VoIP and Windows 2003 server loose connectivity over ADSL renew
-
Hi!
I'm running PfSense 1.2-release, 1 WAN (ADSL).
At first I want to say this software is great, and we use it to traffic shape and priorize VoIP on our small buisiness network. So far, it works flawlessly.However (!), I have one single problem:
When my ADSL provider renew my dynamic IP (once every week), my VoIP SIP provider link drop. Nothing will bring it back unless I reboot my VoIP (asterisk) server. It can ping the sip server, but not register to it…
Also, to verify the source of our error, we made another windows machine (our DNS server) ping continously google and our sip provider. When the renew happened, the windows machine could not ping google or the sip provider, we had to kill and restart the DNS service to make it work again....My guess, curently, is that somehow PfSense does not flush it's state, or does not force continuing connections to drop and re-negotiate.
Please, tell me if there is a way to correct this behavior!
Thanks,
Jay2 -
I'm running on PPPoE too at home and have 24h renewal (forced disconnect by ISP). Haven't noticed such a problem yet. Does manually resetting states at the pfSense (diagnostics>states, reset states) bring everything back online when this happens? Btw, i use the periodic reconnect feature at interfaces>wan to control the time the disconnect is happening as I drop the line and not the ISP. This is something you could try too to see if that makes a difference.
-
Sounds close to this topic.
http://forum.pfsense.org/index.php/topic,7808.msg46725.html#msg46725 -
Thanks Perry!
However: The bug [Because it is, really], is not only a multi-wan issue.
I have one LAN, one WAN interface.
Every time the WAN renew with a new IP, the state tables get corrupted.
It breaks any kind of VoIP traffic, since they rely heavily on STUN and other "keep that connection opened" mechanisms.To test this bug without VoIP, simply make a machine on your LAN side do a continous ping
Windows> ping -t google.com
This ping will fail (and keep failing) until the states are reseted by hand if a WAN ip change occurs.
Il will behave exactly as stated in previously stated topic:
http://forum.pfsense.org/index.php/topic,7808.15.htmlNow the above link also offers a work-around I will test, wich flush all states on WAN renew.
However, the proper way to do this would probably be to parse/replace the old WAN ip with the new WAN ip on the current state table on a WAN renew. [ OnWanIPChange-> States(OldWANIp) = States(NewWANIp) ]
I do not know how to do that :) -
Ok, I applied the workaround, and so far so good. It works.
Change /conf/config.xml
<system>... .... <afterfilterchangeshellcmd>/usr/local/bin/reset_states.sh</afterfilterchangeshellcmd></system>Create /usr/local/bin/reset_states.sh
#!/bin/sh sleep 60 /sbin/pfctl -F state sleep 40 /sbin/pfctl -F statechmod 755 /usr/local/bin/reset_states.sh