Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem: WAN PPPoE reconnects multiple times every day

    Scheduled Pinned Locked Moved General pfSense Questions
    17 Posts 4 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      Nikolay_Zhelev
      last edited by

      Hi firewalluser,

      Thank you for your reply. Unfortunatelly I would like to avoid 2.2 RC, due to the OpenVPN TAP issue, because I'm actively using OpenVPN in bridged configuration.

      Any ideas regarding 2.1.5?

      Regards,
      Nick

      1 Reply Last reply Reply Quote 0
      • N Offline
        Nikolay_Zhelev
        last edited by

        Hi fellows,

        An update to my case:

        I've updated from pfSense 2.1.5 to 2.2 couple of days ago and today the problem came again.

        Feb 15 11:02:53 system log: check_reload_status: Rewriting resolv.conf
        Feb 15 11:03:02 gateway log: apinger: SIGHUP received, reloading configuration.
        Feb 15 11:02:53 ppp log: ppp: [wan_link0] LCP: state change Opened –> Stopping

        I really need some help. I've contacted my ISP and they confirmed, that other users on my street connected to the same switch didn't have any connection drop, which means the problems is in my box.

        Any ideas?

        I'm looking forward to hearing from you guys.

        Kind Regards,
        Nick

        1 Reply Last reply Reply Quote 0
        • N Offline
          Nikolay_Zhelev
          last edited by

          A quick update:

          I've checked my quality graphs for the time when the reconnection occurred, there are no drops and no packet losses. There are no apinger gateway down event, no alarm is triggered, which makes me think, that internal process is sending sighup to close the pppoe connection.

          Is that possible and how can I identify that?

          Regards,
          Nick

          1 Reply Last reply Reply Quote 0
          • N Offline
            Nikolay_Zhelev
            last edited by

            Hi fellows,

            I started digging in my pppoe configuration files and I came across one unusual thing:

            As seen from the picture below, my wan interface configuration is set to IPv4 -> PPPoE and IPv6 -> None (my ISP offers me only IPv4 static address).

            but when I checked my mpd_wan.conf file, located in /var/etc/ the content was "set bundle enable ipv6cp", as seen from the code below:

            startup:
            	# configure the console
            	set console close
            	# configure the web server
            	set web close
            
            default:
            pppoeclient:
            	create bundle static wan
            	set bundle enable ipv6cp
            	set iface name pppoe0
            	set iface route default
            	set iface disable on-demand
            	set iface idle 0
            	set iface enable tcpmssfix
            	set iface up-script /usr/local/sbin/ppp-linkup
            	set iface down-script /usr/local/sbin/ppp-linkdown
            	set ipcp ranges 0.0.0.0/0 0.0.0.0/0
            	set ipcp enable req-pri-dns
            	set ipcp enable req-sec-dns
            	#log -bund -ccp -chat -iface -ipcp -lcp -link
            
            	create link static wan_link0 pppoe
            	set link action bundle wan
            	set link disable multilink
            	set link keep-alive 10 60
            	set link max-redial 0
            	set link disable chap pap
            	set link accept chap pap eap
            	set link disable incoming
            	set link mtu 1492
            	set auth authname "username@isp.com"
            	set auth password isppassword
            	set pppoe service ""
            	set pppoe iface re1
            	open
            
            

            I found this a bit unusual, therefore I started looking from where the mpd_wan.conf file is generated.

            I traced the source to: etc/inc/interfaces.inc where I noticed, that by default the "set bundle enable" line is set to ipv6cp, ignoring the web interface "None" selection. Also, I noticed, that "keep-alive 10 60" is set by default, without any option to disable it.

            Unfortunately I don't have deep knowledge in scriting and I'm not sure whether I'm correct in my troubleshooting, so I'll appreciate your comments here.

            Shall I change ipv6cp in interfaces.inc to ipcp and also disable keep-alive, by setting "keep-alive 0 60" or not?

            Regards,
            Nick

            1 Reply Last reply Reply Quote 0
            • stephenw10S Offline
              stephenw10 Netgate Administrator
              last edited by

              Interesting find. Do what you like in /var, it gets rebuilt at boot anyway. Backup the old file first if you mod anything else.

              Some input from a higher source:
              https://forum.pfsense.org/index.php?topic=32653.msg168773#msg168773

              Steve

              1 Reply Last reply Reply Quote 0
              • N Offline
                Nikolay_Zhelev
                last edited by

                Hi Steve,

                Thank you very much for your reply!

                I've backed up mpd_wan.conf and interfaces.inc and changed the "set bundle enable ipv6cp" to "set bundle enable ipcp" in the mpd_wan.conf. Also I modified interfaces.inc, because otherwise after reboot it will revert back to ipv6cp.

                Out of curiosity I've disabled keep-alive and enabled verbosity logging so we'll see how it will go.

                After couple of days I'll share my results.

                Regards,
                Nick

                1 Reply Last reply Reply Quote 0
                • N Offline
                  Nikolay_Zhelev
                  last edited by

                  New discoveries:

                  The initial problem still persists, however I’ve discovered something very interesting.

                  Currently I'm located in UK. My pfsense router is in another country.

                  While I was talking with a person located at the same place as my router, using router’s local network, suddenly all traffic initiated from outside of my router’s network was blocked, but I was still able to communicate with the person using the local network. There was an Internet connection from the local network, but I was unable to access my router remotely, not even ping it.

                  I’ve contacted my ISP (router side) and they confirmed, that they are unable to test the channel, because the firewall (pfsense) is blocking everything.

                  Shortly, I was in a situation, where pfsense was blocking every incoming connection, but LAN side Internet access was fine.
                  After couple of minutes, pfsense dropped the PPPoE WAN connection and re-initiated it again. After that I was able to access the router remotely and everything was running as it should be.
                  When I checked the apinger log file there were two identical messages:

                  apinger: SIGHUP received, reloading configuration.

                  Any ideas, why that happened?

                  I’m looking forward to hearing from you.

                  Regards,
                  Nick

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S Offline
                    stephenw10 Netgate Administrator
                    last edited by

                    Not really I'm afraid.
                    That output you are seeing 'apinger: SIGHUP received' is apinger being told to reload for whatever reason, usually because the WAN address has changed or potentially changed. It should correspond with something else in the system logs giving a reason for the call.
                    http://en.wikipedia.org/wiki/SIGHUP#Modern_usage

                    So when this incident occurred you were still able to initiate new connections from inside the firewall but rules to allow traffic to the firewall from outside no longer appeared to function? Odd.

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • N Offline
                      Nikolay_Zhelev
                      last edited by

                      Hi Steve,

                      Thank you again for your time!

                      The wikipedia article is very nice, now I know what exactly SIGHUP is.

                      I think the situation becomes more clear now. Please correct me if I'm not on the right track, but I think this could be a firewall issue, rather than a PPPoE problem.

                      My ISP indeed closes the connection, by sending me SIGHUP signal, but I think that is the result of all inbound traffic being blocked randomly by my firewall (the issue I've experienced yesterday). If I'm not replying to any of the ISP request, then my ISP thinks that the connection is dead, therefore it closes the channel. Am I on the right track?

                      Regards,
                      Nick

                      1 Reply Last reply Reply Quote 0
                      • stephenw10S Offline
                        stephenw10 Netgate Administrator
                        last edited by

                        Nope that's not your ISP sending the SIGHUP signal that's internal signalling between processes in pfSense.
                        Check the ppp logs for what your ISP is sending.

                        Steve

                        1 Reply Last reply Reply Quote 0
                        • N Offline
                          Nikolay_Zhelev
                          last edited by

                          Thanks Steve!

                          I'm giving up. I'm trying to sort out this problem for 5 months and I just can't find what is wrong. I'm pretty sure that is some sort of very stupid mistake form my side, but I just can't find it.

                          I'm happy to pay to someone to trouble shoot the problem. Please let me know if someone is interested.

                          Regards,
                          Nick

                          1 Reply Last reply Reply Quote 0
                          • N Offline
                            Nikolay_Zhelev
                            last edited by

                            Dear fellows,

                            Finally the problem is solved!

                            That was quite a tricky problem, due to the fact that I was trouble shooting it from distance.

                            One of the computers behind the pfsense firewall was running uTorrent with enabled DHT. When the computer was ON and uTorrent was in IDLE mode (no active seeding/leeching, just the app running) the WAN interface was constantly dropping my PPPoE connection. However, when uTorrent was running (actively seeding/leeching), there is no problem, but as soon as it goes to IDLE - pfsense restarts all services.

                            As soon as I disabled DHT on uTorrent the problem disappeared. Unfortunately I couldn't identify why with DHT enabled and uTorrent in idle, pfsense was restarting the services, but at least the problem is gone.

                            More on the uTorrent issue: https://forum.pfsense.org/index.php?topic=93812.0

                            Thank for all the help.

                            Regards,
                            Nick

                            1 Reply Last reply Reply Quote 0
                            • First post
                              Last post
                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.