Pfsense 2.1 and crashing cable modem
-
Hello,
We are using pfsense 2.1, 1wan 1lan, openvpn and basic nat rules. Nothing else of interest running on this machine. Since installing the pfsense system we started having problems with a crashing modem.
Previously we have a linux machine doing the routing which worked for about a year with no issues. Due to a hardware issue with this box we took the opportunity to change to pfsense.
About two weeks after installing the box into production we got our first modem crash. No biggie, our ISP is notorious for unstable internet connections. But then a week after that, then 2 days, then 1 day and finally a couple times a day. By crash i mean the modem appears to be still connected , wan interface on pfsense dashboard still says up, but the internet is down. Only power cycling the modem fixes things. Not to mention the modem is hot to the touch.
I contacted our ISP first and of course the say their modem is fine. I had them replace it anyway and they did. Thought we were good, but the same thing began to occur. We were good for almost 2 weeks before the modem died, then one week. now daily crashes.
I implemented a traffic shaper hoping to limit the traffic running through the modem but seemed to have no effect. I initially tried Priq and now
HFSC. I used the wizard with no special rules, just set our upload at 3.6 Mb/s (caps at 4) and download 49Mb/s (caps at 50).Anyone have any thoughts on this? We are using a business class modem from our ISP.
If you need more information please let me know. I am some what green when it comes to this.
Thanks,
-
Was talking in IRC with a fellow who mentioned he was having the same issue with his modem. He sent me a picture of the SMC and sure as heck it was the exact same model. Unfortunately, my ISP does not allow us to provide our own modems nor will they provide an "off brand".
I will need to look at other solutions then :) hope this helps somebody down the road.
SMCD3GN
http://electronicsguru.ca/for_sale/Cablemodems/SMCD3GN/SMCD3GN_400px.jpg -
Are you using a static IP?
Im guessing your with Comcast…
-
I suppose anything is possible, but a downstream firewall causing a cable modem to crash seems strange and unlikely, but you never know.
Having dealt with multiple cable modem issues across over the years with different ISP's and different brands, my first thought is a bad modem. Have them come out as many times as you need until the issue is resolved. Be sure to call when it's down… and leave it down when you call and make them troubleshoot. Also, make sure they check the signal from the junction box outside to the building and from the coax jack to the modem. The last issue I had was with a weak signal, so they had to install a powered amplifier.
You've said a reboot of the modem fixes your issue, but you can also try rebooting PFsense when it's down and to make sure you do not have a hardware issue on your end. If your internet comes back after a PFsense reboot, the issue may be hardware related on PFsense.
Then there's the easy stuff... double check you don't have a wiring issue between the modem and PFsense (might as well check PFsense to switch also). If there's an old or custom made patch there... replace it with a brand new pre-made patch.
If you have some money to spend and want to cover your bases, purchase a smart UPS with Automatic Voltage Regulation to ensure you have clean power going to all your devices.
I believe the interface section on the dashboard is only checking link status by pinging the interface IP locally (someone correct me if I am mistaken). It is not actually checking to see if your traffic is being routed to the internet. PFsense thinks the connection is "online" because of a link at layer 2 and the interface responds to ping locally because it's enabled at the OS level.
Last, but not least, there's always an outside chance you're getting DOS'd I guess.... start tracking your interface usage via snmp and see if there's unusual spikes near the time of your outages.
Just out of curiosity, if you have a business line, I'm surprised you don't have a switch with an integrated modem... instead of just a "modem" per se.
-
The interface section does indeed only check for a layer 2 connection. If ifconfig reports the connection as UP it will show green in the dash. The monitor section (if it's a WAN as it is here) checks for a layer3 connection. By default it pings the gateway. If it's pinging a local IP, like the cable modem/router, that it may not ever see the connection go down in which case it won't trigger the various scripts that re-establish the connection. Make sure apinger is monitoring a remote IP. Also there is the issue with some cable modems that start to issue local private IPs when the cable connection goes down and then don't stop responding on that address so pfSense ends up stuck on the local IP. There's a whole thread about that.
Steve
-
I would bet money its a driver problem with your nic and not the cable modem. A friend was getting the issue with a usb 2 ethernet adapter I forget the driver but I believe it was al0 or ax0 something like that. 192.168.100.1 will give you the levels of your cable modem if you are on Comcast. If you have a gateway then this will not work.
-
About two weeks after installing the box into production we got our first modem crash. No biggie, our ISP is notorious for unstable internet connections. But then a week after that, then 2 days, then 1 day and finally a couple times a day. By crash i mean the modem appears to be still connected , wan interface on pfsense dashboard still says up, but the internet is down. Only power cycling the modem fixes things. Not to mention the modem is hot to the touch.
I contacted our ISP first and of course the say their modem is fine. I had them replace it anyway and they did. Thought we were good, but the same thing began to occur. We were good for almost 2 weeks before the modem died, then one week. now daily crashes.
Cable modems react to line conditions, actively changing the transmission power level to maintain a usable signal. I've seen cases where it eventually gets too hot (power increases to keep a good signal then gets too hot) and reboots. So, try tracking your S/N ratio, upstream power level, and signal stats. Most modems have an internal web page you can get to with a diagnostics screen. As a trial, you could also make sure it's cooled, even with an external fan or something.
Could also be a dodgy nic, hardware starting to go bad or getting too hot.
-
i had a similar issue. time warner cable modem to a desktop i turned into a pfsense box. the desktop had dual NIC built into the mother board. I used one of them for wan and one for lan. Had it constantly not passing traffic to the internet and could not access the web gui from the lan side. could only fix it by restarting the pfsense box. Finally installed a new pci nic into it and plugged one of the cables into the new nic and reconfigured the interaces and viola! its been running steady without a reboot for over a year now.