Internet Keeps going down
-
Mostly I use DNS forwarder because i subscribe to AirVPN and they have a PFsense setup guide and DNS forwarder is how he sets it up, but I haven't even got that far yet. The resolver is just the default setting for the PFsense install, I literally didn't touch anything after install. Pretty sure my ISP offers DNS but I just default installed and waited for it to go down.
I could reset it back to gateway mode for sure to test, at this point I will do anything. For number 3, yes I could do that as well.
when the firewall goes down, sometimes I can ping the firewall from my computer, sometimes I cannot. Sometimes there is a yellow exclamation mark by the network connection, sometimes not. All the time I can SSH into the console and mostly I cannot ping from there..
I posted a pic of my network above but here it is again… It is a little more complex than this but for right now, this is how it is, just keeping it basic to get this thing working..
https://drive.google.com/open?id=0B4IAV3fk9yIYT3VUQ3pzeFFEbWM
Really would like to narrow it down to a hardware or software problem, my wife thinks I'm an idiot but I have much invested into Pfsense and don't want to give up.
-
Sloooow down a bit… One step at a time.
Try the switch and lets see which interface is actually dropping when you lose connection.
-
@chpalmer for sure, i want to be methodical in doing this.
how did you want me to wire up the switch to test? just cable modem wan to switch, then one port of switch to wan of pfsense and another port directly to another Pc?
-
I will standby in read only mode. If/when you determine its your modem it looks like when you put it back in gateway mode, at the login you should get the numbers I requested.
-
thanks Mike, appreciate your help very much.
-
Put it in series. Modem - Switch - Router. If the connection goes down again then you will see which interface drops independently of the other.
Mike- you saying you can't reach your modems GUI in bridge mode either? Really makes no sense to me as cable is not a "tunneled" connection like a PPP or VPN connection would be. Notice that modem in the video I linked to is in bridge mode already as the user is showing the options…
The firewall does not by default block connections outbound to 192.168.0.1 unless you are using 192.168.0.0/ as your LAN as well.
-
like this? sorry for the crude drawing..
https://drive.google.com/open?id=0B4IAV3fk9yIYSDEyMl84SDQ3UzA
-
You dont need the PC on the switch.
-
i would just be able to tell because the lights on the switch?
-
Yep- thats the idea. Otherwise you could try putting 192.168.0.(2-254) in your laptop as a static IP and see if you can reach the modem while plugged into the switch.
But since you reported that the interface lights also go out during these occasions this should tell you which device is doing it.
-
Quick update. Got home, internet was down again after a day of nobody being home. Old computer has been in since yesterday, trying to eliminate my new computer being the problem. I could ping Pfsense and it would respond, i SSH into the box and couldn't ping out. No yellow exclamation on networking icon and no indication that the internet wasn't working except I couldn't surf anything.
Here is a pic of desktop
https://drive.google.com/open?id=0B4IAV3fk9yIYb0laYmxhY3ctcW8
what I did was take the crappy $20 switch out which connects all my lan and replaced it with my Cisco. I also added another Cisco switch in series like chpalmer said. I pulled the Intel dual NIC card and replaced it with my original one. My wife reminded me that all these problems started when i got the new router and newer network card, so now I have the old dual Intel PCIe NIC back in my old computer.
$700 router and all Cisco equipment, kind of frustrating. I am hoping that maybe it is that dual NIC. I also had to reinstall PFsense because when i replace the NIC and try to reboot PFsense, it just endlessly rebooted, would not load.
I also tried disabling DNS forwarder and DNS resolver but it didn't work, so I put them back on.
:)
-
Seems you have ruled out your new motherboard at least.
Good luck! ;)
-
I also tried disabling DNS forwarder and DNS resolver but it didn't work, so I put them back on.
Both of them?
-
one at a time. I am beginning to think it is partly a dns setting problem. . I have always used forwarder in the past.
-
DNS won't cause a link to go down but broken DNS makes the whole internet look broken.
If it is your ISPs DNS servers, using the resolver should completely bypass that, assuming those are the servers you're forwarding to.
-
at this point I have no idea, i am just reading up on the right setup of DNS on my PFsense box. Do you have any suggestions? ever since I have used resolver I seem to have these problems unless it is a coincedence.. I checked use DNS forwarder, put nothing in the DNS settings on the general page and Allow DNS servers to be over written by DHCP. On the dashboard it says 127.0.0.1 and then what appears to be my isp DNS numbers.
-
Honestly, I don't know. You're sort of all over the place.
I think you need to slow down and take a step back, simplify your setup, and see what's really going on.
Is the WAN link physically going down or not? If so, it's not DNS.
If you cannot browse but can ping 8.8.8.8, it might be DNS. If you can't ping 8.8.8.8 it's likely not DNS.
If your ISP DNS servers are unreliable, you should be using the DNS Resolver or pointing your DNS Forwarder to more reliable servers like google or OpenDNS using System > General Setup.
-
Derelict,
it's funny because it has been all of that, it isn't the same all the time. Sometimes when the internet is down, i ssh into the box and the WAN link isn't there, sometimes it is. Sometimes I cannot browse but when I ssh into the console I can ping 8.8.8.8, sometimes I can't. There just doesn't seem to be a pattern, i feel like I am chasing a moving target. I have been running PFsense for the last year and a half and it has been stable, really just happened as soon as I updated my router so I went back to old computer and still having problems.
-
I think maybe when you're running in circles everything looks like a moving target.
Not trying to insult or belittle, but it would be pretty surprising for you to be experiencing all sorts of different failures with any regularity unless your ISP totally sucks. (First your link goes down, then their DNS servers are down, then your link goes down again, then there's routing instability, etc.)
If you are experiencing random, unrelated failures it is going to be nearly impossible for anyone on an internet forum to provide a solution.
If it fails:
What is the exact nature of the failure? What is the exact error message?
Ping out increasing one hop out at a time.
Ping google DNS 8.8.8.8.
Use dig/drill to query the name servers you have configured. Know what name servers are given to you by your ISP if that's what you're doing so you can query them directly.
Do all of these things when everything is working so you know what it looks like.
Do a traceroute to 8.8.8.8 and keep a record so you know what the hops are. Ping them when everything is working so you know if ping is blocked or not.
-
If you are losing the interface on the NICs have you tried a switch between the modem and Pfsense? Maybe there is some kind NIC issue going on.
