Pfsense Access Interruption

stephenw10

What access is lost when this happens? To pfSense itself? The webgui? SSH?

To other VMs behind it?

Do you see blocked traffic in the logs?

Anything else logged?

Steve

SpaceXTexnologiya

@stephenw10
Hi Steve
Pfsense is going both gui and ssh access.
I can only connect to Console via Hyper-V. Pfsense is installed virtually on Hyper-V.
Since Pfsense access is gone, access to all my environments is also cut off and this puts me in a very difficult situation.
I couldn't find anything blocking the traffic, I checked the system logs.
The outage occurs suddenly and does not recover until I restart pfsense.
It recovers after the restart.

Thanks.

stephenw10

Ok so the virtual console is still responsive when this happens?

Can you ping out from the console? What error do you see if you can't?

Do the interfaces show as UP in ifconfig still?

SpaceXTexnologiya

@stephenw10
I don't see any error message in the console.
Default pfsense options come up and I restart with the reboot normally (5 ) option in the options here.
There is no ping access either. I could not find out if there is a version-related problem or a different problem, it is a very problematic situation.

stephenw10

So option 5 works at the console to reboot but option 8 to reach the command line does not?

SpaceXTexnologiya

@stephenw10 said in Pfsense Access Interruption:

So option 5 works at the console to reboot but option 8 to reach the command line does not?

Reply

I access the command line, I examine the logs, but I do not see any error message in the logs. It seems to be fine, but the connection is lost.

stephenw10

Ok so what happens if you try to ping out? If the ping fails what error is shown?

SpaceXTexnologiya

@stephenw10
I'll try this when it gives me an error, there is no interruption now, it's been 1 day since I last restarted.
It's not a periodic interruption, it just goes away. When there is an outage, I check the server resources and everything is at a normal level.
Is there anything else you want me to test?

stephenw10

Yes check the routing table with netstat -rn4

And check the output of ifconfig to see what the status of the NICs are.

Basically we want to see exactly what is or isn't working in that state. It could be virtual NICs simply stop passing traffic of course in which case that's hard to diagnose.

SpaceXTexnologiya

@stephenw10
Now I have an access interruption again, I have checked everything seems normal with these commands. However, I could not understand why there was an access interruption.

stephenw10

So you can ping out to external sites?

Can you ping the internal VMs too?

If so that seems like a routing/switching issue in Hyper-V perhaps.

SpaceXTexnologiya

@stephenw10
1- failed to ping external sites
2- failed to ping internal vms
3- I could pfsense only ping own IP address

Do you have any idea what could be wrong ?
I have been researching the problem for a long time, but I have not found anything.

Thanks

stephenw10

And what error did it show when you tried to ping? Just timed out? No route? TTL expired? Network down?

If ifconfig shows the NICs as still linked and it has a valid route still then I would expect it to try to send traffic to the gateway. If the virtual NICs just stopped passing traffic then it will fail to ARP for the gateway and show an error related to that. However if it can still ARP for the gateway then that's probably some network config issue.