Interface says offline even though it isn't
-
So you have failover or load balancing? Sounds like you want LAGG instead, i.e., using completely wrong feature… As said, get this nonsense out of the way and simplify it.
I just have fail over
edited my postI am sure my setup is as simple as possible for it to work with fail over. I just had to add an extra router.
-
Please, read this: http://doc.pfsense.org/index.php/LAGG_Interfaces
With a single uplink, you want neither failover nor load balancing. There is nothing to fail over or load balance on your WAN.
-
Please, read this: http://doc.pfsense.org/index.php/LAGG_Interfaces
With a single uplink, you want neither failover nor load balancing. There is nothing to fail over or load balance on your WAN.
I have two cable modems. WAN(zoom5341->wnr3500l) and OPT1(dpc3010)
I'll take a look at LAGG though, but I don't think that will fix my issue.WAN only goes down if I use WINMTR and spam packets through the interface or if I am torrenting with a lot of connections. The interface is still up even when it says offline. It will come backup shortly but it should not go offline at all since the connection is actually working fine.
-
I cannot see absolutely any information about two cable modems anywhere, up until now… How does the redundant Netgear fit into that? Out of this thread until you have provided meaningful, understandable and as completely as possible information on your network setup (including screenshots, some network diagram etc.) Waste of time so far, sorry.
WAN only goes down if I use WINMTR and spam packets through the interface or if I am torrenting with a lot of connections.
You should seriously consider hardware limitations of ALL your equipment. A.k.a. doctor, it hurts when I do this… So don't do that.
-
I cannot see absolutely any information about two cable modems anywhere, up until now… How does the redundant Netgear fit into that? Out of this thread until you have provided meaningful, understandable and as completely as possible information on your network setup (including screenshots, some network diagram etc.) Waste of time so far, sorry.
WAN only goes down if I use WINMTR and spam packets through the interface or if I am torrenting with a lot of connections.
You should seriously consider hardware limitations of ALL your equipment. A.k.a. doctor, it hurts when I do this… So don't do that.
I said I had two modems in the third post. A zoom5341 and a dpc3010.
The problem is the hardware is handling it but pfsense is telling me the connection is offline.
Pfsense box is an e5300 @ 3.4ghz, 2 gigs of ram, and all intel pci express nics.The wnr3500l is not redundant, it is used because fail over does not work if both modems are on the same gateway. I have Comcast. (Like one modem could be 76.152.153.123 and the other could be 76.152.153.21 but the gateway is the same.
I just wanted some ideas why pfsense was saying the interface was offline, if you have any ideas.
-
1/ I am absolutely sure the Netgear does NOT handle the kind of abuse you have described at all… multiple friends are using that box. Did not bother with checking the cable modem specs, however they are 100% not even close to the pfSense. Please understand that pfSense is NOT the limiting factor here. Your SOHO equipment routers definitely are. The whole point of why I said "hardware limitations of ALL your equipment."
2/ Still not even remotely enough info here about pfSense configuration to be able to advise about anything. In fact, no information on the network configuration at all… Missing a crystal ball. -
1/ I am absolutely sure the Netgear does NOT handle the kind of abuse you have described at all… multiple friends are using that box. Did not bother with checking the cable modem specs, however they are 100% not even close to the pfSense. Please understand that pfSense is NOT the limiting factor here. Your SOHO equipment routers definitely are. The whole point of why I said "hardware limitations of ALL your equipment."
2/ Still not even remotely enough info here about pfSense configuration to be able to advise about anything. In fact, no information on the network configuration at all… Missing a crystal ball.Oh yeah, I got rid of the netgear.
That fixed itI didn't think that was the problem it has a pretty decent cpu, I have a wndr3700 which worked fine, oh well.
Thanks
-
Is it simply that when the WAN is under load, the latency increases (and possibly some packet loss of the gateway monitoring "ping" probes). These parameters get outside their default limits and the gateway/WAN is declared down.
Look at System->Routing Gateway Advanced parameters. Perhaps increasing some of those settings will help - it does for me at sites with slow links that are easily swamped by download/s. -
Your setup seems entirely reasonable to me considering you need failover. Interesting that traffic is still being routed to WAN after it's marked down. Only existing connections?
Check the logs for what reasons the WAN is being marked down, high latency or packet loss. Adjust the parameters as Phil says above.
If it's packet loss then you may have some underlying problem.Steve
-
If it's packet loss then you may have some underlying problem.
Well, well you flood your poor SOHO boxes with thousands of BT or other P2P connections, you will have problems. Pretty much self-induced. Unless you want to replace (if possible at all) the cheapo Chinese junk every ISP supplies to their customers (with zero support from vendor usually and no firmware updates) with something up to par, you need to adjust your clients to not behave in an insane way. Such as limiting the number of peers in your BT client to a reasonable level. Otherwise, dumbing down those devices (as in switching to bridge mode) and turning off as much functionality as you can on that SOHO junk and offloading the work to a proper router behind them is highly recommended.
-
I understand what you mean and without getting into how many simultaneous connections your your SOHO equipment can handle or whether its junk or not, I have a separate question.
How do you get fail over using a single ISP (comcast) and especially if its coming off 1 piece of coax?
I could see getting 2 comcast modems and aggregating the bandwidth for faster speeds, but I'm not sure how you can get failover using a single ISP's infracture?
-
That's what I don't understand either… using one wire offers no failover beyond dead modem perhaps.
-
I understand what you mean and without getting into how many simultaneous connections your your SOHO equipment can handle or whether its junk or not, I have a separate question.
How do you get fail over using a single ISP (comcast) and especially if its coming off 1 piece of coax?
I could see getting 2 comcast modems and aggregating the bandwidth for faster speeds, but I'm not sure how you can get failover using a single ISP's infracture?
Yeah it's kind of silly, but sometimes the occasional t4 timeout can cause a modem reboot and it can get kicked to the 2nd modem. I have a DSL modem as a backup as well, so it's all good.
-
My only real issues with his particular setup are:
1. Double NAT breaks UPnP and NAT PMP.
2. Unless I'm missing something it offers no redundancy outside a fried modem.
3. Introduces another point of failure (router).
4. Probably introduces a much smaller state table between the modem and pfsense than pfsense has which is a really big deal for P2P.As for why his interface is reading as Down, I bet the previous commenter was right. Packet loss.
-
So, you have primary comcast modem directly into pfsense, then failover to comcast modem > router > pfsense, then DSL > pfsense?
In that order of precedence?
-
So, you have primary comcast modem directly into pfsense, then failover to comcast modem > router > pfsense, then DSL > pfsense?
In that order of precedence?
This thread is plain hopeless. Now we have DSL in play as well… we started with one cable modem going "down"...
@OP: Stop wasting people's time and post relevant screenshots of your configuration if you want any help. This gets beyond silly.
-
So, you have primary comcast modem directly into pfsense, then failover to comcast modem > router > pfsense, then DSL > pfsense?
In that order of precedence?
This thread is plain hopeless. Now we have DSL in play as well… we started with one cable modem going "down"...
@OP: Stop wasting people's time and post relevant screenshots of your configuration if you want any help. This gets beyond silly.
Please refrain from being rude. If you think it is a waste of time and do not wish to participate in the thread, then don't. Nobody forcing you too. Don't believe the OPer ever asked for an opinion of the setup. Not everyone is at your level of networking knowledge, nor have your same objectives, and learning is rarely silly or waste of time.
-
"So, you have primary comcast modem directly into pfsense, then failover to comcast modem > router > pfsense, then DSL > pfsense?
In that order of precedence?" - Wasn't intended to be rude.
I was going to recommend he make the NON-NATed comcast modem his primary, NON-NATed DSL his secondary and NATed (with router) redundant comcast 3rd in line.
I don't know enough to be rude to anyone else (-:
-
@kejianshi: Apparently was not aimed at you… :)
Please refrain from being rude. If you think it is a waste of time and do not wish to participate in the thread, then don't. Nobody forcing you too. Don't believe the OPer ever asked for an opinion of the setup. Not everyone is at your level of networking knowledge, nor have your same objectives, and learning is rarely silly or waste of time.
We are at post 22 now, and know exactly zero about the actual configuration in place. The target of the thread has meanwhile move from a dead simple pf => cable modem to 3 WANs with unspecified configuration (was load balancing originally, then allegedly failover, and god knows what's really set up there. As a bonus we got another redundant router in place somewhere… I cannot see what's anyone learning here, beyond how not to ask questions if you want to get something solved.
-
Actually a few posts back seem to indicate that the OPer learned quite a bit.
All those details being asking for are not always necessary in order to provide guidance to enable the student to proceed with their learning. Sometimes they just need pointing in the right direction so they can figure it out instead of having the answer handed to them on a silver platter.