pfSense abruptly looses internet connection

ujjwalkp

Hi,

I've pfSense (version 2.7.0) installed on an old Windows mini box (Celeron N4000 CPU, 1.1 GHz, 2 CPUs, 4G RAM) with a single ethernet (1Gbps port) and a switch with 3 LANs, 2 used and 1 experimental. This setup worked wonderfully for 7 months without any issues. However, since last month I noticed, pfSense drops the internet connection abrupty, and if I restart it works again for a week or so and the cycle repeats. In the logs I see the following message.

There were error(s) loading the rules: /tmp/rules.debug: 168: macro 'pfB_PRI1_v4' not defined - The line in question reads [168]: block return log quick on {re0. 10 re0.20 re0.30 } inet from any to $pfB_PRI1_v4 identifier 1770005154 label "USER_RULE: pfB_PRI1_v4 auto rule" label "id: 1770005154"

I'm unable to comprehend this message. Any help would be appreciated.

Best regards

stephenw10

That error is caused at boot if you have pfBlocker installed with the defaulty auto-rules. It's telling you that pfBlocker has created an alias for that list but it hasn't been populated yet so the rule is not valid.
Normally that isn't a problem. As soon as the list is populated at boot the ruleset loads. If you remove the error and then run Status > Filter Reload and it does not reappear then it's OK.

Do you have more than one gateway defined in System > Routing > Gateways?

Steve

ujjwalkp

@stephenw10 Thank you so much! I noticed this rule in Firewalls -> Rules -> Floating and disabled that for now. I ran the Status -> Filter and it cleared the error. I'll monitor the connection for a week. Hopefully, this has resolved the issue.

I have 6 gateways in total.

WAN_DHCP
WAN_DHCP6

User-defined gateways

LAN_GATEWAY
IOT_GATEWAY
GUEST_GATEWAY

Another question. I was playing with pfBlockerNG a while ago, but then uninstalled the service as I haven't been able to configure it properly. Also, the machine I'm running isn't that powerful. I've never noticed this floating rule. Is there a way I can remove the traces of this service completely ?

Best regards

stephenw10

@ujjwalkp said in pfSense abruptly looses internet connection:

LAN_GATEWAY
IOT_GATEWAY
GUEST_GATEWAY

What are those? You should only have gateways on internal interfaces if you are routing to other downstream routers there. They probably shouldn't be there and the issue is that the default IPv4 gateway is set to automatic and is switching to one of them.
Set the Default gateway to WAN_DHCP.
Remove unnecessary gateways.

You can just remove those floating rules if you have uninstalled pfBlocker.

Steve

ujjwalkp

@stephenw10

ujjwalkp

Hi Steve,

I have 4 interfaces defined. WAN, LAN, IOT and Guest and see those 4 in interfaces tab.

On the gateway tab, default gateway is set to automatic for IPV4 and IPV6. I don’t use IPV6 though. Do you think there would be issue with automatic gateway ?

Ujjwal

stephenw10

Yes. It's almost certainly switching to one of the other gateways when the WAN glitches and doesn't switch back.

You almost certainly should not have gateways on those internal interfaces.

But set the default iPv4 gateway to WAN_DHCP either way.

ujjwalkp

Thanks Steve, will make those changes and observe.

Ujjwal