Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem: WAN PPPoE reconnects multiple times every day

    Scheduled Pinned Locked Moved General pfSense Questions
    17 Posts 4 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      Nikolay_Zhelev
      last edited by

      Hi fellows,

      An update to my case:

      I've updated from pfSense 2.1.5 to 2.2 couple of days ago and today the problem came again.

      Feb 15 11:02:53 system log: check_reload_status: Rewriting resolv.conf
      Feb 15 11:03:02 gateway log: apinger: SIGHUP received, reloading configuration.
      Feb 15 11:02:53 ppp log: ppp: [wan_link0] LCP: state change Opened –> Stopping

      I really need some help. I've contacted my ISP and they confirmed, that other users on my street connected to the same switch didn't have any connection drop, which means the problems is in my box.

      Any ideas?

      I'm looking forward to hearing from you guys.

      Kind Regards,
      Nick

      1 Reply Last reply Reply Quote 0
      • N Offline
        Nikolay_Zhelev
        last edited by

        A quick update:

        I've checked my quality graphs for the time when the reconnection occurred, there are no drops and no packet losses. There are no apinger gateway down event, no alarm is triggered, which makes me think, that internal process is sending sighup to close the pppoe connection.

        Is that possible and how can I identify that?

        Regards,
        Nick

        1 Reply Last reply Reply Quote 0
        • N Offline
          Nikolay_Zhelev
          last edited by

          Hi fellows,

          I started digging in my pppoe configuration files and I came across one unusual thing:

          As seen from the picture below, my wan interface configuration is set to IPv4 -> PPPoE and IPv6 -> None (my ISP offers me only IPv4 static address).

          but when I checked my mpd_wan.conf file, located in /var/etc/ the content was "set bundle enable ipv6cp", as seen from the code below:

          startup:
          	# configure the console
          	set console close
          	# configure the web server
          	set web close
          
          default:
          pppoeclient:
          	create bundle static wan
          	set bundle enable ipv6cp
          	set iface name pppoe0
          	set iface route default
          	set iface disable on-demand
          	set iface idle 0
          	set iface enable tcpmssfix
          	set iface up-script /usr/local/sbin/ppp-linkup
          	set iface down-script /usr/local/sbin/ppp-linkdown
          	set ipcp ranges 0.0.0.0/0 0.0.0.0/0
          	set ipcp enable req-pri-dns
          	set ipcp enable req-sec-dns
          	#log -bund -ccp -chat -iface -ipcp -lcp -link
          
          	create link static wan_link0 pppoe
          	set link action bundle wan
          	set link disable multilink
          	set link keep-alive 10 60
          	set link max-redial 0
          	set link disable chap pap
          	set link accept chap pap eap
          	set link disable incoming
          	set link mtu 1492
          	set auth authname "username@isp.com"
          	set auth password isppassword
          	set pppoe service ""
          	set pppoe iface re1
          	open
          
          

          I found this a bit unusual, therefore I started looking from where the mpd_wan.conf file is generated.

          I traced the source to: etc/inc/interfaces.inc where I noticed, that by default the "set bundle enable" line is set to ipv6cp, ignoring the web interface "None" selection. Also, I noticed, that "keep-alive 10 60" is set by default, without any option to disable it.

          Unfortunately I don't have deep knowledge in scriting and I'm not sure whether I'm correct in my troubleshooting, so I'll appreciate your comments here.

          Shall I change ipv6cp in interfaces.inc to ipcp and also disable keep-alive, by setting "keep-alive 0 60" or not?

          Regards,
          Nick

          1 Reply Last reply Reply Quote 0
          • stephenw10S Offline
            stephenw10 Netgate Administrator
            last edited by

            Interesting find. Do what you like in /var, it gets rebuilt at boot anyway. Backup the old file first if you mod anything else.

            Some input from a higher source:
            https://forum.pfsense.org/index.php?topic=32653.msg168773#msg168773

            Steve

            1 Reply Last reply Reply Quote 0
            • N Offline
              Nikolay_Zhelev
              last edited by

              Hi Steve,

              Thank you very much for your reply!

              I've backed up mpd_wan.conf and interfaces.inc and changed the "set bundle enable ipv6cp" to "set bundle enable ipcp" in the mpd_wan.conf. Also I modified interfaces.inc, because otherwise after reboot it will revert back to ipv6cp.

              Out of curiosity I've disabled keep-alive and enabled verbosity logging so we'll see how it will go.

              After couple of days I'll share my results.

              Regards,
              Nick

              1 Reply Last reply Reply Quote 0
              • N Offline
                Nikolay_Zhelev
                last edited by

                New discoveries:

                The initial problem still persists, however I’ve discovered something very interesting.

                Currently I'm located in UK. My pfsense router is in another country.

                While I was talking with a person located at the same place as my router, using router’s local network, suddenly all traffic initiated from outside of my router’s network was blocked, but I was still able to communicate with the person using the local network. There was an Internet connection from the local network, but I was unable to access my router remotely, not even ping it.

                I’ve contacted my ISP (router side) and they confirmed, that they are unable to test the channel, because the firewall (pfsense) is blocking everything.

                Shortly, I was in a situation, where pfsense was blocking every incoming connection, but LAN side Internet access was fine.
                After couple of minutes, pfsense dropped the PPPoE WAN connection and re-initiated it again. After that I was able to access the router remotely and everything was running as it should be.
                When I checked the apinger log file there were two identical messages:

                apinger: SIGHUP received, reloading configuration.

                Any ideas, why that happened?

                I’m looking forward to hearing from you.

                Regards,
                Nick

                1 Reply Last reply Reply Quote 0
                • stephenw10S Offline
                  stephenw10 Netgate Administrator
                  last edited by

                  Not really I'm afraid.
                  That output you are seeing 'apinger: SIGHUP received' is apinger being told to reload for whatever reason, usually because the WAN address has changed or potentially changed. It should correspond with something else in the system logs giving a reason for the call.
                  http://en.wikipedia.org/wiki/SIGHUP#Modern_usage

                  So when this incident occurred you were still able to initiate new connections from inside the firewall but rules to allow traffic to the firewall from outside no longer appeared to function? Odd.

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • N Offline
                    Nikolay_Zhelev
                    last edited by

                    Hi Steve,

                    Thank you again for your time!

                    The wikipedia article is very nice, now I know what exactly SIGHUP is.

                    I think the situation becomes more clear now. Please correct me if I'm not on the right track, but I think this could be a firewall issue, rather than a PPPoE problem.

                    My ISP indeed closes the connection, by sending me SIGHUP signal, but I think that is the result of all inbound traffic being blocked randomly by my firewall (the issue I've experienced yesterday). If I'm not replying to any of the ISP request, then my ISP thinks that the connection is dead, therefore it closes the channel. Am I on the right track?

                    Regards,
                    Nick

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S Offline
                      stephenw10 Netgate Administrator
                      last edited by

                      Nope that's not your ISP sending the SIGHUP signal that's internal signalling between processes in pfSense.
                      Check the ppp logs for what your ISP is sending.

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • N Offline
                        Nikolay_Zhelev
                        last edited by

                        Thanks Steve!

                        I'm giving up. I'm trying to sort out this problem for 5 months and I just can't find what is wrong. I'm pretty sure that is some sort of very stupid mistake form my side, but I just can't find it.

                        I'm happy to pay to someone to trouble shoot the problem. Please let me know if someone is interested.

                        Regards,
                        Nick

                        1 Reply Last reply Reply Quote 0
                        • N Offline
                          Nikolay_Zhelev
                          last edited by

                          Dear fellows,

                          Finally the problem is solved!

                          That was quite a tricky problem, due to the fact that I was trouble shooting it from distance.

                          One of the computers behind the pfsense firewall was running uTorrent with enabled DHT. When the computer was ON and uTorrent was in IDLE mode (no active seeding/leeching, just the app running) the WAN interface was constantly dropping my PPPoE connection. However, when uTorrent was running (actively seeding/leeching), there is no problem, but as soon as it goes to IDLE - pfsense restarts all services.

                          As soon as I disabled DHT on uTorrent the problem disappeared. Unfortunately I couldn't identify why with DHT enabled and uTorrent in idle, pfsense was restarting the services, but at least the problem is gone.

                          More on the uTorrent issue: https://forum.pfsense.org/index.php?topic=93812.0

                          Thank for all the help.

                          Regards,
                          Nick

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.