• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Cable Internet and pfSense - Interface keeps dropping

Scheduled Pinned Locked Moved Routing and Multi WAN
12 Posts 4 Posters 583 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    bartkus05
    last edited by Feb 8, 2025, 5:41 PM

    Hello,

    I have attempted to search for an answer to my issue, but so far I was unable to find anything that worked. Perhaps I was unable to find the right keywords to do so.

    The problem I have is, every month when the Virgin Media modem gets a new IP, the WAN interface is not able to re-establish a solid link. The interface keeps cycling, so connects, gets IP, disconnects and on and on it goes.

    I resolved the issue with the entire pfSense box freezing, setting the reject leases from 192.168.100.1 and 192.168.1.1 helped with that. But the problem remains where the interface keeps dropping and I am unable to solve the issue.

    I have replaced the hardware a few times over the years, used 1GB Intel cards, 2.5GB cards and now using a 10GB X550 card. Used Intel before, now using AMD and the issue still persists. I have used a Hub 3, 4, 5 and now Business Chita router - all have the same issue.

    Once a link is established, everything works like an absolute dream.

    Interface is set to DHCP, autoselect, settings set to Default, reject leases set to local IPs used by Modem, Gateway monitoring disabled, monitoring action disabled, IPv6 disabled

    Log extracts:
    2aaa1dbd-283f-45c1-b06f-fc283fef8840-image.png Time Process PID Message
    39479.63681 dhclient 47628 exiting.
    39479.63681 dhclient 47628 connection closed
    39479.63681 dhclient 47628 bound to xxx.xxx.xxx.xxx -- renewal in 204313 seconds.
    39479.63681 dhclient 41241 Creating resolv.conf
    39479.63681 dhclient 40269 /sbin/route add default xxx.xxx.xxx.xxx
    39479.63681 dhclient 39353 /sbin/route add -host xxx.xxx.xxx.xxx -iface ix0
    39479.63681 dhclient 37880 Adding new routes to interface: ix0
    39479.63681 dhclient 36750 New Routers (ix0): xxx.xxx.xxx.xxx
    39479.63681 dhclient 36294 New Broadcast Address (ix0): 77.96.255.255
    39479.63681 dhclient 35816 New Subnet Mask (ix0): 255.255.240.0
    39479.63681 dhclient 35088 New IP Address (ix0): xxx.xxx.xxx.xxx
    39479.63681 dhclient 34300 ifconfig ix0 inet xxx.xxx.xxx.xxx netmask 255.255.240.0 broadcast 77.96.255.255
    39479.63681 dhclient 33473 Starting add_new_address()
    39479.63681 dhclient 33204 REBOOT
    39479.63681 dhclient 47628 DHCPACK from xxx.xxx.xxx.xxx
    39479.63681 dhclient 47628 DHCPREQUEST on ix0 to 255.255.255.255 port 67
    39479.63681 dhclient 31955 PREINIT
    39479.63675 dhclient 50717 exiting.
    39479.63675 dhclient 50717 connection closed
    39479.63675 dhclient 50717 bound to xxx.xxx.xxx.xxx -- renewal in 204318 seconds.
    39479.63675 dhclient 89258 Creating resolv.conf
    39479.63675 dhclient 88532 /sbin/route add default xxx.xxx.xxx.xxx
    39479.63675 dhclient 87746 /sbin/route add -host xxx.xxx.xxx.xxx -iface ix0
    39479.63675 dhclient 86308 Adding new routes to interface: ix0
    39479.63675 dhclient 85230 New Routers (ix0): xxx.xxx.xxx.xxx
    39479.63675 dhclient 84711 New Broadcast Address (ix0): 77.96.255.255
    39479.63675 dhclient 84045 New Subnet Mask (ix0): 255.255.240.0
    39479.63675 dhclient 83359 New IP Address (ix0): xxx.xxx.xxx.xxx
    39479.63675 dhclient 81767 ifconfig ix0 inet xxx.xxx.xxx.xxx netmask 255.255.240.0 broadcast 77.96.255.255
    39479.63675 dhclient 80901 Starting add_new_address()
    39479.63675 dhclient 80244 REBOOT
    39479.63675 dhclient 50717 DHCPACK from xxx.xxx.xxx.xxx
    39479.63674 dhclient 50717 DHCPREQUEST on ix0 to 255.255.255.255 port 67
    39479.63674 dhclient 78946 PREINIT
    39479.63668 dhclient 922 exiting.
    39479.63668 dhclient 922 connection closed
    39479.63668 dhclient 922 bound to xxx.xxx.xxx.xxx -- renewal in 204324 seconds.
    39479.63668 dhclient 12894 Creating resolv.conf
    39479.63668 dhclient 11990 /sbin/route add default xxx.xxx.xxx.xxx
    39479.63668 dhclient 10643 /sbin/route add -host xxx.xxx.xxx.xxx -iface ix0
    39479.63668 dhclient 8643 Adding new routes to interface: ix0
    39479.63668 dhclient 7831 New Routers (ix0): xxx.xxx.xxx.xxx
    39479.63668 dhclient 7278 New Broadcast Address (ix0): 77.96.255.255
    39479.63668 dhclient 6286 New Subnet Mask (ix0): 255.255.240.0
    39479.63668 dhclient 5258 New IP Address (ix0): xxx.xxx.xxx.xxx
    39479.63668 dhclient 4231 ifconfig ix0 inet xxx.xxx.xxx.xxx netmask 255.255.240.0 broadcast 77.96.255.255
    39479.63668 dhclient 3959 Starting add_new_address()
    39479.63668 dhclient 2896 REBOOT
    39479.63668 dhclient 922 DHCPACK from xxx.xxx.xxx.xxx
    39479.63668 dhclient 922 DHCPREQUEST on ix0 to 255.255.255.255 port 67
    39479.63668 dhclient 1511 PREINIT
    39479.63661 dhclient 13886 exiting.
    39479.63661 dhclient 13886 connection closed
    39479.63661 dhclient 13886 bound to xxx.xxx.xxx.xxx -- renewal in 204330 seconds.
    39479.63661 dhclient 51520 Creating resolv.conf
    39479.63661 dhclient 50942 /sbin/route add default xxx.xxx.xxx.xxx
    39479.63661 dhclient 49995 /sbin/route add -host xxx.xxx.xxx.xxx -iface ix0
    39479.63661 dhclient 48202 Adding new routes to interface: ix0
    39479.63661 dhclient 47264 New Routers (ix0): xxx.xxx.xxx.xxx
    39479.63661 dhclient 46569 New Broadcast Address (ix0): 77.96.255.255
    39479.63661 dhclient 45800 New Subnet Mask (ix0): 255.255.240.0
    39479.63661 dhclient 45227 New IP Address (ix0): xxx.xxx.xxx.xxx
    39479.63661 dhclient 44447 ifconfig ix0 inet xxx.xxx.xxx.xxx netmask 255.255.240.0 broadcast 77.96.255.255
    39479.63661 dhclient 43619 Starting add_new_address()
    39479.63661 dhclient 42589 REBOOT
    39479.63661 dhclient 13886 DHCPACK from xxx.xxx.xxx.xxx
    39479.63661 dhclient 13886 DHCPREQUEST on ix0 to 255.255.255.255 port 67
    39479.63661 dhclient 41252 PREINIT
    39479.63612 kernel ix0: link state changed to DOWN
    39479.63617 kernel ix0: link state changed to UP
    39479.63619 kernel ix0: link state changed to DOWN
    39479.63625 kernel ix0: link state changed to UP
    39479.63627 kernel ix0: link state changed to DOWN
    39479.63632 kernel ix0: link state changed to UP
    39479.63634 kernel ix0: link state changed to DOWN
    39479.63639 kernel ix0: link state changed to UP
    39479.63641 kernel ix0: link state changed to DOWN
    39479.63645 kernel ix0: link state changed to UP
    39479.63647 kernel ix0: link state changed to DOWN
    39479.63652 kernel ix0: link state changed to UP
    39479.63654 kernel ix0: link state changed to DOWN
    39479.6366 kernel ix0: link state changed to UP
    39479.63663 kernel ix0: link state changed to DOWN
    39479.63668 kernel ix0: link state changed to UP
    39479.63669 kernel ix0: link state changed to DOWN
    39479.63674 kernel ix0: link state changed to UP
    39479.63676 kernel ix0: link state changed to DOWN
    39479.6356 php-fpm 92366 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> xxx.xxx.xxx.xxx - Restarting packages.
    39479.63611 php-fpm 398 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63611 php-fpm 99752 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63611 php-fpm 99752 /rc.linkup: DEVD Ethernet detached event for wan
    39479.63612 php-fpm 92366 /rc.newwanip: rc.newwanip: Info: starting on ix0.
    39479.63612 php-fpm 92366 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: ix0).
    39479.63612 php-fpm 397 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63612 php-fpm 397 /rc.linkup: DEVD Ethernet attached event for wan
    39479.63612 php-fpm 397 /rc.linkup: HOTPLUG: Configuring interface wan
    39479.63613 php-fpm 71353 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63617 php-fpm 397 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63617 php-fpm 398 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63617 php-fpm 398 /rc.linkup: DEVD Ethernet detached event for wan
    39479.63618 php-fpm 92366 /rc.newwanip: rc.newwanip: Info: starting on ix0.
    39479.63618 php-fpm 92366 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: ix0).
    39479.63618 php-fpm 71353 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63618 php-fpm 71353 /rc.linkup: DEVD Ethernet attached event for wan
    39479.63618 php-fpm 71353 /rc.linkup: HOTPLUG: Configuring interface wan
    39479.63619 php-fpm 92366 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63619 php-fpm 92366 /rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0.
    39479.63619 php-fpm 92366 /rc.newwanip: Resyncing OpenVPN instances for interface WAN.
    39479.63619 php-fpm 92366 /rc.newwanip: Creating rrd update script
    39479.63619 php-fpm 16972 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63622 php-fpm 92366 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> xxx.xxx.xxx.xxx - Restarting packages.
    39479.63623 php-fpm 397 /rc.start_packages: Restarting/Starting all packages.
    39479.63623 php-fpm 397 /rc.start_packages: Stopping service lldpd
    39479.63623 php-fpm 397 /rc.start_packages: Starting service lldpd
    39479.63626 php-fpm 71353 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63626 php-fpm 398 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63626 php-fpm 398 /rc.linkup: DEVD Ethernet detached event for wan
    39479.63627 php-fpm 16972 /rc.newwanip: rc.newwanip: Info: starting on ix0.
    39479.63627 php-fpm 16972 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: ix0).
    39479.63627 php-fpm 92366 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63627 php-fpm 92366 /rc.linkup: DEVD Ethernet attached event for wan
    39479.63627 php-fpm 92366 /rc.linkup: HOTPLUG: Configuring interface wan
    39479.63628 php-fpm 397 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63633 php-fpm 92366 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63633 php-fpm 71353 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63633 php-fpm 71353 /rc.linkup: DEVD Ethernet detached event for wan
    39479.63634 php-fpm 16972 /rc.newwanip: rc.newwanip: Info: starting on ix0.
    39479.63634 php-fpm 16972 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: ix0).
    39479.63634 php-fpm 398 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63634 php-fpm 398 /rc.linkup: DEVD Ethernet attached event for wan
    39479.63634 php-fpm 398 /rc.linkup: HOTPLUG: Configuring interface wan
    39479.63634 php-fpm 16972 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63634 php-fpm 16972 /rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0.
    39479.63634 php-fpm 16972 /rc.newwanip: Resyncing OpenVPN instances for interface WAN.
    39479.63634 php-fpm 16972 /rc.newwanip: Creating rrd update script
    39479.63635 php-fpm 397 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63637 php-fpm 16972 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> xxx.xxx.xxx.xxx - Restarting packages.
    39479.63638 php-fpm 71353 /rc.start_packages: Restarting/Starting all packages.
    39479.63638 php-fpm 71353 /rc.start_packages: Stopping service lldpd
    39479.63638 php-fpm 71353 /rc.start_packages: Starting service lldpd
    39479.63639 php-fpm 398 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63639 php-fpm 92366 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63639 php-fpm 92366 /rc.linkup: DEVD Ethernet detached event for wan
    39479.6364 php-fpm 16972 /rc.newwanip: rc.newwanip: Info: starting on ix0.
    39479.6364 php-fpm 16972 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: ix0).
    39479.6364 php-fpm 99752 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.6364 php-fpm 99752 /rc.linkup: DEVD Ethernet attached event for wan
    39479.6364 php-fpm 99752 /rc.linkup: HOTPLUG: Configuring interface wan
    39479.63641 php-fpm 71353 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63646 php-fpm 99752 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63646 php-fpm 398 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63646 php-fpm 398 /rc.linkup: DEVD Ethernet detached event for wan
    39479.63647 php-fpm 92366 /rc.newwanip: rc.newwanip: Info: starting on ix0.
    39479.63647 php-fpm 92366 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: ix0).
    39479.63647 php-fpm 16972 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63647 php-fpm 16972 /rc.linkup: DEVD Ethernet attached event for wan
    39479.63647 php-fpm 16972 /rc.linkup: HOTPLUG: Configuring interface wan
    39479.63647 php-fpm 92366 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63647 php-fpm 92366 /rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0.
    39479.63648 php-fpm 92366 /rc.newwanip: Resyncing OpenVPN instances for interface WAN.
    39479.63648 php-fpm 92366 /rc.newwanip: Creating rrd update script
    39479.63648 php-fpm 397 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.6365 php-fpm 92366 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> xxx.xxx.xxx.xxx - Restarting packages.
    39479.63652 php-fpm 398 /rc.start_packages: Restarting/Starting all packages.
    39479.63652 php-fpm 398 /rc.start_packages: Stopping service lldpd
    39479.63652 php-fpm 398 /rc.start_packages: Starting service lldpd
    39479.63653 php-fpm 16972 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
    39479.63653 php-fpm 99752 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63653 php-fpm 99752 /rc.linkup: DEVD Ethernet detached event for wan
    39479.63654 php-fpm 92366 /rc.newwanip: rc.newwanip: Info: starting on ix0.
    39479.63654 php-fpm 92366 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: ix0).
    39479.63654 php-fpm 71353 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
    39479.63654 php-fpm 71353 /rc.linkup: DEVD Ethernet attached event for wan
    39479.63654 php-fpm 71353 /rc.linkup: HOTPLUG: Configuring interface wan

    C G 2 Replies Last reply Feb 8, 2025, 5:55 PM Reply Quote 0
    • C
      chpalmer @bartkus05
      last edited by Feb 8, 2025, 5:55 PM

      I have begun to run into this same issue. I was starting to suspect my Watchguard M400 was just beginning to show signs of its age but have started experimenting more as I believe that there is something else at play.

      In my case I added a second backup WAN using a Netgear cell router and have found that this device can exhibit the same issues at times. However not during an IP refresh.

      My primary ISP is Astound and I use a Motorola MB8611 modem.

      I will have to compare my logs next time it happens to either interface.

      -sometimes just hard reboot of the modem will cause this issue for me...

      Triggering snowflakes one by one..
      Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

      1 Reply Last reply Reply Quote 0
      • G
        Gertjan @bartkus05
        last edited by Feb 10, 2025, 8:13 AM

        @bartkus05

        To find out who is doing this :

        65d3bb4f-cacb-4a9c-8160-0a2c7265ffe2-image.png

        put a switch between your pfSense WAN and your ISP device.
        get two new short ether cables to make the connection.
        Now, wait and see.

        Btw : looking at the sub 10 ms up down up down up down wan events, this really doesn't' like a software event that can take the connection down for a moment, this looks like bad contact, bad cable bad NIC etc.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        B 1 Reply Last reply Feb 10, 2025, 8:56 AM Reply Quote 0
        • B
          bartkus05 @Gertjan
          last edited by Feb 10, 2025, 8:56 AM

          @Gertjan Hi there, I would agree, however the equipment was replaced a few times, that includes different cables, NICs, modems - and pfsense always had this same behaviour, where if the wan dropped for a moment, it would never re-connect and would just keep connecting and dropping.

          I will put a switch in between the modem and pfsense and see if anything changes.

          G 1 Reply Last reply Feb 10, 2025, 9:44 AM Reply Quote 0
          • G
            Gertjan @bartkus05
            last edited by Feb 10, 2025, 9:44 AM

            @bartkus05 said in Cable Internet and pfSense - Interface keeps dropping:

            where if the wan dropped for a moment

            If the pfSense WAN goes down, this event is used to remove the WAN IP, as there is no interface anymore, and internal routes are also removed.
            From then on, no more connection.
            Then, normally, the WAN comes back, UP.
            This fires a new system event, and one of them is that the system starts the DHCP client process, as the DHCP client is assigned to this WAN interface with this option :

            e64f6171-35a4-4543-9ee0-d58ce1c4d7d1-image.png

            The DHCP client uses the interface, it doesn't (can't) take it down or up. It uses the connection, a serial connection the the NIC on the other side, to send out 'bits' and waits for an answer from the NIC on the other side of the cable.

            Your issue might be the pfSense WAN NIC - so, an easy test : swap (re assign) it with another interface.
            If the issue stays on WAN : this mens its not the pfSense WAN interfaceb but the ISP device that took the connection down : modems can do this to signal down stream (signal to pfSense) that their uplink went 'bad'. The down up signal is used to re activate the DHCP client, as a new IP connection has to be established.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            B 1 Reply Last reply Feb 10, 2025, 1:24 PM Reply Quote 0
            • B
              bartkus05 @Gertjan
              last edited by Feb 10, 2025, 1:24 PM

              @Gertjan Here's what I've done, all produce the same result:

              Youtube Video

              1. Replaced cables with brand new ones I had lying around, still unpacked...
              2. Swapped around IX0 and IX1 as LAN/WAN, same problem. Only WAN drops out as shown on attached Video. No matter what I do with LAN, cannot replicate this behaviour
                1.1. Disabled plugins (pfBlockerNG, Suricata, Arpwatch, Darkstat, LLDP)
              3. Used a different NICs, Intel I350-T2 V2 and QNAP QXG-2G2T-I225, Same behaviour
              4. Used different ports on Modem, Same behaviour
              5. Connect through a TP Link Smart Switch, without and with Modem attached, Same behaviour
              6. Grabbed my spare Intel Z87 system, loaded the config up on this one (Only tried the X550-T2 Card), Same behaviour

              I think I pretty much ruled out hardware as being the issue, including the Modem itself, as the same happens if the WAN is plugged into the switch alone.

              What I see in Interfaces Dashboard is, WAN shows up correct, 1000base-T <Full-duplex> XXX.XXX.XXX.XXX, then immediately switched to autoselect, then back to showing the IP. And this loops forever.
              With the switch attached, it was getting an IP from the switch of 192.168.0.10 (it has DHCP), and same behaviour.

              G 1 Reply Last reply Feb 10, 2025, 2:21 PM Reply Quote 0
              • G
                Gertjan @bartkus05
                last edited by Feb 10, 2025, 2:21 PM

                @bartkus05 said in Cable Internet and pfSense - Interface keeps dropping:

                Connect through a TP Link Smart Switch, without and with Modem attached, Same behaviour

                Hummm. so, it seems that to me to pfSense it-self pulling down its own WAN interface.
                But this, ihmo, isn't done by 'software' :

                59e0a64d-62ca-4499-a627-d96b01016015-image.png

                which isn't this :

                @bartkus05 said in Cable Internet and pfSense - Interface keeps dropping:

                The interface keeps cycling, so connects, gets IP, disconnects and on and on it goes.

                as obtaining a lease from an upstream DHCP server can't be done in "less then 10 ms" or so.
                This interface flapping is way to fast.
                Maybe (I'm not sure) the system (pfSense) can follow the event sequence and launches as much "start DHCP (WAN) client - and it bails out because no more interface - start DHCP (WAN) client - and it bails out because no more interface - start DHCP (WAN) client - and it bails out because no more interface - etc

                Afaik, only dpinger can reset the interface if pings send out don't come back anymore.
                But this doesn't look like a dpinger action neither. It's disabled anyway.

                Your WAN uses 10 Gbit/sec ?
                pfSense version ? Packages used ?

                No "help me" PM's please. Use the forum, the community will thank you.
                Edit : and where are the logs ??

                B 1 Reply Last reply Feb 10, 2025, 2:47 PM Reply Quote 0
                • B
                  bartkus05 @Gertjan
                  last edited by Feb 10, 2025, 2:47 PM

                  @Gertjan

                  First, I also want to say Thank You very much for trying to help me with this, it is much appreciated!

                  Here's a full Spec of Hardware, version of software, packages and settings, just to paint the full picture:

                  Hardware (I know bit overkill, its what I had lying around unused):

                  • AMD Ryzen 5 7600
                  • AsRock B650M-HDV
                  • 32GB Corsair Non-ECC 5200
                  • Intel X550T2BLK (Genuine, bought from Scan.co.uk) - Fan attached for active cooling

                  Modem / Router: Hitron Chita (Virgin Media Business) - Configured in Modem Mode

                  10Gbit LAN, 1Gbit WAN. I have a couple of NASes, Servers etc, hence why the 10Gbit LAN.

                  I have also tried setting the WAN to 1000base-T instead of autoselect, but its the same behaviour.
                  I have also tried with and without the loader.conf.local values set

                  7c6796b5-3c03-4bd0-baa6-0b6c97371791-image.png

                  1aac0240-a55f-4dfd-ae91-9b22798ccb60-image.png

                  4e3e93bd-91de-441c-a3db-1f2be0743510-image.png

                  7305406c-82fa-45c5-9c09-36bc18498503-image.png

                  040ebc92-8237-40dc-9d34-6b6423e434b2-image.png

                  624beb59-6ceb-45eb-a18b-9b4d75499eb9-image.png

                  Another log extract from today
                  Feb 10 14:12:16 syslogd kernel boot file is /boot/kernel/kernel
                  Feb 10 14:11:16 syslogd exiting on signal 15
                  Feb 10 14:11:16 check_reload_status 441 Reloading filter
                  Feb 10 14:11:16 check_reload_status 441 Starting packages
                  Feb 10 14:11:16 php-fpm 73153 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 0.0.0.0 -> xxx.xxx.xxx.xxx - Restarting packages.
                  Feb 10 14:11:14 php-fpm 398 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
                  Feb 10 14:11:13 php-fpm 73153 /rc.newwanip: Creating rrd update script
                  Feb 10 14:11:13 php-fpm 73153 /rc.newwanip: Resyncing OpenVPN instances for interface WAN.
                  Feb 10 14:11:13 php-fpm 73153 /rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0.
                  Feb 10 14:11:13 php-fpm 73153 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
                  Feb 10 14:11:13 check_reload_status 441 Linkup starting ix0
                  Feb 10 14:11:13 kernel ix0: link state changed to DOWN
                  Feb 10 14:11:13 check_reload_status 441 Restarting OpenVPN tunnels/interfaces
                  Feb 10 14:11:13 check_reload_status 441 Restarting IPsec tunnels
                  Feb 10 14:11:13 check_reload_status 441 updating dyndns vm
                  Feb 10 14:11:13 rc.gateway_alarm 78336 >>> Gateway alarm: vm (Addr:xxx.xxx.xxx.xxx Alarm:down RTT:0ms RTTsd:0ms Loss:100%)
                  Feb 10 14:11:13 php-fpm 397 /rc.linkup: HOTPLUG: Configuring interface wan
                  Feb 10 14:11:13 php-fpm 397 /rc.linkup: DEVD Ethernet attached event for wan
                  Feb 10 14:11:13 php-fpm 397 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
                  Feb 10 14:11:13 check_reload_status 441 Reloading filter
                  Feb 10 14:11:13 php-fpm 73153 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: ix0).
                  Feb 10 14:11:13 php-fpm 73153 /rc.newwanip: rc.newwanip: Info: starting on ix0.
                  Feb 10 14:11:12 php-fpm 398 /rc.linkup: DEVD Ethernet detached event for wan
                  Feb 10 14:11:12 php-fpm 398 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
                  Feb 10 14:11:12 check_reload_status 441 Reloading filter
                  Feb 10 14:11:12 check_reload_status 441 updating dyndns wan
                  Feb 10 14:11:12 check_reload_status 441 Restarting IPsec tunnels
                  Feb 10 14:11:12 php-fpm 73153 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
                  Feb 10 14:11:12 check_reload_status 441 rc.newwanip starting ix0
                  Feb 10 14:11:11 check_reload_status 441 Linkup starting ix0
                  Feb 10 14:11:11 kernel ix0: link state changed to UP
                  Feb 10 14:11:08 php-fpm 397 /rc.interfaces_wan_configure: The command '/sbin/dhclient -c /var/etc/dhclient_wan.conf -p /var/run/dhclient.ix0.pid ix0 > /tmp/ix0_output 2> /tmp/ix0_error_output' returned exit code '1', the output was ''
                  Feb 10 14:11:07 php-fpm 398 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
                  Feb 10 14:11:07 kernel ix0: link state changed to DOWN
                  Feb 10 14:11:07 check_reload_status 441 Linkup starting ix0
                  Feb 10 14:11:06 check_reload_status 441 Restarting OpenVPN tunnels/interfaces
                  Feb 10 14:11:06 check_reload_status 441 Restarting IPsec tunnels
                  Feb 10 14:11:06 check_reload_status 441 updating dyndns vm
                  Feb 10 14:11:06 rc.gateway_alarm 1906 >>> Gateway alarm: vm (Addr:xxx.xxx.xxx.xxx Alarm:down RTT:0ms RTTsd:0ms Loss:100%)
                  Feb 10 14:11:06 check_reload_status 441 Configuring interface wan
                  Feb 10 14:11:06 php-fpm 398 /rc.newwanip: rc.newwanip: Failed to update wan IP, restarting...
                  Feb 10 14:11:06 php-fpm 398 /rc.newwanip: rc.newwanip: on (IP address: ) (interface: WAN[wan]) (real interface: ix0).
                  Feb 10 14:11:06 php-fpm 398 /rc.newwanip: rc.newwanip: Info: starting on ix0.
                  Feb 10 14:11:06 php-fpm 73153 /rc.linkup: HOTPLUG: Configuring interface wan
                  Feb 10 14:11:06 php-fpm 73153 /rc.linkup: DEVD Ethernet attached event for wan
                  Feb 10 14:11:06 php-fpm 73153 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
                  Feb 10 14:11:06 check_reload_status 441 Reloading filter
                  Feb 10 14:11:05 php-fpm 397 /rc.linkup: DEVD Ethernet detached event for wan
                  Feb 10 14:11:05 php-fpm 397 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
                  Feb 10 14:11:05 check_reload_status 441 Reloading filter
                  Feb 10 14:11:05 check_reload_status 441 updating dyndns wan
                  Feb 10 14:11:05 check_reload_status 441 Restarting IPsec tunnels
                  Feb 10 14:11:05 php-fpm 398 /rc.linkup: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''
                  Feb 10 14:11:05 check_reload_status 441 rc.newwanip starting ix0
                  Feb 10 14:11:05 kernel ix0: link state changed to UP
                  Feb 10 14:11:05 check_reload_status 441 Linkup starting ix0
                  Feb 10 14:11:01 kernel ix0: link state changed to DOWN
                  Feb 10 14:11:01 check_reload_status 441 Linkup starting ix0
                  Feb 10 14:11:01 php-fpm 398 /rc.linkup: HOTPLUG: Configuring interface wan
                  Feb 10 14:11:01 php-fpm 398 /rc.linkup: DEVD Ethernet attached event for wan
                  Feb 10 14:11:01 php-fpm 398 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
                  Feb 10 14:11:00 kernel ix0: link state changed to UP
                  Feb 10 14:11:00 check_reload_status 441 Linkup starting ix0
                  Feb 10 14:10:57 php-fpm 397 /rc.openvpn: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''

                  G 1 Reply Last reply Feb 10, 2025, 4:01 PM Reply Quote 0
                  • G
                    Gertjan @bartkus05
                    last edited by Feb 10, 2025, 4:01 PM

                    @bartkus05

                    Ok, I can see, while reading/following the log from bottom (old) to top (more recent) that some sort of "set up WAN, WAN hets pulled down, cycle is happening.

                    Somewhat strange to to IPv6 happening :

                    Feb 10 14:11:13 php-fpm 73153 /rc.newwanip: The command '/sbin/route -n6 get 'default' 2>/dev/null | /usr/bin/egrep 'flags: <.PROTO.>'' returned exit code '1', the output was ''

                    while IPv6 is de activated.

                    You have none of these :

                    Feb 10 14:11:13 check_reload_status 441 Restarting OpenVPN tunnels/interfaces
                    Feb 10 14:11:13 check_reload_status 441 Restarting IPsec tunnels
                    Feb 10 14:11:13 check_reload_status 441 updating dyndns vm

                    (no OpenVPN server or client, IPsec tunnels or dyndns) right ?

                    What - and now I'm really saying something I've nnever used before myself :
                    Suricata, as it installs its spy-hooks between the firewall; and the driver.
                    Is Suricata active (listens) on the WAN ?

                    I don't know what lldpd is - not sure if I need it.
                    But the other package do
                    Other packages have any network activity, or they are, imho, harmless (as I use them also).

                    All current system_patches proposed by Netgate are applied ?

                    Btw : X550T2BLK : should work ...

                    This :

                    b9005d48-279f-4492-a382-b4fbec624330-image.png

                    you that never seen before scenario ?

                    Not related :

                    d735aed9-3454-4916-b677-4cefb1561bff-image.png

                    You don't trusted Internet's root server ?
                    (1111 and 1001 use Internet's root servers for you 😊 )

                    What you can try - takes 10 minutes or so :
                    Make config backup.
                    Go console, and reset to default.
                    Whne it reboots, assign a DHCP WAN (is the default) and the default 192.168.1.1/24 LAN witn an active DHCP server - this is all being done at the console.
                    You are of course allowed to change the default pfSense password.
                    Nothing else. Don't add stuff - change the password and deatch the keyboard. Nothing else is needed anyway.
                    Question : you see the same behaviour ?

                    When your tests are done, import the backed up config, reboot, and you're back at square one.

                    No "help me" PM's please. Use the forum, the community will thank you.
                    Edit : and where are the logs ??

                    B 1 Reply Last reply Feb 10, 2025, 4:45 PM Reply Quote 0
                    • B
                      bartkus05 @Gertjan
                      last edited by Feb 10, 2025, 4:45 PM

                      @Gertjan

                      For IPv6, I had to disable it - it caused a lot of issues for some reason, with most devices not getting an internet connection. No idea why this was happening, as some worked and some didn't, especially mobile phones had an issue. Very bizarre.

                      Nope, no VPN servers, no dyndns etc

                      Suricata is only active on LAN. But I have only installed it only recently, last month as I have one sketchy IOT device and my switches don't support VLANs, so I cannot isolate it. Put through Suricata in Legacy mode to combat any "sketchy" action it might want to take.

                      Yes, all patches applied from Netgate, no custom patches added. lldpd I use on Omada to create a very pretty network map 😇

                      Non-local gateway was one of the options I have tried to try and fix this (desperation lol)

                      My ISPs default DNS is absolutely shockingly bad. I found 1.1.1.1 to work the best hehe - if that's what you meant 😂

                      Okay, I will give the scenario a try once everyone stops using the internet in the late evening.

                      Thanks.

                      U 1 Reply Last reply Feb 10, 2025, 4:54 PM Reply Quote 0
                      • U
                        Uglybrian @bartkus05
                        last edited by Uglybrian Feb 10, 2025, 4:56 PM Feb 10, 2025, 4:54 PM

                        @bartkus05 said in Cable Internet and pfSense - Interface keeps dropping:

                        My ISPs default DNS is absolutely shockingly bad. I found 1.1.1.1 to work the best hehe - if that's what you meant 😂

                        No- He is saying don't add any DNS servers. Just use resolver, do not forward.
                        Like this-
                        Screenshot from 2025-02-10 08-50-43.png

                        so you see this-
                        Screenshot from 2025-02-10 08-51-18.png

                        1 Reply Last reply Reply Quote 0
                        • B
                          bartkus05
                          last edited by Feb 11, 2025, 10:15 AM

                          Okay, so after a very long night and few coffees this morning, its now fully working without an issue, I can unplug the WAN cable and reconnect it, it jumps back up straight away. Rebooting the modem, the same, it waits for the link - once its there it reconnects and remains connected.

                          I first did a straight forward Factory Defaults reset, that didn't work. Next, did a fresh pfSense CE install, and that also has not helped, the same behaviour was repeating itself. I also tried the "forbidden fruit" fork, that didn't work either - same behaviour.

                          I still had the option to install pfSense plus from the days when I had the home lab license, so I installed that and the issue disappeared.... Rock solid. I set everything back up, all the packages I use and it still is working as expected. I have scanned through the changelogs / tickets on Redmine but couldn't see anything specific relating to this issue so my only conclusion is that something must have changed within FreeBSD itself.

                          How the logs look now, I have highlighted the event that never showed up before.

                          Feb 11 01:36:20 php-fpm 540 /rc.linkup: Hotplug event detected for WAN(wan) dynamic IP address (4: dhcp)
                          Feb 11 01:36:20 php-fpm 540 /rc.linkup: DEVD Ethernet attached event for wan
                          Feb 11 01:36:20 php-fpm 540 /rc.linkup: HOTPLUG: Configuring interface wan
                          Feb 11 01:36:20 check_reload_status 653 rc.newwanip starting ix0
                          Feb 11 01:36:20 php-fpm 540 /rc.linkup: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
                          Feb 11 01:36:20 php-fpm 540 /rc.linkup: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
                          Feb 11 01:36:20 check_reload_status 653 Restarting IPsec tunnels
                          Feb 11 01:36:21 php-fpm 20277 /rc.start_packages: Restarting/Starting all packages.
                          Feb 11 01:36:21 php-fpm 20277 /rc.newwanip: rc.newwanip: Info: starting on ix0.
                          Feb 11 01:36:21 php-fpm 20277 /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN[wan]) (real interface: ix0).
                          Feb 11 01:36:22 php-fpm 63053 /rc.newwanip: Resyncing OpenVPN instances for interface LAN.
                          Feb 11 01:36:22 php-fpm 63053 /rc.newwanip: Creating rrd update script
                          Feb 11 01:36:23 php-fpm 20277 /rc.newwanip: Gateway, NONE AVAILABLE
                          Feb 11 01:36:23 php-fpm 20277 /rc.newwanip: Gateway, none 'available' for inet6, use the first one configured. 'WAN_DHCP6'
                          Feb 11 01:36:23 php-fpm 20277 /rc.newwanip: IP Address has changed, killing states on former IP Address 0.0.0.0.
                          Feb 11 01:36:24 php-fpm 63053 /rc.newwanip: Netgate pfSense Plus package system has detected an IP change or dynamic WAN reconnection - 192.168.2.1 -> 192.168.2.1 - Restarting packages.
                          Feb 11 01:36:24 check_reload_status 653 Starting packages
                          Feb 11 01:36:24 check_reload_status 653 Reloading filter
                          Feb 11 01:36:24 check_reload_status 653 Reloading filter
                          Feb 11 01:36:25 php-fpm 3134 /rc.start_packages: Restarting/Starting all packages.
                          Feb 11 01:36:25 check_reload_status 653 updating dyndns wan
                          Feb 11 01:36:25 check_reload_status 653 Reloading filter

                          I have also followed your suggestions and removed remote DNS servers, only using Resolver now.

                          Thank you for your help!

                          1 Reply Last reply Reply Quote 0
                          7 out of 12
                          • First post
                            7/12
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                            This community forum collects and processes your personal information.
                            consent.not_received