Pfsense 2.6.0 freeze randomly
-
Hello everyone,
We are experiencing an issue with our firewall running pfSense 2.6.0 on an HP DL20. The firewall randomly freezes, sometimes after a day, other times after a month, losing connectivity on all interfaces. The screen also becomes unresponsive, and the keyboard does not respond.
The firewall is configured with Intel(R) I350 and Broadcom BCM57416 NetXtreme-E 10GBase-T Ethernet interfaces, using dual gateways without failover currently enabled.
After the crash, we restart the firewall, but no logs or crash dumps are saved.
We have configured the value kern.ipc.nmbclusters="1000000" as explained in the guide, but without success.
Has anyone experienced the same problem or know how to retrieve more logs to better diagnose the situation?
-
You might try upgrading. The current version is 2.7.2.
-
Completely unresponsive, even at the console, and no crash report is usually a hardware issue. Especially if it just started doing it without an associated config change.
Is there an error shown on the console when it stops responding?
Steve
-
Hi, thanks for the responses.
@JKnott
For now, we cannot update because we cannot interrupt the services.@stephenw10
No, no errors on the console. We had performed hardware tests but did not find any errors. We will conduct more in-depth checks.The firewall is used in a hotel, and we have noticed that the crashes occur when there is a high amount of traffic. The firewall also has a captive portal active and handles about 1000 login per week. The logs contain these records:
Jul 9 09:28:29 check_reload_status 408 Syncing firewall
Jul 9 09:28:29 radiusd 17876 (1638) Login OK: [username] (from client captiveportal port 12310 cli xx-xx-xx-xx-xx-xx)Is it possible that too many login in captive are causing a complete crash?
-
No, a lot of logins might prevent people logging in but it should not affect the firewall or underlying OS.
1000 logins per week is not particularly high though, I wouldn't expect any issue from that.
-
@net95 said in Pfsense 2.6.0 freeze randomly:
For now, we cannot update because we cannot interrupt the services
I used to be a computer tech, working on big systems, and also worked in telecom for many years. When a critical system had to be updated, etc., common practice was to do it after hours. I've been in at 4AM and even came in on New Years day for Y2K. If your firewall is freezing it's likely a hardware issue and could fail completely at any time. Also, updating doesn't take much time. If done during the business day, common practice is to just let everyone know there will be a brief outage.
