Random disconnect on LAN - please assist!

pwnell

I just purchased a brand new machine.  It consists of an Intel 775 motherboard, Pentium(R) Dual-Core CPU E5400 @ 2.70GHz. 2GB RAM, and 2 x D-Link and 1 x onboard NIC.

[2.0-BETA4][root@fw.pwnconsulting.com]/root(4): uname -a
FreeBSD fw.pwnconsulting.com 8.1-RELEASE-p2 FreeBSD 8.1-RELEASE-p2 #1: Fri Dec  3 15:17:17 EST 2010     sullrich@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj.pfSense/usr/pfSensesrc/src/sys/pfSense_SMP.8  i386

Onboard is a:

alc0: <atheros ar8131="" pcie="" gigabit="" ethernet="">port 0xbf00-0xbf7f mem 0xfdec0000-0xfdefffff irq 17 at device 0.0 on pci2
alc0: 15872 Tx FIFO, 15360 Rx FIFO
alc0: Using 1 MSI message(s).
miibus0: <mii bus="">on alc0
atphy0: <atheros 10="" 100="" 1000="" f1="" phy="">PHY 0 on miibus0
atphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT-FDX, auto
alc0: [FILTER]</atheros></mii></atheros> 

2 x D-Link are:

skc0: <d-link dge-530t="" gigabit="" ethernet="">port 0xde00-0xdeff mem 0xfdbfc000-0xfdbfffff irq 20 at device 0.0 on pci3
skc0: DGE-530T Gigabit Ethernet Adapter rev. (0x9)
sk0: <marvell semiconductor,="" inc.="" yukon="">on skc0
miibus1: <mii bus="">on sk0
e1000phy0: <marvell 88e1011="" gigabit="" phy="">PHY 0 on miibus1
e1000phy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
skc0: [ITHREAD]

skc1: <d-link dge-530t="" gigabit="" ethernet="">port 0xdc00-0xdcff mem 0xfdbf8000-0xfdbfbfff irq 19 at device 1.0 on pci3
skc1: DGE-530T Gigabit Ethernet Adapter rev. (0x9)
sk1: <marvell semiconductor,="" inc.="" yukon="">on skc1
miibus2: <mii bus="">on sk1
e1000phy1: <marvell 88e1011="" gigabit="" phy="">PHY 0 on miibus2
e1000phy1:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, 1000baseT, 1000baseT-FDX, auto
skc1: [ITHREAD]</marvell></mii></marvell></d-link></marvell></mii></marvell></d-link> 

The latest snapshot installed fine - 20101203-1041. I configured sk0 as LAN, sk1 as WAN.

First problem - try as I may, I could not get alc0 to work. When connected to WAN directly to my Motorola cable modem, it would never DHCP.  When I changed it so that it was OPT1 with the DHCP service turned on, I could not get a notebook to DHCP from that interface.  I assume it is not compatible with FreeBSD even though it shows up as an adapter I can use and it detects link status changes.  For this I have a new Intel CT 1000 PCIe adapter on its way.

Second and more pressing problem. pfSense will run anywhere between 10 and 30 minutes, then suddenly none of my machines on the LAN can access the firewall.  The firewall seems up and running, it can connect to internet sites via WAN, but on the firewall I cannot ping anything on the LAN.  Removing the LAN cable in the firewall, and plugging it back in always solves this.  Obviously not a practical workaround.  The LAN port on the firewall is connected to a D-Link switch.  I tried 2 different switches, same result.  Here is the log:

Dec  4 02:18:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 02:18:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 02:22:51 fw check_reload_status: Linkup starting sk1
Dec  4 02:22:51 fw kernel: sk1: link state changed to DOWN
Dec  4 02:22:51 fw kernel: sk1: link state changed to UP
Dec  4 02:22:51 fw kernel: sk1: link state changed to UP
Dec  4 02:22:51 fw check_reload_status: Linkup starting sk1
Dec  4 02:22:51 fw check_reload_status: Linkup starting sk1
Dec  4 02:22:51 fw php: : DEVD Ethernet detached event for wan
Dec  4 02:22:51 fw dhclient[10853]: connection closed
Dec  4 02:22:51 fw dhclient[10853]: connection closed
Dec  4 02:22:51 fw dhclient[10853]: exiting.
Dec  4 02:22:51 fw dhclient[10853]: exiting.
Dec  4 02:22:51 fw php: : DEVD Ethernet attached event for wan
Dec  4 02:22:51 fw php: : HOTPLUG: Configuring interface wan
Dec  4 02:22:51 fw php: : DEVD Ethernet attached event for wan
Dec  4 02:22:51 fw php: : HOTPLUG: Configuring interface wan
Dec  4 02:22:52 fw dhclient: PREINIT
Dec  4 02:22:52 fw dhclient[61466]: DHCPREQUEST on sk1 to 255.255.255.255 port 67
Dec  4 02:22:52 fw dhclient[61466]: DHCPACK from 70.70.82.1
Dec  4 02:22:52 fw dhclient: REBOOT
Dec  4 02:22:52 fw dhclient: Starting add_new_address()
Dec  4 02:22:52 fw dhclient: ifconfig sk1 inet 96.155.111.111 netmask 255.255.252.0 broadcast 255.255.255.255 
Dec  4 02:22:52 fw dhclient: New IP Address (sk1): 96.155.111.111
Dec  4 02:22:52 fw dhclient: New Subnet Mask (sk1): 255.255.252.0
Dec  4 02:22:52 fw dhclient: New Broadcast Address (sk1): 255.255.255.255
Dec  4 02:22:52 fw dhclient: New Routers (sk1): 96.155.111.1
Dec  4 02:22:52 fw check_reload_status: rc.newwanip starting sk1
Dec  4 02:22:52 fw dhclient: Adding new routes to interface: sk1
Dec  4 02:22:52 fw dhclient: /sbin/route add default 96.155.111.1
Dec  4 02:22:52 fw dhclient: Creating resolv.conf
Dec  4 02:22:52 fw check_reload_status: Rewriting resolv.conf
Dec  4 02:22:52 fw dhclient[61466]: bound to 96.155.111.111 -- renewal in 74272 seconds.
Dec  4 02:22:53 fw php: : rc.newwanip: Informational is starting sk1.
Dec  4 02:22:53 fw php: : rc.newwanip: on (IP address: 96.155.111.111) (interface: wan) (real interface: sk1).
Dec  4 02:22:53 fw php: : ROUTING: change default route to 96.155.111.1
Dec  4 02:22:53 fw apinger: Exiting on signal 15.
Dec  4 02:22:53 fw apinger: Starting Alarm Pinger, apinger(10387)
Dec  4 02:22:57 fw dhclient: PREINIT
Dec  4 02:22:57 fw dhclient[3805]: DHCPREQUEST on sk1 to 255.255.255.255 port 67
Dec  4 02:22:57 fw dhclient[3805]: DHCPACK from 70.70.82.1
Dec  4 02:22:57 fw dhclient: REBOOT
Dec  4 02:22:57 fw dhclient: Starting add_new_address()
Dec  4 02:22:57 fw dhclient: ifconfig sk1 inet 96.155.111.111 netmask 255.255.252.0 broadcast 255.255.255.255 
Dec  4 02:22:57 fw dhclient: New IP Address (sk1): 96.155.111.111
Dec  4 02:22:57 fw dhclient: New Subnet Mask (sk1): 255.255.252.0
Dec  4 02:22:57 fw dhclient: New Broadcast Address (sk1): 255.255.255.255
Dec  4 02:22:57 fw dhclient: New Routers (sk1): 96.155.111.1
Dec  4 02:22:57 fw check_reload_status: rc.newwanip starting sk1
Dec  4 02:22:57 fw dhclient: Adding new routes to interface: sk1
Dec  4 02:22:57 fw dhclient: /sbin/route add default 96.155.111.1
Dec  4 02:22:57 fw dhclient: Creating resolv.conf
Dec  4 02:22:57 fw check_reload_status: Rewriting resolv.conf
Dec  4 02:22:57 fw dhclient[3805]: bound to 96.155.111.111 -- renewal in 74269 seconds.
Dec  4 02:22:58 fw php: : rc.newwanip: Informational is starting sk1.
Dec  4 02:22:58 fw php: : rc.newwanip: on (IP address: 96.155.111.111) (interface: wan) (real interface: sk1).
Dec  4 02:22:58 fw php: : ROUTING: change default route to 96.155.111.1
Dec  4 02:22:58 fw apinger: Exiting on signal 15.
Dec  4 02:22:58 fw apinger: Starting Alarm Pinger, apinger(23341)
Dec  4 02:23:21 fw dnsmasq[46542]: reading /etc/resolv.conf
Dec  4 02:23:21 fw dnsmasq[46542]: using nameserver 64.59.150.132#53
Dec  4 02:23:21 fw dnsmasq[46542]: using nameserver 64.59.144.17#53
Dec  4 02:23:21 fw dnsmasq[46542]: using nameserver 64.59.144.16#53
Dec  4 02:28:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 02:28:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 02:38:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 02:38:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 02:48:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 02:48:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 02:58:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 02:58:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 03:00:59 fw check_reload_status: Linkup starting sk1
Dec  4 03:00:59 fw kernel: sk1: link state changed to DOWN
Dec  4 03:00:59 fw kernel: sk1: link state changed to UP
Dec  4 03:00:59 fw check_reload_status: Linkup starting sk1
Dec  4 03:00:59 fw php: : DEVD Ethernet attached event for wan
Dec  4 03:00:59 fw php: : DEVD Ethernet detached event for wan
Dec  4 03:00:59 fw php: : HOTPLUG: Configuring interface wan
Dec  4 03:00:59 fw dhclient[20779]: My address (96.155.111.111) was deleted, dhclient exiting
Dec  4 03:00:59 fw dhclient[20779]: My address (96.155.111.111) was deleted, dhclient exiting
Dec  4 03:00:59 fw dhclient[7375]: My address (96.155.111.111) was deleted, dhclient exiting
Dec  4 03:00:59 fw dhclient[7375]: My address (96.155.111.111) was deleted, dhclient exiting
Dec  4 03:00:59 fw dhclient: FAIL
Dec  4 03:00:59 fw dhclient: FAIL
Dec  4 03:00:59 fw dhclient[61473]: connection closed
Dec  4 03:00:59 fw dhclient[61473]: connection closed
Dec  4 03:00:59 fw dhclient[5132]: connection closed
Dec  4 03:00:59 fw dhclient[5132]: connection closed
Dec  4 03:00:59 fw dhclient[5132]: exiting.
Dec  4 03:00:59 fw dhclient[5132]: exiting.
Dec  4 03:00:59 fw dhclient[61473]: exiting.
Dec  4 03:00:59 fw dhclient[61473]: exiting.
Dec  4 03:01:01 fw dhclient: PREINIT
Dec  4 03:01:01 fw dhclient[50220]: DHCPREQUEST on sk1 to 255.255.255.255 port 67
Dec  4 03:01:01 fw dhclient[50220]: DHCPACK from 70.70.82.1
Dec  4 03:01:01 fw dhclient: REBOOT
Dec  4 03:01:01 fw dhclient: Starting add_new_address()
Dec  4 03:01:01 fw dhclient: ifconfig sk1 inet 96.155.111.111 netmask 255.255.252.0 broadcast 255.255.255.255 
Dec  4 03:01:01 fw dhclient: New IP Address (sk1): 96.155.111.111
Dec  4 03:01:01 fw dhclient: New Subnet Mask (sk1): 255.255.252.0
Dec  4 03:01:01 fw dhclient: New Broadcast Address (sk1): 255.255.255.255
Dec  4 03:01:01 fw dhclient: New Routers (sk1): 96.155.111.1
Dec  4 03:01:01 fw check_reload_status: rc.newwanip starting sk1
Dec  4 03:01:01 fw dhclient: Adding new routes to interface: sk1
Dec  4 03:01:01 fw dhclient: /sbin/route add default 96.155.111.1
Dec  4 03:01:01 fw dhclient: Creating resolv.conf
Dec  4 03:01:01 fw check_reload_status: Rewriting resolv.conf
Dec  4 03:01:01 fw dhclient[50220]: bound to 96.155.111.111 -- renewal in 73128 seconds.
Dec  4 03:01:01 fw php: : rc.newwanip: Informational is starting sk1.
Dec  4 03:01:01 fw php: : rc.newwanip: on (IP address: 96.155.111.111) (interface: wan) (real interface: sk1).
Dec  4 03:01:01 fw php: : ROUTING: change default route to 96.155.111.1
Dec  4 03:01:01 fw apinger: Exiting on signal 15.
Dec  4 03:01:01 fw apinger: Starting Alarm Pinger, apinger(59461)
Dec  4 03:01:33 fw dnsmasq[46542]: reading /etc/resolv.conf
Dec  4 03:01:33 fw dnsmasq[46542]: using nameserver 64.59.150.132#53
Dec  4 03:01:33 fw dnsmasq[46542]: using nameserver 64.59.144.17#53
Dec  4 03:01:33 fw dnsmasq[46542]: using nameserver 64.59.144.16#53
Dec  4 03:08:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 03:08:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 03:18:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 03:18:30 fw dnsmasq[46542]: possible DNS-rebind attack detected: smtp.rogerswirelessdata.com
Dec  4 03:20:14 fw check_reload_status: Linkup starting sk0
Dec  4 03:20:14 fw kernel: sk0: link state changed to DOWN
Dec  4 03:20:14 fw kernel: sk0: link state changed to UP
Dec  4 03:20:14 fw check_reload_status: Linkup starting sk0
Dec  4 03:20:15 fw php: : Hotplug event detected for lan but ignoring since interface is configured with static IP (192.168.0.10)

Any ideas how to solve this would be greatly appreciated.

pwnell

Btw it does the same on sk1 - i.e.e WAN.  It will say hotplug event detected, link down, and sometimes not DHCP.