did no troubleshooting at all as it was during the day.
-
A bad or missing default route would fit what you describe there.
If you have multiple gateways configured make sure the WAN is set as default in System > Routing.
-
@stephenw10 Sometimes....
Thanks for the suggestion. The default route reverts back to automatic. In my case this is an problem as my ipv6 connection does not support outgoing traffic. -
Better to disable IPv6 entirely then. Otherwise, if it's a real IPv6 address, pfSense will attempt to use it and clients behind it may also if they are passed valid IPv6.
But the v4 gateway should be set to the WAN_GW. It should not revert to automatic.
-
@stephenw10 as i reverted back (boot environment), i can confirm that after reading your suggestion, that my default route was set to my ipv4 gateway. After the upgrade it reverted to automatic. After manualy changing it to my ipv4 connection everything worked as expected.
-
I've only done some very limited testing to this as 22.05 works fine. But my experience is the same as above, after upgrade to 23.01 all network connectivity fails. I tested again and it seems to select "Automatic" as default route even though I select WAN_GW. It always goes back to Automatic and I haven no internet.
I can also mention that I have several VTI tunnels, so I am assuming it choses one of those as the default route instead.
I do not utilize IPv6 and have it entirely disabled.
-
Hmm, odd. Maybe the gateway name changed so the old gateway was no longer available? I've never seen that though.
-
@stephenw10 i would not expect this behaviour.... as this is an in place upgrade nothing has changed prior or after the upgrade... (name scheme appears the same)
-
Hmm, well I have no idea why it would revert to automatic at upgrade, I've not seen that, but you should be able to set it to the correct gateway again and it should remain.
-
@najm, I realized after applying the upgrade, that the MAC address of the WAN VLAN changed. In my case, this does not allow me to connect with my ISP because my connection is linked to one MAC address. My problem is that I cannot find where to change the MAC address as it was allowed in the previous version.
-
You can spoof the MAC address on the VLAN parent interface. So assign/enable that, if it is not already, and apply the MAC there.
