Experiencing frequent downtimes with pfSense 2.7... Is my Intel NIC/cable modem failing?

Ghost 0

I'm going on my fourth anniversary with pfSense. I think it is an awesome firewall ever since I made the transition from OpenWrt. However, it is not as stable as my aforementioned third-party firmware. And it's slowly becoming the bane of my online experience . Since day one, I have been experiencing down internet. In the beginning, it was only happening about once to twice a month. Thus, grudgingly, I have been living with this annoying ongoing experience since I couldn't pin-point the issue. And this forum couldn't help me sort it out either. But recently, it is occurring more frequently, several times a day. And so I figure let me give this forum another stab at this issue. Is my Intel 4-port NIC failing? Background: I'm currently using pfSense 2.7 (AMD64) on a repurposed HP workstation with 5GB of RAM; quad-four Intel CPU that is about 10+ years old but still going strong; Intel 4-port NIC (used on eBay, approximately 4 years ago, don't laugh... I'm poor!) I use my own cable modem, a Netgear modem (CM700 model, refurbished from Amazon, again, don't laugh.., I'm poor!). Using NordVPN, PiHole and UniFi controller, running on Raspberry Pi 4B /8GB without any issues. Network is segmented with several subnets. This is the main reason I transitioned to pfSense; VLAN setup is much more efficient and intuitive to setup compared to OpenWrt.

Sample of some of the Gateway logs:

Dec 2 22:03:41	dpinger	66052	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 73.XX.XXX.1 bind_addr 73.XX.XXX.49 identifier "WAN_DHCP "
Dec 2 22:03:41	dpinger	66813	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 10.X.X.1 bind_addr 10.X.X.2 identifier "NORDVPN_VPNV4 "
Dec 2 22:03:43	dpinger	66813	exiting on signal 15
Dec 2 22:03:43	dpinger	66052	exiting on signal 15
Dec 2 22:03:43	dpinger	30278	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 73.XX.XXX.1 bind_addr 73.XX.XXX.49 identifier "WAN_DHCP "
Dec 2 22:03:43	dpinger	31321	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 10.X.X.1 bind_addr 10.X.X.2 identifier "NORDVPN_VPNV4 "
Dec 2 22:03:44	dpinger	31321	exiting on signal 15
Dec 2 22:03:44	dpinger	30278	exiting on signal 15
Dec 2 22:03:44	dpinger	5455	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 73.XX.XXX.1 bind_addr 73.XX.XXX.X9 identifier "WAN_DHCP "
Dec 2 22:03:44	dpinger	5994	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 10.X.X.1 bind_addr 10.X.X.2 identifier "NORDVPN_VPNV4 "
Dec 2 22:03:47	dpinger	5994	exiting on signal 15
Dec 2 22:03:47	dpinger	5455	exiting on signal 15
Dec 2 22:03:47	dpinger	22641	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 73.XX.XXX.1 bind_addr 73.XX.XXX.4X identifier "WAN_DHCP "
Dec 2 22:03:47	dpinger	23458	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 10.X.X.1 bind_addr 10.X.X.2 identifier "NORDVPN_VPNV4 "
Dec 2 22:03:48	dpinger	23458	exiting on signal 15
Dec 2 22:03:48	dpinger	22641	exiting on signal 15
Dec 2 22:03:48	dpinger	83988	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 73.XX.XXX.1 bind_addr 73.XX.XXX.49 identifier "WAN_DHCP "
Dec 2 22:03:48	dpinger	84980	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 10.X.X.1 bind_addr 10.X.X.2 identifier "NORDVPN_VPNV4 "
Dec 2 22:03:50	dpinger	84980	exiting on signal 15
Dec 2 22:03:50	dpinger	83988	exiting on signal 15
Dec 2 22:03:50	dpinger	58539	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 73.XX.XXX.1 bind_addr 73.XX.XXX.49 identifier "WAN_DHCP "
Dec 2 22:03:50	dpinger	59560	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 10.X.X.1 bind_addr 10.X.X.2 identifier "NORDVPN_VPNV4 "
Dec 2 22:35:31	dpinger	59990	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 73.XX.XX.1 bind_addr 73.XX.XXX.49 identifier "WAN_DHCP "
Dec 2 22:35:31	dpinger	59990	exiting on signal 15
Dec 2 22:35:31	dpinger	65603	send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% alarm_hold 10000ms dest_addr 73.XX.XXX.1 bind_addr 73.XX.XXX.49 identifier "WAN_DHCP "

Status/Interface logs, this is just a sample - there are more interfaces - don't want to bombard this forum with too many logs; will furnish upon request.

***WAN Interface (wan, igb0)***
Status
up 
DHCP
up     Relinquish Lease
MAC Address
00:XX:bd:XX:XX:f9 
IPv4 Address
73.XX.XXX.49 
Subnet mask IPv4
255.255.254.0 
Gateway IPv4
73.XX.XXX.1 
IPv6 Link Local
fe80::XX:bdff:feXX:17f9%igb0 
MTU
1500 
Media
1000baseT <full-duplex> 
In/out packets
1344095/900635 (1.19 GiB/267.32 MiB) 
In/out packets (pass)
1344095/900635 (1.19 GiB/267.32 MiB) 
In/out packets (block)
73641/0 (346 KiB/0 B) 
In/out errors
0/0 
Collisions
0 
Interrupts
1833597 (36/s) 

***LAN#1 Interface (lan, igb1)***
Status
up 
MAC Address
00:XX:bd:XX:XX:f8 
IPv4 Address
192.168.1.1 
Subnet mask IPv4
255.255.255.0 
IPv6 Link Local
fe80::XXX:bdff:fX07:17f8%igb1 
MTU
1500 
Media
1000baseT <full-duplex> 
In/out packets
585839/1017883 (82.45 MiB/964.25 MiB) 
In/out packets (pass)
585839/1017883 (82.45 MiB/964.25 MiB) 
In/out packets (block)
779/0 (62 KiB/0 B) 
In/out errors
0/0 
Collisions
0 
Interrupts
2553681 (51/s) 

***LAN#2 Interface (opt1, igb2)***
Status
up 
MAC Address
00:XX:bd:XX:XX:09 
IPv4 Address
192.168.2.1 
Subnet mask IPv4
255.255.255.0 
IPv6 Link Local
fe80::XXX:bdff:feX7:1809%igb2 
MTU
1500 
Media
1000baseT <full-duplex> 
In/out packets
222089/131771 (66.32 MiB/66.52 MiB) 
In/out packets (pass)
222089/131771 (66.32 MiB/66.52 MiB) 
In/out packets (block)
103/0 (32 KiB/0 B) 
In/out errors
0/0 
Collisions
0 
Interrupts
833403 (17/s) 

***CELL Interface (opt2, igb1.10)***
Status
up 
MAC Address
00:XX:XX:XX:17:f8 
IPv4 Address
192.168.10.1 
Subnet mask IPv4
255.255.255.0 
IPv6 Link Local
fe80::XXc:XXff:fe07:17f8%igb1.10 
MTU
1500 
Media
1000baseT <full-duplex> 
In/out packets
168423/295435 (79.65 MiB/290.10 MiB) 
In/out packets (pass)
168423/295435 (79.65 MiB/290.10 MiB) 
In/out packets (block)
208/0 (11 KiB/0 B) 
In/out errors
0/6 
Collisions
0 

***IOT Interface (opt3, igb1.20)***
Status
up 
MAC Address
00:XX:bd:XX:XX:f8 
IPv4 Address
192.168.20.1 
Subnet mask IPv4
255.255.255.0 
IPv6 Link Local
fe80::XXc:XXff:fe07:17f8%igb1.20 
MTU
1500 
Media
1000baseT <full-duplex> 
In/out packets
136736/184120 (54.02 MiB/173.58 MiB) 
In/out packets (pass)
136736/184120 (54.02 MiB/173.58 MiB) 
In/out packets (block)
1704/0 (264 KiB/0 B) 
In/out errors
0/5 
Collisions
0 

***GUEST Interface (opt4, igb1.30)***

Status
up 
MAC Address
00:XX:bd:XX:17:f8 
IPv4 Address
192.168.30.1 
Subnet mask IPv4
255.255.255.0 
IPv6 Link Local
fe80::XXX:bdff:fe07:17f8%igb1.30 
MTU
1500 
Media
1000baseT <full-duplex> 
In/out packets
230/965 (42 KiB/1.23 MiB) 
In/out packets (pass)
230/965 (42 KiB/1.23 MiB) 
In/out packets (block)
0/0 (0 B/0 B) 
In/out errors
0/4 
Collisions
0 

***NORDVPN Interface (opt5, ovpnc1)***
Status
up 
IPv4 Address
10.X.X.7 
Subnet mask IPv4
255.255.255.0 
Gateway IPv4
10.X.X.1 
IPv6 Link Local
feXX::20c:XXff:fe07:17f9%ovpnc1 
MTU
1500 
In/out packets
1316090/884940 (1.16 GiB/242.31 MiB) 
In/out packets (pass)
1316090/884940 (1.16 GiB/242.31 MiB) 
In/out packets (block)
0/0 (0 B/0 B) 
In/out errors
0/0 
Collisions
0 

This new version of pfSense (2.7) now restarts the internet automatically without having to reboot pfSense/cable modem when it goes down and the downtimes only last a few mins, usually less than 15 mins; compared with past pfSense versions that required manual service restart of the OpenVPN client under service status. I hope this info helps.

I don't see any collisions reported on the log (interfaces). However, there some errors on the Vlan interfaces & interrupts seem a bit high? Is the Intel NIC / cable modem failing based on the above info? The cable modem status lights never vary when internet/ NordVPN is down. And I never have to reboot the system that includes pfSense and the cable modem. Like I said, the internet/NordVPN comes back online automatically without any intervention from me. Moreover, ISP's diagnostics found no issues on their end. A cable technician also came to the house and found nothing. "Everything is fine" according to my ISP. They say it must be my equipment.

Warning, I'm still learning. I'm no pfSense pro. I'm still at the advanced beginning stage . So please, don't be too technical with suggestions/solutions. Please dumb it down for me...

Thanks for the opportunity to list my issues on this forum with so many intelligent, friendly and helpful users. And thanks for previous help! Thus far, pfSense has been an enjoyable journey despite my current dilemma, and I'm hopeful this issue will be resolved with the help of this forum. : Sorry for this lengthy post and Happy Holidays!

jrey

@Ghost-0

See if the discussion here helps.

https://forum.netgate.com/topic/184265/danger-latency-on-wan-mildly-loaded/22?_=1702124435508

Cable/DOCSIS Modem under load, and you've got a VPN on top of that.

Cool_Corona

Disable IP6 and see if there is any change.

Ghost 0

@jrey

@jrey said in Experiencing frequent downtimes with pfSense 2.7... Is my Intel NIC/cable modem failing?:

Cable/DOCSIS Modem under load, and you've got a VPN on top of that.

I don't understand that statement. Please clarify...

Ghost 0

@Cool_Corona

Where in pfSense to disable IPv6?

Cool_Corona

@Ghost-0 https://medium.com/cloud-security/disable-ipv6-on-pfsense-e9e80fa656fb

stephenw10

Those gateway logs only show dpinger starting, they don't show any alarms.

Check the main system logs at that time to see what is restarting it.

Steve

Tzvia

I had a lot of issues with PFSense after finally setting up VLANs (work laptop has Absolute enabled- which is a rootkit- so I wanted to isolate that laptop and that turned into 5 vlan project at home...). Well, my router at first was one of those Qotom boxes with 6 intel gigabit ports so I used 4 for the lan and vlans, connecting 4 ethernet cables from it to my 'lite' layer 3 netgear switch. Then the problems started. Lots of exiting on signal 15. Lots of '100% packet loss' out of the blue, lasting several minutes at a time, several times a day. I'm working from home and ZOOM ip calls would drop due to this... I blamed my cable provider (Spectrum, Los Angeles area) but to them 'it was working'. The IOT vlan would show lots of errors-out, slowly incrementing up on the dashboard. Decided to get a new router as Qotom was starting to get old and I needed to use a dumb switch between it and the modem to keep the connection from flapping. So I bought a new mini fanless PC that has 6 2.5 gig Intel i226 ports, a few months ago. The modem Spectrum had provided does have a 2.5gig ethernet, and now connected at that speed to my new router no dumb switch needed. But the IOT port errors, the exiting on signal 15, the random 100% packet loss continued....

So I started researching buying a new modem because it's gotta be the crappy Hitron modem Spectrum provided, (I need one with POTS support for phones), when it dawned on me that even though I used brand new Cable Matters brand shielded ethernet cables, maybe that dang cable was bad between the port on the router for IOT VLAN and the switch... I grabbed another cable and swapped it out. Dang, no more exit on signal 15. No more 100% packet loss. Been 3 weeks... I am just dumbfounded. Packet loss used to happen 3~4 times a day...

Sorry for the long story... sometimes the dumbest simple thing can be the cause of the biggest pain in the arce...

Ghost 0

@jrey
I know this an old thread....But, it appears that your statement, "Cable/DOCSIS Modem under load, and you've got a VPN on top of that", is spot on. I recently updated my Netgear DOCSIS 3.0 to a used/like new Motorola DOCSIS 3.1 from eBay for a few coins And thus far, I haven't received the frequent error messages, listed above in my first post, after ten days. It appears that this issues has been resolved, albeit it only has been 10 days with this new modem. I used to experience the error messages frequently almost daily and at least every couple days. My suspicion was always the cable modem since that particular Netgear cable modem uses the controversial Intel chipset instead of the Broadcom chipset, but the pfSense log confused the matter because it showed both the cable modem and my VPN were potential culprits. I pulled the trigger because the Motorola cable modem was such a good deal to pass up. Thanks for pointing out the cable modem was the most likely the culprit!

0