Rebooting WLAN AP brings back Internet

michmoor

I bought a SG-1100 for my mother and making my bi-yearly visit to NYC i swapped out a Protectli box for the 1100. So far so good. I have a site2site WG tunnel back to my home.
So today is the day im leaving to go back home and access to the internet went away. I tried logging into the 1100 and i am greeted with the following page.

It didnt matter what i clicked on the page as it kept refreshing to this error.
The weird thing is that my Wireguard S2S was still working. Im able to access my lab back home , media server, etc.. Just internet local was broken.
I SSH'D to the pfsense and i was able to ping LAN devices along with WAN sites. So on the surface the firewall was peforming as expected.
Still wasnt convinced it was the 1100 even though the crash dump was a tell-tell sign that maybe something got borked i ended up rebooting the WLAN NightHawk that is in Bridged mode - Internet came backup.

I do not understand at all why rebooting the wifi AP resolved the problem. Any ideas?

wifi AP (bridged mode) -----pfsense LAN ----Internet

Adding additional color. My system logs was flooded with this message but has since stopped since the AP reboot.

stephenw10

What did the crash report show?

If it was directly connected then rebooting the AP would have seen the interface bounce. That would have restarted a bunch of stuff.

michmoor

@stephenw10
How do I access the report? When I clicked on the link to take me to the crash report it just brought me back to the same page. Is there another way in the GUI?
And yes once I rebooted the AP I saw a bunch of services such as DDNS and pfblocker restart

stephenw10

It's in /var/crash if it was created correctly.

michmoor

@stephenw10

I’m afraid there’s no report at least with a correct timestamp

stephenw10

Hmm, well it may have been unable to create one. Or there may not have been a full report. The system logs should show some errors at that time though. Anything beyond that php-fpm.socket logs? That looks like php stopped for some reason.

michmoor

@stephenw10 i pulled the logs from July 15. Incident started around 5:40am ET

Just looking at the logs for whatever reason the WAN interface got a private WAN address. tshoot.txt

The file is uploaded in this post.

The logs are flooded with the check reload status script. Not sure what it does but I've had numerous problems with it in the past.

Jul 15 10:31:24 790CCV-FW nginx: 2024/07/15 10:31:24 [crit] 71318#100224: *264 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET / HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443"
Jul 15 10:31:24 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:25 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:26 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:27 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:28 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:28 790CCV-FW nginx: 2024/07/15 10:31:28 [crit] 71318#100224: *267 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET / HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/"
Jul 15 10:31:29 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:29 790CCV-FW nginx: 2024/07/15 10:31:29 [crit] 71318#100224: *267 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET / HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/"
Jul 15 10:31:30 790CCV-FW nginx: 2024/07/15 10:31:30 [crit] 71318#100224: *267 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET / HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/"
Jul 15 10:31:30 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:31 790CCV-FW nginx: 2024/07/15 10:31:31 [crit] 71318#100224: *267 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET /crash_reporter.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/"
Jul 15 10:31:31 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:32 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:33 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:34 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:35 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:36 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:37 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:38 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:39 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:40 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:41 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:42 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:43 790CCV-FW nginx: 2024/07/15 10:31:43 [crit] 71318#100224: *273 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET / HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443"
Jul 15 10:31:43 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:44 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:45 790CCV-FW nginx: 2024/07/15 10:31:45 [crit] 71318#100224: *273 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET /crash_reporter.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/"
Jul 15 10:31:45 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:46 790CCV-FW nginx: 2024/07/15 10:31:46 [crit] 71318#100224: *277 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET /crash_reporter.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/crash_reporter.php"
Jul 15 10:31:46 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:47 790CCV-FW nginx: 2024/07/15 10:31:47 [crit] 71318#100224: *277 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET /crash_reporter.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/crash_reporter.php"
Jul 15 10:31:47 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:47 790CCV-FW nginx: 2024/07/15 10:31:47 [crit] 71318#100224: *277 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET /crash_reporter.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/crash_reporter.php"
Jul 15 10:31:48 790CCV-FW nginx: 2024/07/15 10:31:48 [crit] 71318#100224: *277 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET /crash_reporter.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/crash_reporter.php"
Jul 15 10:31:48 790CCV-FW nginx: 2024/07/15 10:31:48 [crit] 71318#100224: *277 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET /crash_reporter.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/crash_reporter.php"
Jul 15 10:31:48 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:49 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:50 790CCV-FW nginx: 2024/07/15 10:31:50 [crit] 71318#100224: *277 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET /crash_reporter.php HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/crash_reporter.php"
Jul 15 10:31:50 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:50 790CCV-FW nginx: 2024/07/15 10:31:50 [crit] 71318#100224: *277 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET / HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/crash_reporter.php"
Jul 15 10:31:51 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:51 790CCV-FW nginx: 2024/07/15 10:31:51 [crit] 71318#100224: *277 connect() to unix:/var/run/php-fpm.socket failed (2: No such file or directory) while connecting to upstream, client: 192.168.70.103, server: , request: "GET / HTTP/2.0", upstream: "fastcgi://unix:/var/run/php-fpm.socket:", host: "192.168.70.254:10443", referrer: "https://192.168.70.254:10443/"
Jul 15 10:31:52 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:53 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket
Jul 15 10:31:54 790CCV-FW check_reload_status[665]: Could not connect to /var/run/php-fpm.socket

Gertjan

@michmoor

For a reason yet to be determined, PHP stopped.

This :

Rebooting WLAN AP brings back Internet

will take down the (a) LAN interface, and when it comes back, this will trigger the restart of many processes, and among them, PHP.

stephenw10

Hmm, all of that is probably because php has stopped. Is there an initial log showing why php might have stopped?

michmoor

@stephenw10 Been scanning the log files of the 15th and i don't see anything sticking out at all.
Based on what @Gertjan it makes sense why connectivity was restored - LAN interface went down and most processes restarted. However as a troubleshooting step i did log into the firewall and restart PHP and that had no effect.

Curious @stephenw10 Why does a port bounce trigger so many processes restarts? Assuming no 3rd party packages.

stephenw10

Because anything listening on that interface will be restarted and that includes a lot of things (DHCP, DNS etc). Even more things because some of those processes will restart other processes.

michmoor

@stephenw10 interesting. Is this architecturally done on purpose?

stephenw10

Yes, many things must be restarted if they are listening directly on an interface that goes down. Otherwise they just throw errors and stop listening on any other interface.

michmoor

@stephenw10 gotcha. Thanks for taking the time out to explain. Much appreciated.