PfSense randomly loses connection, and reboot is only solution.
-
If you do a Dmesg after the GW drops, does it show the link flapping on the ue0 nic?
If so, you either have a failing NIC or just general instability with the USB NIC (these aren't exactly what I would consider to be stable).
If the System Logs do not show Apinger alarm, restarting the NIC and followed by a filter reload, then the problem probably lies with the NIC (I've had this with a failing NIC before).
Yeah, tons of ups and downs. The FW has worked as a charm for the last few days…I tuned some stuff on a server (did some ifconfig eth0 RX downtune IIRC), and the TOR-server went down about 20%...Before, and when the FW-problems occured, the tor-relay was full throttle.. So I guess it's just this damn USB NIC. Too much traffic and it goes bananas..
How do you reload filters?
-
Looking at dmesg, I've lost connections several times…probably while I've not been using internet etc. And I have no idea for how long the ue0 is down, and why it comes back up again. Ideas?
ukphy0: <generic ieee="" 802.3u="" media="" interface=""> PHY 16 on miibus1 ukphy0: none, 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto, auto-flow ue0: <usb ethernet=""> on axe0 ZFS WARNING: Recommended minimum kmem_size is 512MB; expect unstable behavior. Consider tuning vm.kmem_size and vm.kmem_size_max in /boot/loader.conf. ZFS filesystem version 5 ZFS storage pool version 28 ue0: link state changed to DOWN bge0: link state changed to DOWN pflog0: promiscuous mode enabled ue0: link state changed to UP bge0: link state changed to UP ue0: link state changed to DOWN ue0: link state changed to UP ue0: link state changed to DOWN ue0: link state changed to UP ue0: promiscuous mode enabled ue0: link state changed to DOWN ue0: link state changed to UP ue0: link state changed to DOWN ue0: link state changed to UP ue0: link state changed to DOWN ue0: link state changed to UP ue0: link state changed to DOWN ue0: link state changed to UP</usb></generic>Found this! What could cause this? 1-5 minutes downtime, but no "uplink" messages?
Edit: Missed to get these lines in the screenshot.
Feb 10 19:35:41 apinger: Starting Alarm Pinger, apinger(17013) Feb 10 19:35:51 apinger: ALARM: WANGW(188.133.122.1) *** down *** Feb 10 21:20:37 apinger: ALARM: GW_WAN(188.122.133.1) *** down *** Feb 11 00:39:54 apinger: Starting Alarm Pinger, apinger(13674) Feb 11 00:40:05 apinger: ALARM: WANGW(188.133.122.1) *** down *** Feb 11 03:03:19 apinger: ALARM: GW_WAN(188.122.133.1) *** down *** Feb 11 03:31:54 apinger: Starting Alarm Pinger, apinger(15720) Feb 11 03:32:04 apinger: ALARM: WANGW(188.133.122.1) *** down *** Feb 13 00:17:28 apinger: ALARM: GW_WAN(188.122.133.1) *** loss *** Feb 13 00:47:10 apinger: alarm canceled: GW_WAN(188.122.133.1) *** loss ***"Starting Alarm Pinger", then 10 seconds later I'm offline. Where can I find options about this thingy?
-
How far apart are these up down events?
Why is it using promiscuous mode? Is it bridged?Steve
-
How far apart are these up down events?
Why is it using promiscuous mode? Is it bridged?Steve
Promiscuous mode? I have no idea. I've never seen options like that. It is no bridged.
-
Usually a NIC would only need to use promiscuous mode if it has to be able to process frames addressed to other MACs. This is the case if it is part of a bridge or has been used for packet capturing among others.
Steve
-
Usually a NIC would only need to use promiscuous mode if it has to be able to process frames addressed to other MACs. This is the case if it is part of a bridge or has been used for packet capturing among others.
Steve
According to "Diagnostics > Packet Capture" promiscuous mode is disabled. By the way did, did you see my edit on my previous post?
-
You can tune apinger or disable it completely in System: Routing: Gateways: edit gateway, advanced.
That's not going to help if your usb nic really is flaky though.Steve
-
So I guess it's just this damn USB NIC. Too much traffic and it goes bananas..
How do you reload filters?
Seems like the case. USB NICs aren't exactly stellar performers. I seriously recommend getting a cheap VLAN capable switch (Netgear GS108T or HP Procurve 1810-8G or Mikrotik RB260GS) and using that with your BGE nic to create the WAN & LAN interfaces via VLANs instead. It's far more stable than trying to work with the USB NIC.
-
As soon as I turn on squid, the USB drops within hours. Since I disabled it, it hasnt dropped once. :) Too bad tho, since I really liked Squid. I guess I'll start using it the day I find relaying onion traffic boring. 8)
-
Sorry for keeping this thread alive, but..since I figured out, the reason the USB-NIC overloads is because of Squid, is there any certain tweaks I could do to Squid towards the hardware?
-
Sorry for keeping this thread alive, but..since I figured out, the reason the USB-NIC overloads is because of Squid, is there any certain tweaks I could do to Squid towards the hardware?
What is squid doing when the USB nic drops? Line up the logs. Look to make the logs more verbose.
Have you tried a different set of USB headers? Does it correspond with high load on the PC?
-
Sorry for keeping this thread alive, but..since I figured out, the reason the USB-NIC overloads is because of Squid, is there any certain tweaks I could do to Squid towards the hardware?
What is squid doing when the USB nic drops? Line up the logs. Look to make the logs more verbose.
Have you tried a different set of USB headers? Does it correspond with high load on the PC?
After all, it's just not Squid, it is traffic itself. USB-NIC/GW still drops, just not as frequent as with Squid enabled.
Attached some RRD graphs. If you want RRD graphs of CPU or other system-related stuff, just give me a shout.
-
Hi there,
We used to use USB NICs and can confirm this flapping behavior - UP/DOWN within seconds. The only solution is NOT to use USB NICs with pfSense/FreeBSD. Go for VLAN switches and non-USB NICs.
Thanks,
msu
