To do 24.11 or not? That's the question.

Gertjan

@chudak said in To do 24.11 or not? That's the question.:

I monitor my Windows VM via ping every 60 seconds

pfSense is using 'dpinger' to ping a upstream gateway (often 8.8.8.8) every 500 msec, just to check if the upstream Internet connection is working.
What I mean : pfSense can ping hosts just fine. Launch a ping test to some LAN hist, or actyally any host yourself with the GUI.
If some VM refuses to answer .... well, have a look at that VM.

@chudak said in To do 24.11 or not? That's the question.:

Felt like DNS resolution was on and off.

Check your unbound.
Is it getting restarted a lot ? Check the unbound (resolver) log.
Mine doesn't https://www.test-domaine.fr/munin/brit-hotel-fumel.net/pfsense.brit-hotel-fumel.net/unbound_munin_memory.html - and the recent restarts are normal, I just switched to 24.11 and trying out a lot of things, also rebooting.

DNS is pretty (very) solid for me.
( and we all use the exact same binary ^^ )

stephenw10

@chudak What are you running this on?

chudak

@stephenw10 said in To do 24.11 or not? That's the question.:

@chudak What are you running this on?

QOTOM-Q355G4

stephenw10

Hmm, should be fine. We can only speculate though without more information. If you can I would boot back into 24.11 and look at the CPU usage and system logs to see what's happening.

chudak

@stephenw10 said in To do 24.11 or not? That's the question.:

Hmm, should be fine. We can only speculate though without more information. If you can I would boot back into 24.11 and look at the CPU usage and system logs to see what's happening.

I am physically don't have access to my psF bix now and hesitant to mess with it remotely.

Hope somebody else reports similar (or not) and I will try later and wait for a point update.

chudak

@stephenw10 said in To do 24.11 or not? That's the question.:

Hmm, should be fine. We can only speculate though without more information. If you can I would boot back into 24.11 and look at the CPU usage and system logs to see what's happening.

OK booted up to 24.11 and watching carefully now.

I do see connections being unstable.

I'm actually pinging my pfS router and one of my VMs all the time. The ping stops after several minutes and then starts working again.

What would you suggest to check?

Thx

PS: I ping from a remote system, connected via TaleSclae, and checked OpenVPN, so services seem to be working fine

chudak

@chudak

I may have a suspect theory.

I see in the logs:

Dec 5 09:19:27 root 59812 Bootup complete

(it could be I missed reboot emails as they were mixed with many others)

That was not my reboot and it corresponds with "instability" timestamps.

Will watch it carefully...

stephenw10

So you think it could be rebooting? That should be logged, should be pretty clear.

chudak

@stephenw10 said in To do 24.11 or not? That's the question.:

So you think it could be rebooting? That should be logged, should be pretty clear.

It is pretty clear now based on three examples:

Dec 5 09:36:55 root 24282 Bootup complete
Dec 5 09:19:27 root 59812 Bootup complete
Dec 5 09:02:16 root 89932 Bootup complete

Those were unintentional reboots done by pfS :)

Now what?

Looks like every 17 min

stephenw10

Right so check the logs what's triggering that. It should show if something there is deliberately rebooting.

You should see alerts if it's crashing.

Anything shown at the console?

chudak

@stephenw10

Looking

Here is the log before the last reboot @09:36:55:

Dec 5 09:36:55	root	24282	Bootup complete
Dec 5 09:36:55	php_pfb	23572	[pfBlockerNG] filterlog daemon stopped
Dec 5 09:36:55	tail_pfb	22598	[pfBlockerNG] Firewall Filter Service stopped
Dec 5 09:36:55	lighttpd_pfb	20275	[pfBlockerNG] DNSBL Webserver stopped
Dec 5 09:36:54	vnstatd	13503	Error: pidfile "/var/run/vnstat/vnstat.pid" lock failed (Resource temporarily unavailable), exiting.
Dec 5 09:36:54	tail_pfb	13967	[pfBlockerNG] Firewall Filter Service stopped
Dec 5 09:36:54	php-fpm	19145	[pfBlockerNG] Starting firewall filter daemon
Dec 5 09:36:30	php	30015	[pfBlockerNG] DNSBL parser daemon started
Dec 5 09:36:30	avahi-daemon	62195	Service "pfsense" (/usr/local/etc/avahi/services/sftp-ssh.service) successfully established.
Dec 5 09:36:30	avahi-daemon	62195	Service "pfsense" (/usr/local/etc/avahi/services/ssh.service) successfully established.
Dec 5 09:36:30	lighttpd_pfb	27752	[pfBlockerNG] DNSBL Webserver started
Dec 5 09:36:30	lighttpd_pfb	24017	[pfBlockerNG] DNSBL Webserver stopped
Dec 5 09:36:29	tailscale	20407	Bringing up tailscale0 with --auth-key=tskey-auth-k5t2n27Vc421CNTRL-mLnMsa4WfTP6LUikfAjAYPzpxi9WNqn4J --login-server=https://controlplane.tailscale.com --advertise-exit-node --accept-routes --accept-dns --advertise-routes=192.168.90.0/24,192.168.70.0/24,192.168.20.0/24
Dec 5 09:36:29	tailscale	19992	Added tailscale0 to interface group Tailscale
Dec 5 09:36:29	tailscale	19222	Found device tailscale0
Dec 5 09:36:29	kernel		tun0: changing name to 'tailscale0'
Dec 5 09:36:29	kernel		tun0: link state changed to UP
Dec 5 09:36:29	avahi-daemon	62195	Server startup complete. Host name is pfsense.local. Local service cookie is 1039045356.
Dec 5 09:36:29	kernel		tun_wg0: link state changed to UP
Dec 5 09:36:29	check_reload_status	684	Reloading filter
Dec 5 09:36:29	php_wg	60883	/usr/local/pkg/wireguard/includes/wg_service.inc: Gateway, NONE AVAILABLE
Dec 5 09:36:29	snort	58498	Added firewall interface tun_wg0 IPv4 address 10.0.20.1 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface ovpns2 IPv4 address 192.168.20.1 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface ovpns2 IPv6 address fe80::20e:c4ff:fed1:6f27 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface lo0 IPv4 address 127.0.0.1 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface lo0 IPv6 address fe80::1 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface lo0 IPv6 address ::1 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface igb2 IPv4 address 192.168.70.1 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface igb2 IPv6 address fe80::20e:c4ff:fed1:6f29 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface igb1 IPv4 address 10.10.10.1 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface igb1 IPv4 address 192.168.90.1 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface igb1 IPv6 address fe80::20e:c4ff:fed1:6f28 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface igb0 IPv4 address 135.180.64.210 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Added firewall interface igb0 IPv6 address fe80::20e:c4ff:fed1:6f27 to automatic interface IP Pass List.
Dec 5 09:36:29	snort	58498	Populating the internal list of firewall interface IP addresses for auto-whitelisting.
Dec 5 09:36:29	snort	58498	Initializing 'alert_pf' custom output module for Legacy Mode Blocking.
Dec 5 09:36:28	kernel		wg0: changing name to 'tun_wg0'
Dec 5 09:36:28	tailscale	79398	Waiting for device tailscale0
Dec 5 09:36:28	avahi-daemon	62195	Registering HINFO record with values 'AMD64'/'FREEBSD'.
Dec 5 09:36:28	avahi-daemon	62195	Registering new address record for 192.168.90.1 on igb1.IPv4.
Dec 5 09:36:28	avahi-daemon	62195	Registering new address record for 10.10.10.1 on igb1.IPv4.
Dec 5 09:36:28	avahi-daemon	62195	Registering new address record for 192.168.70.1 on igb2.IPv4.
Dec 5 09:36:28	avahi-daemon	62195	Network interface enumeration completed.
Dec 5 09:36:28	avahi-daemon	62195	New relevant interface igb1.IPv4 for mDNS.
Dec 5 09:36:28	avahi-daemon	62195	Joining mDNS multicast group on interface igb1.IPv4 with address 10.10.10.1.
Dec 5 09:36:28	avahi-daemon	62195	New relevant interface igb2.IPv4 for mDNS.
Dec 5 09:36:28	avahi-daemon	62195	Joining mDNS multicast group on interface igb2.IPv4 with address 192.168.70.1.
Dec 5 09:36:28	avahi-daemon	62195	Loading service file /usr/local/etc/avahi/services/ssh.service.
Dec 5 09:36:28	avahi-daemon	62195	Loading service file /usr/local/etc/avahi/services/sftp-ssh.service.
Dec 5 09:36:28	avahi-daemon	62195	avahi-daemon 0.8 starting up.
Dec 5 09:36:28	avahi-daemon	62195	Successfully dropped root privileges.
Dec 5 09:36:28	avahi-daemon	62195	Found user 'avahi' (UID 558) and group 'avahi' (GID 558).
Dec 5 09:36:28	kernel		tun_wg0: link state changed to DOWN
Dec 5 09:36:28	php-fpm	19145	/rc.start_packages: Starting service avahi
Dec 5 09:36:28	vnstatd	56701	Interface "ovpns1" disabled.
Dec 5 09:36:28	vnstatd	56701	Monitoring (10): tun_wg0 (1000 Mbit) pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpns2 (1000 Mbit) ovpns1 (1000 Mbit) igb3 (10 Mbit) igb2 (1000 Mbit) igb1 (1000 Mbit) igb0 (1000 Mbit) enc0 (1000 Mbit)
Dec 5 09:36:28	vnstatd	56701	Data retention: 48 5MinuteHours, 4 HourlyDays, 62 DailyDays, 25 MonthlyMonths, -1 YearlyYears, 20 TopDayEntries
Dec 5 09:36:28	vnstatd	56701	vnStat daemon 2.12 (pid:56701 uid:0 gid:0, SQLite 3.46.1)
Dec 5 09:36:28	SnortStartup	58213	Snort START for WAN snort protect(igb0)...
Dec 5 09:36:28	vnstatd	77086	SIGTERM received, exiting.
Dec 5 09:36:21	arpwatch	95264	listening on igb0
Dec 5 09:36:21	arpwatch	94921	listening on igb2
Dec 5 09:36:21	arpwatch	94536	listening on igb1
Dec 5 09:36:18	vnstatd	77086	Interface "ovpns1" disabled.
Dec 5 09:36:18	vnstatd	77086	Monitoring (10): tun_wg0 (1000 Mbit) pfsync0 (1000 Mbit) pflog0 (1000 Mbit) ovpns2 (1000 Mbit) ovpns1 (1000 Mbit) igb3 (10 Mbit) igb2 (1000 Mbit) igb1 (1000 Mbit) igb0 (1000 Mbit) enc0 (1000 Mbit)
Dec 5 09:36:18	vnstatd	77086	Data retention: 48 5MinuteHours, 4 HourlyDays, 62 DailyDays, 25 MonthlyMonths, -1 YearlyYears, 20 TopDayEntries
Dec 5 09:36:18	vnstatd	77086	vnStat daemon 2.12 (pid:77086 uid:0 gid:0, SQLite 3.46.1)
Dec 5 09:36:18	bandwidthd	78546	Packet Encoding: Ethernet
Dec 5 09:36:18	bandwidthd	78546	Opening igb1
Dec 5 09:36:18	bandwidthd	78432	Packet Encoding: Ethernet
Dec 5 09:36:18	bandwidthd	78432	Opening igb1
Dec 5 09:36:18	bandwidthd	78714	Packet Encoding: Ethernet
Dec 5 09:36:18	bandwidthd	78714	Opening igb1
Dec 5 09:36:18	bandwidthd	78133	Packet Encoding: Ethernet
Dec 5 09:36:18	bandwidthd	78133	Opening igb1
Dec 5 09:36:18	bandwidthd	77838	Packet Encoding: Ethernet
Dec 5 09:36:18	bandwidthd	77838	Opening igb1
Dec 5 09:36:18	bandwidthd	76133	Monitoring subnet 135.180.64.0 with netmask 255.255.240.0
Dec 5 09:36:18	bandwidthd	77541	Packet Encoding: Ethernet
Dec 5 09:36:18	bandwidthd	77417	Packet Encoding: Ethernet
Dec 5 09:36:18	bandwidthd	77819	Packet Encoding: Ethernet
Dec 5 09:36:18	bandwidthd	76133	Monitoring subnet 192.168.70.0 with netmask 255.255.255.0
Dec 5 09:36:18	bandwidthd	77819	Opening igb1
Dec 5 09:36:18	bandwidthd	77541	Opening igb1
Dec 5 09:36:18	bandwidthd	77417	Opening igb1
Dec 5 09:36:18	bandwidthd	75653	Monitoring subnet 135.180.64.0 with netmask 255.255.240.0
Dec 5 09:36:18	bandwidthd	75653	Monitoring subnet 192.168.70.0 with netmask 255.255.255.0
Dec 5 09:36:18	bandwidthd	75653	Monitoring subnet 192.168.90.0 with netmask 255.255.255.0
Dec 5 09:36:18	bandwidthd	76133	Monitoring subnet 192.168.90.0 with netmask 255.255.255.0
Dec 5 09:36:18	kernel		igb0: promiscuous mode enabled
Dec 5 09:36:18	kernel		igb2: promiscuous mode enabled
Dec 5 09:36:18	kernel		igb1: promiscuous mode enabled
Dec 5 09:36:17	ntopng	63612	05/Dec/2024 09:36:17 [Ntop.cpp:265] ERROR: Another ntopng instance is running...
Dec 5 09:36:14	php-cgi	94932	notify_monitor.php: Message sent to yuri.weinstein+pfsense@gmail.com OK
Dec 5 09:36:13	php-fpm	19145	/rc.start_packages: Restarting/Starting all packages.
Dec 5 09:36:07	sshguard	71782	Now monitoring attacks.
Dec 5 09:36:07	check_reload_status	684	Reloading filter
Dec 5 09:36:07	syslogd		kernel boot file is /boot/kernel/kernel
Dec 5 09:36:07	syslogd		exiting on signal 15
Dec 5 09:36:05	root	42573	/etc/rc.d/hostid: WARNING: hostid: unable to figure out a UUID from DMI data, generating a new one
Dec 5 09:36:05	sshguard	94443	Exiting on signal.
Dec 5 09:36:05	sshguard	91839	Exiting on signal.
Dec 5 09:36:04	kernel		done.
Dec 5 09:36:04	php-cgi	731	rc.bootup: Creating rrd update script
Dec 5 09:35:59	kernel		.done.
Dec 5 09:35:59	php-cgi	731	rc.bootup: The command '/usr/local/sbin/strongswanrc stop' returned exit code '1', the output was 'strongswan not running? (check /var/run/daemon-charon.pid).'
Dec 5 09:35:59	php-fpm	632	/rc.dyndns.update: phpDynDNS (): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
Dec 5 09:35:55	php-fpm	632	/rc.dyndns.update: phpDynDNS (chudak.no-ip.org): No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
Dec 5 09:35:55	kernel		..
Dec 5 09:35:54	kernel		done.
Dec 5 09:35:54	check_reload_status	684	Updating all dyndns
Dec 5 09:35:53	kernel		done.
Dec 5 09:35:53	php-cgi	731	rc.bootup: NTPD is starting up.
Dec 5 09:35:49	php-fpm	65695	/rc.newwanip: Gateway, NONE AVAILABLE
Dec 5 09:35:47	kernel		done.
Dec 5 09:35:46	kernel		done.
Dec 5 09:35:46	php-cgi	731	rc.bootup: sync unbound done.
Dec 5 09:35:45	kernel		done.
Dec 5 09:35:45	php-cgi	731	rc.bootup: Gateway, NONE AVAILABLE
Dec 5 09:35:45	kernel		.done.
Dec 5 09:35:42	php-fpm	631	/rc.newwanip: Gateway, NONE AVAILABLE
Dec 5 09:35:39	php-fpm	19145	/rc.linkup: Ignoring link event during boot sequence.
Dec 5 09:35:39	php-fpm	632	/rc.newwanip: Gateway, NONE AVAILABLE
Dec 5 09:35:38	kernel		igb2: link state changed to UP
Dec 5 09:35:38	php-fpm	19145	/rc.linkup: Ignoring link event during boot sequence.
Dec 5 09:35:38	check_reload_status	684	Linkup starting igb2
Dec 5 09:35:37	kernel		igb1: link state changed to UP
Dec 5 09:35:37	check_reload_status	684	Linkup starting igb1
Dec 5 09:35:35	php-fpm	19145	/rc.newwanip: Interface is unassigned, nothing to do.
Dec 5 09:35:35	php-fpm	19145	/rc.newwanip: rc.newwanip: Info: starting on ovpns2.
Dec 5 09:35:35	sshd	25255	Server listening on 0.0.0.0 port 22.
Dec 5 09:35:35	sshd	25255	Server listening on :: port 22.
Dec 5 09:35:35	php-fpm	19145	/rc.linkup: Ignoring link event during boot sequence.
Dec 5 09:35:35	php-fpm	19145	/rc.linkup: Ignoring link event during boot sequence.
Dec 5 09:35:34	php-fpm	65695	/rc.newwanip: rc.newwanip: on (IP address: 135.180.64.210) (interface: WAN[wan]) (real interface: igb0).
Dec 5 09:35:34	php-fpm	65695	/rc.newwanip: rc.newwanip: Info: starting on igb0.
Dec 5 09:35:34	check_reload_status	684	rc.newwanip starting ovpns2
Dec 5 09:35:34	kernel		ovpns2: link state changed to UP
Dec 5 09:35:34	kernel		tun2: changing name to 'ovpns2'
Dec 5 09:35:34	php-cgi	731	rc.bootup: Resyncing OpenVPN instances.
Dec 5 09:35:34	check_reload_status	684	starting sshd
Dec 5 09:35:34	check_reload_status	684	Linkup starting igb2
Dec 5 09:35:34	kernel		igb2: link state changed to DOWN
Dec 5 09:35:34	kernel		igb1: link state changed to DOWN
Dec 5 09:35:33	check_reload_status	684	Linkup starting igb1
Dec 5 09:35:33	check_reload_status	684	rc.newwanip starting igb0
Dec 5 09:35:32	php-fpm	631	/rc.newwanip: rc.newwanip: on (IP address: 135.180.64.210) (interface: WAN[wan]) (real interface: igb0).
Dec 5 09:35:32	php-fpm	631	/rc.newwanip: rc.newwanip: Info: starting on igb0.
Dec 5 09:35:32	kernel		pflog0: promiscuous mode enabled
Dec 5 09:35:32	php-fpm	632	/rc.newwanip: rc.newwanip: on (IP address: 135.180.64.210) (interface: WAN[wan]) (real interface: igb0).
Dec 5 09:35:32	php-fpm	632	/rc.newwanip: rc.newwanip: Info: starting on igb0.
Dec 5 09:35:31	check_reload_status	684	rc.newwanip starting igb0
Dec 5 09:35:31	php-fpm	631	/rc.linkup: DHCP Client not running on wan (igb0), reconfiguring dhclient.
Dec 5 09:35:31	check_reload_status	684	rc.newwanip starting igb0
Dec 5 09:35:31	php-fpm	631	/rc.linkup: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf -p /var/run/dhclient.igb0.pid igb0 > /tmp/igb0_output 2> /tmp/igb0_error_output' returned exit code '15', the output was ''
Dec 5 09:35:31	sshguard	91839	Now monitoring attacks.
Dec 5 09:35:31	kernel		igb0: link state changed to UP
Dec 5 09:35:31	kernel		lo0: link state changed to UP
Dec 5 09:35:31	kernel		coretemp0: <CPU On-Die Thermal Sensors> on cpu0
Dec 5 09:35:31	kernel		igb2: link state changed to UP
Dec 5 09:35:31	kernel		igb0: link state changed to DOWN
Dec 5 09:35:31	kernel		igb1: link state changed to UP
Dec 5 09:35:31	kernel		igb0: link state changed to UP
Dec 5 09:35:31	kernel		tun_wg0: link state changed to UP
Dec 5 09:35:31	kernel		wg0: changing name to 'tun_wg0'
Dec 5 09:35:31	kernel		aesni0: <AES-CBC,AES-CCM,AES-GCM,AES-ICM,AES-XTS>
Dec 5 09:35:31	kernel		smbus0: <System Management Bus> on ichsmb0
Dec 5 09:35:31	kernel		ichsmb0: <Intel Wildcat Point-LP SMBus controller> port 0xf040-0xf05f mem 0xf7418000-0xf74180ff irq 18 at device 31.3 on pci0
Dec 5 09:35:31	kernel		TSC: P-state invariant, performance statistics
Dec 5 09:35:31	kernel		VT-x: PAT,HLT,MTF,PAUSE,EPT,UG,VPID
Dec 5 09:35:31	kernel		XSAVE Features=0x1<XSAVEOPT>
Dec 5 09:35:31	kernel		Structured Extended Features3=0x9c000600<MCUOPT,MD_CLEAR,IBPB,STIBP,L1DFL,SSBD>
Dec 5 09:35:31	kernel		Structured Extended Features=0x21c27ab<FSGSBASE,TSCADJ,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,NFPUSG,RDSEED,ADX,SMAP,PROCTRACE>
Dec 5 09:35:31	kernel		AMD Features2=0x121<LAHF,ABM,Prefetch>
Dec 5 09:35:31	kernel		AMD Features=0x2c100800<SYSCALL,NX,Page1GB,RDTSCP,LM>
Dec 5 09:35:31	kernel		Features2=0x7ffafbbf<SSE3,PCLMULQDQ,DTES64,MON,DS_CPL,VMX,EST,TM2,SSSE3,SDBG,FMA,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND>
Dec 5 09:35:31	kernel		Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
Dec 5 09:35:31	kernel		Origin="GenuineIntel" Id=0x306d4 Family=0x6 Model=0x3d Stepping=4
Dec 5 09:35:31	kernel		CPU: Intel(R) Core(TM) i5-5250U CPU @ 1.60GHz (1596.30-MHz K8-class CPU)
Dec 5 09:35:31	kernel		ada0: 28626MB (58626288 512 byte sectors)
Dec 5 09:35:31	kernel		ada0: Command Queueing enabled
Dec 5 09:35:31	kernel		ada0: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 8192bytes)
Dec 5 09:35:31	kernel		ada0: Serial Number CVLI613001ZZ030H
Dec 5 09:35:31	kernel		ada0: <INTEL SSDMCEAC030B3 LLLi> ACS-2 ATA SATA 3.x device
Dec 5 09:35:31	kernel		ada0 at ahcich0 bus 0 scbus0 target 0 lun 0
Dec 5 09:35:31	kernel		Root mount waiting for: CAM
Dec 5 09:35:31	kernel		Root mount waiting for: CAM
Dec 5 09:35:31	kernel		Root mount waiting for: CAM
Dec 5 09:35:31	kernel		Root mount waiting for: CAM
Dec 5 09:35:31	kernel		Root mount waiting for: CAM
Dec 5 09:35:31	kernel		Root mount waiting for: CAM
Dec 5 09:35:31	kernel		Root mount waiting for: CAM
Dec 5 09:35:31	kernel		uhub2: 8 ports with 8 removable, self powered
Dec 5 09:35:31	kernel		uhub2: <vendor 0x8087 product 0x8001, class 9/0, rev 2.00/0.03, addr 2> on usbus1
Dec 5 09:35:31	kernel		uhub2 on uhub0
Dec 5 09:35:31	kernel		ugen1.2: <vendor 0x8087 product 0x8001> at usbus1
Dec 5 09:35:31	kernel		kbd2 at ukbd0
Dec 5 09:35:31	kernel		ukbd0: <vendor 0x1507 2.4G Composite Devic, class 0/0, rev 1.10/2.00, addr 1> on usbus0
Dec 5 09:35:31	kernel		ukbd0 on uhub1
Dec 5 09:35:31	kernel		ugen0.2: <vendor 0x1507 2.4G Composite Devic> at usbus0
Dec 5 09:35:31	kernel		Root mount waiting for: usbus0 usbus1 CAM
Dec 5 09:35:31	kernel		uhub1: 15 ports with 15 removable, self powered
Dec 5 09:35:31	kernel		uhub0: 2 ports with 2 removable, self powered
Dec 5 09:35:31	kernel		Trying to mount root from zfs:pfSense/ROOT/UPGRADE_24.03 []...
Dec 5 09:35:31	kernel		pcm1: <Realtek ALC662 rev3 (Analog 2.0+HP/2.0)> at nid 20,27 and 24,25 on hdaa1
Dec 5 09:35:31	kernel		hdaa1: No presence detection support at nid 27
Dec 5 09:35:31	kernel		hdaa1: <Realtek ALC662 rev3 Audio Function Group> at nid 1 on hdacc1
Dec 5 09:35:31	kernel		hdacc1: <Realtek ALC662 rev3 HDA CODEC> at cad 0 on hdac1
Dec 5 09:35:31	kernel		pcm0: <Intel Broadwell (HDMI/DP 8ch)> at nid 3 on hdaa0
Dec 5 09:35:31	kernel		hdaa0: <Intel Broadwell Audio Function Group> at nid 1 on hdacc0
Dec 5 09:35:31	kernel		hdacc0: <Intel Broadwell HDA CODEC> at cad 0 on hdac0
Dec 5 09:35:31	kernel		ZFS storage pool version: features support (5000)
Dec 5 09:35:31	kernel		ZFS filesystem version: 5
Dec 5 09:35:31	kernel		uhub1: <Intel XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus0
Dec 5 09:35:31	kernel		uhub1 on usbus0
Dec 5 09:35:31	kernel		uhub0: <Intel EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus1
Dec 5 09:35:31	kernel		uhub0 on usbus1
Dec 5 09:35:31	kernel		ugen0.1: <Intel XHCI root HUB> at usbus0
Dec 5 09:35:31	kernel		ugen1.1: <Intel EHCI root HUB> at usbus1
Dec 5 09:35:31	kernel		Timecounters tick every 1.000 msec
Dec 5 09:35:31	kernel		Timecounter "TSC" frequency 1596304724 Hz quality 1000
Dec 5 09:35:31	kernel		est0: <Enhanced SpeedStep Frequency Control> on cpu0
Dec 5 09:35:31	kernel		atkbd0: [GIANT-LOCKED]
Dec 5 09:35:31	kernel		kbd0 at atkbd0
Dec 5 09:35:31	kernel		atkbd0: <AT Keyboard> irq 1 on atkbdc0
Dec 5 09:35:31	kernel		atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
Dec 5 09:35:31	kernel		uart1: <16950 or compatible> port 0x2f8-0x2ff irq 3 on acpi0
Dec 5 09:35:31	kernel		ns8250: UART FCR is broken
Dec 5 09:35:31	kernel		ns8250: UART FCR is broken
Dec 5 09:35:31	kernel		uart0: <16950 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
Dec 5 09:35:31	kernel		ns8250: UART FCR is broken
Dec 5 09:35:31	kernel		ns8250: UART FCR is broken
Dec 5 09:35:31	kernel		acpi_tz1: <Thermal Zone> on acpi0
Dec 5 09:35:31	kernel		acpi_tz0: <Thermal Zone> on acpi0
Dec 5 09:35:31	kernel		acpi_button1: <Power Button> on acpi0
Dec 5 09:35:31	kernel		acpi_button0: <Sleep Button> on acpi0
Dec 5 09:35:31	kernel		ahcich0: <AHCI channel> at channel 0 on ahci0
Dec 5 09:35:31	kernel		ahci0: AHCI v1.30 with 4 6Gbps ports, Port Multiplier not supported
Dec 5 09:35:31	kernel		ahci0: <Intel Wildcat Point-LP AHCI SATA controller> port 0xf0b0-0xf0b7,0xf0a0-0xf0a3,0xf090-0xf097,0xf080-0xf083,0xf060-0xf07f mem 0xf7419000-0xf74197ff irq 19 at device 31.2 on pci0
Dec 5 09:35:31	kernel		isa0: <ISA bus> on isab0
Dec 5 09:35:31	kernel		isab0: <PCI-ISA bridge> at device 31.0 on pci0
Dec 5 09:35:31	kernel		usbus1: 480Mbps High Speed USB v2.0
Dec 5 09:35:31	kernel		usbus1 on ehci0
Dec 5 09:35:31	kernel		usbus1: EHCI version 1.0
Dec 5 09:35:31	kernel		ehci0: <Intel Wildcat Point-LP USB 2.0 controller> mem 0xf741a000-0xf741a3ff irq 23 at device 29.0 on pci0
Dec 5 09:35:31	kernel		igb3: netmap queues/slots: TX 2/1024, RX 2/1024
Dec 5 09:35:31	kernel		igb3: Ethernet address: 00:0e:c4:d1:6f:2a
Dec 5 09:35:31	kernel		igb3: Using MSI-X interrupts with 3 vectors
Dec 5 09:35:31	kernel		igb3: Using 2 RX queues 2 TX queues
Dec 5 09:35:31	kernel		igb3: Using 1024 TX descriptors and 1024 RX descriptors
Dec 5 09:35:31	kernel		igb3: NVM V0.6 imgtype1
Dec 5 09:35:31	kernel		igb3: <Intel(R) I211 (Copper)> port 0xb000-0xb01f mem 0xf7000000-0xf701ffff,0xf7020000-0xf7023fff irq 16 at device 0.0 on pci4
Dec 5 09:35:31	kernel		pci4: <ACPI PCI bus> on pcib4
Dec 5 09:35:31	kernel		pcib4: <ACPI PCI-PCI bridge> irq 16 at device 28.4 on pci0
Dec 5 09:35:31	kernel		igb2: netmap queues/slots: TX 2/1024, RX 2/1024
Dec 5 09:35:31	kernel		igb2: Ethernet address: 00:0e:c4:d1:6f:29
Dec 5 09:35:31	kernel		igb2: Using MSI-X interrupts with 3 vectors
Dec 5 09:35:31	kernel		igb2: Using 2 RX queues 2 TX queues
Dec 5 09:35:31	kernel		igb2: Using 1024 TX descriptors and 1024 RX descriptors
Dec 5 09:35:31	kernel		igb2: NVM V0.6 imgtype1
Dec 5 09:35:31	kernel		igb2: <Intel(R) I211 (Copper)> port 0xc000-0xc01f mem 0xf7100000-0xf711ffff,0xf7120000-0xf7123fff irq 18 at device 0.0 on pci3
Dec 5 09:35:31	kernel		pci3: <ACPI PCI bus> on pcib3
Dec 5 09:35:31	kernel		pcib3: <ACPI PCI-PCI bridge> irq 18 at device 28.2 on pci0
Dec 5 09:35:31	kernel		igb1: netmap queues/slots: TX 2/1024, RX 2/1024
Dec 5 09:35:31	kernel		igb1: Ethernet address: 00:0e:c4:d1:6f:28
Dec 5 09:35:31	kernel		igb1: Using MSI-X interrupts with 3 vectors
Dec 5 09:35:31	kernel		igb1: Using 2 RX queues 2 TX queues
Dec 5 09:35:31	kernel		igb1: Using 1024 TX descriptors and 1024 RX descriptors
Dec 5 09:35:31	kernel		igb1: NVM V0.6 imgtype1
Dec 5 09:35:31	kernel		igb1: <Intel(R) I211 (Copper)> port 0xd000-0xd01f mem 0xf7200000-0xf721ffff,0xf7220000-0xf7223fff irq 17 at device 0.0 on pci2
Dec 5 09:35:31	kernel		pci2: <ACPI PCI bus> on pcib2
Dec 5 09:35:31	kernel		pcib2: <ACPI PCI-PCI bridge> irq 17 at device 28.1 on pci0
Dec 5 09:35:31	kernel		igb0: netmap queues/slots: TX 2/1024, RX 2/1024
Dec 5 09:35:31	kernel		igb0: Ethernet address: 00:0e:c4:d1:6f:27
Dec 5 09:35:31	kernel		igb0: Using MSI-X interrupts with 3 vectors
Dec 5 09:35:31	kernel		igb0: Using 2 RX queues 2 TX queues
Dec 5 09:35:31	kernel		igb0: Using 1024 TX descriptors and 1024 RX descriptors
Dec 5 09:35:31	kernel		igb0: NVM V0.6 imgtype1
Dec 5 09:35:31	kernel		igb0: <Intel(R) I211 (Copper)> port 0xe000-0xe01f mem 0xf7300000-0xf731ffff,0xf7320000-0xf7323fff irq 16 at device 0.0 on pci1
Dec 5 09:35:31	kernel		pci1: <ACPI PCI bus> on pcib1
Dec 5 09:35:31	kernel		pcib1: <ACPI PCI-PCI bridge> irq 16 at device 28.0 on pci0
Dec 5 09:35:31	kernel		hdac1: <Intel Broadwell HDA Controller> mem 0xf7410000-0xf7413fff irq 22 at device 27.0 on pci0
Dec 5 09:35:31	kernel		pci0: <simple comms> at device 22.0 (no driver attached)
Dec 5 09:35:31	kernel		usbus0: 5.0Gbps Super Speed USB v3.0
Dec 5 09:35:31	kernel		usbus0 on xhci0
Dec 5 09:35:31	kernel		xhci0: Port routing mask set to 0xffffffff
Dec 5 09:35:31	kernel		xhci0: 32 bytes context size, 64-bit DMA
Dec 5 09:35:31	kernel		xhci0: <Broadwell Integrated PCH-LP chipset USB 3.0 controller> mem 0xf7400000-0xf740ffff irq 21 at device 20.0 on pci0
Dec 5 09:35:31	kernel		hdac0: <Intel Broadwell HDA Controller> mem 0xf7414000-0xf7417fff irq 16 at device 3.0 on pci0
Dec 5 09:35:31	kernel		vgapci0: Boot video device
Dec 5 09:35:31	kernel		vgapci0: <VGA-compatible display> port 0xf000-0xf03f mem 0xf6000000-0xf6ffffff,0xe0000000-0xefffffff irq 16 at device 2.0 on pci0
Dec 5 09:35:31	kernel		pci0: <ACPI PCI bus> on pcib0
Dec 5 09:35:31	kernel		pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
Dec 5 09:35:31	kernel		acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1808-0x180b on acpi0
Dec 5 09:35:31	kernel		Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
Dec 5 09:35:31	kernel		Event timer "i8254" frequency 1193182 Hz quality 100
Dec 5 09:35:31	kernel		Timecounter "i8254" frequency 1193182 Hz quality 0
Dec 5 09:35:31	kernel		attimer0: <AT timer> port 0x40-0x43,0x50-0x53 irq 0 on acpi0
Dec 5 09:35:31	kernel		Event timer "RTC" frequency 32768 Hz quality 0
Dec 5 09:35:31	kernel		atrtc0: registered as a time-of-day clock, resolution 1.000000s
Dec 5 09:35:31	kernel		atrtc0: Warning: Couldn't map I/O.
Dec 5 09:35:31	kernel		atrtc0: <AT realtime clock> port 0x70-0x77 irq 8 on acpi0
Dec 5 09:35:31	kernel		Event timer "HPET4" frequency 14318180 Hz quality 440
Dec 5 09:35:31	kernel		Event timer "HPET3" frequency 14318180 Hz quality 440
Dec 5 09:35:31	kernel		Event timer "HPET2" frequency 14318180 Hz quality 440
Dec 5 09:35:31	kernel		Event timer "HPET1" frequency 14318180 Hz quality 440
Dec 5 09:35:31	kernel		Event timer "HPET" frequency 14318180 Hz quality 550
Dec 5 09:35:31	kernel		Timecounter "HPET" frequency 14318180 Hz quality 950
Dec 5 09:35:31	kernel		hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0
Dec 5 09:35:31	kernel		cpu0: <ACPI CPU> on acpi0
Dec 5 09:35:31	kernel		acpi0: Power Button (fixed)
Dec 5 09:35:31	kernel		acpi0: <ALASKA A M I >
Dec 5 09:35:31	kernel		smbios0: Version: 2.8, BCD Revision: 2.7
Dec 5 09:35:31	kernel		smbios0: <System Management BIOS> at iomem 0xf0560-0xf057e
Dec 5 09:35:31	kernel		netgate0: version: 0.1
Dec 5 09:35:31	kernel		netgate0: <unknown hardware>
Dec 5 09:35:31	kernel		efirtc0: registered as a time-of-day clock, resolution 1.000000s
Dec 5 09:35:31	kernel		efirtc0: <EFI Realtime Clock>
Dec 5 09:35:31	kernel		WARNING: Device "spkr" is Giant locked and may be deleted before FreeBSD 15.0.
Dec 5 09:35:31	kernel		kbd1 at kbdmux0
Dec 5 09:35:31	kernel		wlan: mac acl policy registered
Dec 5 09:35:31	kernel		random: entropy device external interface
Dec 5 09:35:31	kernel		module_register_init: MOD_LOAD (iwi_monitor_fw, 0xffffffff80774110, 0) error 1
Dec 5 09:35:31	kernel		iwi_monitor: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
Dec 5 09:35:31	kernel		iwi_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE.
Dec 5 09:35:31	kernel		module_register_init: MOD_LOAD (iwi_ibss_fw, 0xffffffff80774060, 0) error 1
Dec 5 09:35:31	kernel		iwi_ibss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
Dec 5 09:35:31	kernel		iwi_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE.
Dec 5 09:35:31	kernel		module_register_init: MOD_LOAD (iwi_bss_fw, 0xffffffff80773fb0, 0) error 1
Dec 5 09:35:31	kernel		iwi_bss: If you agree with the license, set legal.intel_iwi.license_ack=1 in /boot/loader.conf.
Dec 5 09:35:31	kernel		iwi_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_iwi.LICENSE.
Dec 5 09:35:31	kernel		module_register_init: MOD_LOAD (ipw_monitor_fw, 0xffffffff80754500, 0) error 1
Dec 5 09:35:31	kernel		ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
Dec 5 09:35:31	kernel		ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE.
Dec 5 09:35:31	kernel		module_register_init: MOD_LOAD (ipw_ibss_fw, 0xffffffff80754450, 0) error 1
Dec 5 09:35:31	kernel		ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
Dec 5 09:35:31	kernel		ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE.
Dec 5 09:35:31	kernel		module_register_init: MOD_LOAD (ipw_bss_fw, 0xffffffff807543a0, 0) error 1
Dec 5 09:35:31	kernel		ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
Dec 5 09:35:31	kernel		ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw.LICENSE.
Dec 5 09:35:31	kernel		TCP_ratelimit: Is now initialized
Dec 5 09:35:31	kernel		Launching APs: 1 2 3
Dec 5 09:35:31	kernel		ioapic0 <Version 2.0> irqs 0-39
Dec 5 09:35:31	kernel		random: unblocking device.
Dec 5 09:35:31	kernel		random: fast provider: "Intel Secure Key RNG"
Dec 5 09:35:31	kernel		random: registering fast source Intel Secure Key RNG
Dec 5 09:35:31	kernel		FreeBSD/SMP: 1 package(s) x 2 core(s) x 2 hardware threads
Dec 5 09:35:31	kernel		FreeBSD/SMP: Multiprocessor System Detected: 4 CPUs
Dec 5 09:35:31	kernel		ACPI APIC Table: <ALASKA A M I >
Dec 5 09:35:31	kernel		Event timer "LAPIC" quality 600
Dec 5 09:35:31	kernel		avail memory = 8169959424 (7791 MB)
Dec 5 09:35:31	kernel		real memory = 8589934592 (8192 MB)
Dec 5 09:35:31	kernel		TSC: P-state invariant, performance statistics
Dec 5 09:35:31	kernel		VT-x: PAT,HLT,MTF,PAUSE,EPT,UG,VPID
Dec 5 09:35:31	kernel		XSAVE Features=0x1<XSAVEOPT>
Dec 5 09:35:31	kernel		Structured Extended Features=0x21c27ab<FSGSBASE,TSCADJ,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,NFPUSG,RDSEED,ADX,SMAP,PROCTRACE>
Dec 5 09:35:31	kernel		AMD Features2=0x121<LAHF,ABM,Prefetch>
Dec 5 09:35:31	kernel		AMD Features=0x2c100800<SYSCALL,NX,Page1GB,RDTSCP,LM>
Dec 5 09:35:31	kernel		Features2=0x7ffafbbf<SSE3,PCLMULQDQ,DTES64,MON,DS_CPL,VMX,EST,TM2,SSSE3,SDBG,FMA,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,TSCDLT,AESNI,XSAVE,OSXSAVE,AVX,F16C,RDRAND>
Dec 5 09:35:31	kernel		Features=0xbfebfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,DTS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE>
Dec 5 09:35:31	kernel		Origin="GenuineIntel" Id=0x306d4 Family=0x6 Model=0x3d Stepping=4
Dec 5 09:35:31	kernel		CPU: Intel(R) Core(TM) i5-5250U CPU @ 1.60GHz (1596.38-MHz K8-class CPU)
Dec 5 09:35:31	kernel		VT(efifb): resolution 800x600
Dec 5 09:35:31	kernel		FreeBSD clang version 18.1.6 (https://github.com/llvm/llvm-project.git llvmorg-18.1.6-0-g1118c2e05e67)
Dec 5 09:35:31	kernel		root@freebsd:/var/jenkins/workspace/pfSense-Plus-snapshots-24_11-main/obj/amd64/AKWlAIiM/var/jenkins/workspace/pfSense-Plus-snapshots-24_11-main/sources/FreeBSD-src-plus-RELENG_24_11/amd64.amd64/sys/pfSense amd64
Dec 5 09:35:31	kernel		FreeBSD 15.0-CURRENT #0 plus-RELENG_24_11-n256407-1bbb3194162: Fri Nov 22 05:08:46 UTC 2024
Dec 5 09:35:31	kernel		FreeBSD is a registered trademark of The FreeBSD Foundation.
Dec 5 09:35:31	kernel		The Regents of the University of California. All rights reserved.
Dec 5 09:35:31	kernel		Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
Dec 5 09:35:31	kernel		Copyright (c) 1992-2024 The FreeBSD Project.
Dec 5 09:35:31	kernel		---<<BOOT>>---
Dec 5 09:35:31	syslogd		kernel boot file is /boot/kernel/kernel
Dec 5 09:33:18	arpwatch	13434	flip flop 0.0.0.0 20:23:51:0f:2b:33 (f8:51:28:c2:88:70)
Dec 5 09:25:01	php	4376	/usr/local/sbin/acbupload.

Do you see anything interesting?

chudak

@chudak

I see only :

Dec 5 09:53:21 syslogd kernel boot file is /boot/kernel/kernel
Dec 5 09:53:21 syslogd exiting on signal 15
Dec 5 09:53:19 root 661 /etc/rc.d/hostid: WARNING: hostid: unable to figure out a UUID from DMI data, generating a new one
Dec 5 09:53:19 sshguard 95442 Exiting on signal.
Dec 5 09:53:19 sshguard 97569 Exiting on signal.

See a bunch of:

"sshguard 56735 Exiting on signal."

all dated today, so it's 24.11 specific

What do they mean?

Also see Dec 5

08:47:50 snort 76151 *** Caught Term-Signal

stephenw10

Hmm, nothing. Looks like it spontaneously rebooted which is worrying.

Do you have SWAP? Doesn't look like you have RAMdisks which might otherwise lose some logging.

Can you log the console output to see if anything additional is shown there?

chudak

@stephenw10 said in To do 24.11 or not? That's the question.:

Hmm, nothing. Looks like it spontaneously rebooted which is worrying.

Do you have SWAP? Doesn't look like you have RAMdisks which might otherwise lose some logging.

Can you log the console output to see if anything additional is shown there?

I have SWAP

How do you want me to get the console ?

I was paging 8.8.8.8 from ssh session and saw nothing. Can try again to stay connected and see.

But my pfS is headless and I am remote now ...

stephenw10

Hmm, if it crashed and there was a kernel panic it would have created a crash report in swap then. You are not seeing that. It looks more like a hardware reset but I'm not sure why you would see that in 24.11 and not 24.03. In cases like that it might write something to the console when it resets. But you would need a serial terminal connected to it to log that.

Check the monitoring graphs for any resource exhausting or over heating issues.

chudak

@stephenw10 said in To do 24.11 or not? That's the question.:

Hmm, if it crashed and there was a kernel panic it would have created a crash report in swap then. You are not seeing that. It looks more like a hardware reset but I'm not sure why you would see that in 24.11 and not 24.03. In cases like that it might write something to the console when it resets. But you would need a serial terminal connected to it to log that.

Check the monitoring graphs for any resource exhausting or over heating issues.

I will have access to my box with HDMI connected monitor today or tomorrow.

What do you want me to look at?

Logged issue https://redmine.pfsense.org/issues/15903

stephenw10

What temperatures are you seeing? Overheating seems like the most likely cause. The CPU loading in 24.11 will be a bit higher.

chudak

@stephenw10

Same on both versions:

stephenw10

Hmm, and all pretty low.

It looks like that device has a com port so I would be hooking up a serial console, setting that as primary and logging that output.

chudak

@stephenw10 said in To do 24.11 or not? That's the question.:

Hmm, and all pretty low.

It looks like that device has a com port so I would be hooking up a serial console, setting that as primary and logging that output.

I have never done it before and unsure if have all h/w for it