(Resolvido) System logs - Server perdendo comunicação de rede

cr1stt0f3r

Olá, boa tarde a todos.

Estou tendo problemas em meu servidor cair a comunicação de rede esporadicamente, só sendo possível restabelecer desligando ou reiniciando.
Este problema acontecia com bem mais frequência quando os macs eram fixados na tabela arp no dhcp server. Após desmarcar estas opções dos hosts cadastrados, o problema diminuiu.
Contudo, ainda continua a cair a comunicação e perder todo e qualquer acesso ao server.

Outra coisa que encontrei no log de dns forwarder, foi logs sobre uma alias de liberacao do skype para o SSL, coisa que nao faço uso. Apaguei inclusive a alias e mesmo assim continua..

Poderiam me ajudar?

Jan 16 18:07:41	filterdns		adding entry 40.80.146.203 to table SkypeHost on host get.skype.com
Jan 16 18:07:41	filterdns		adding entry 23.101.158.111 to table SkypeHost on host a.config.skype.com
Jan 16 18:07:42	filterdns		adding entry 23.202.114.161 to table SkypeHost on host apps.skype.com
Jan 16 18:07:42	filterdns		adding entry 157.55.56.157 to table SkypeHost on host dsn13.d.skype.net
Jan 16 18:07:42	filterdns		adding entry 157.55.235.166 to table SkypeHost on host dsn13.d.skype.net
Jan 16 18:07:42	filterdns		adding entry 65.55.223.47 to table SkypeHost on host dsn13.d.skype.net
Jan 16 18:07:42	filterdns		adding entry 157.56.52.23 to table SkypeHost on host dsn13.d.skype.net
Jan 16 18:07:42	filterdns		adding entry 157.55.235.156 to table SkypeHost on host dsn13.d.skype.net
Jan 16 18:07:42	filterdns		adding entry 64.4.23.174 to table SkypeHost on host dsn13.d.skype.net
Jan 16 18:07:42	filterdns		adding entry 157.55.56.173 to table SkypeHost on host dsn13.d.skype.net
Jan 16 18:07:42	filterdns		adding entry 64.4.23.147 to table SkypeHost on host dsn13.d.skype.net
Jan 16 18:07:42	filterdns		adding entry 104.105.151.165 to table SkypeHost on host apps.skypeassets.com
Jan 16 18:07:42	filterdns		adding entry 40.76.16.168 to table SkypeHost on host dr.skype.net
Jan 16 18:07:42	filterdns		adding entry 40.112.151.48 to table SkypeHost on host dr.skype.net
Jan 16 18:07:42	filterdns		adding entry 104.42.229.24 to table SkypeHost on host dr.skype.net
Jan 16 18:07:42	filterdns		adding entry 40.112.136.77 to table SkypeHost on host dr.skype.net
Jan 16 18:07:42	filterdns		adding entry 40.114.5.95 to table SkypeHost on host dr.skype.net
Jan 16 18:07:42	filterdns		adding entry 40.122.211.15 to table SkypeHost on host dr.skype.net
Jan 16 18:07:42	filterdns		adding entry 104.208.29.147 to table SkypeHost on host dr.skype.net
Jan 16 18:07:42	filterdns		adding entry 40.78.159.153 to table SkypeHost on host dr.skype.net
Jan 16 18:07:42	filterdns		adding entry 13.67.180.128 to table SkypeHost on host api.asm.skype.com
Jan 16 18:07:42	filterdns		adding entry 91.190.219.146 to table SkypeHost on host api.skype.com
Jan 16 18:07:42	filterdns		adding entry 189.4.69.9 to table SkypeHost on host www.skypeassets.com
Jan 16 18:07:42	filterdns		adding entry 189.4.69.10 to table SkypeHost on host www.skypeassets.com
Jan 16 18:07:42	filterdns		adding entry 157.56.109.8 to table SkypeHost on host ui.skype.com
Jan 16 18:07:42	filterdns		adding entry 91.190.218.112 to table SkypeHost on host secure.skype.com
Jan 16 18:07:42	filterdns		adding entry 91.190.219.145 to table SkypeHost on host login.skype.com
Jan 16 18:07:42	filterdns		failed to resolve host config.skype.com will retry later again.
Jan 16 18:07:42	filterdns		adding entry 65.55.252.167 to table SkypeHost on host s.gateway.messenger.live.com
Jan 16 18:07:42	filterdns		adding entry 40.117.100.83 to table SkypeHost on host pipe.skype.com
Jan 16 18:07:42	filterdns		adding entry 40.117.100.83 to table SkypeHost on host mobile.pipe.aria.microsoft.com

chipbr

quando a comunicação "cai", você nao consegue acessar a GUI do pfsense nem pelo IP ? ele pinga?

cr1stt0f3r

Isto, nao consigo acessar pelo GUI nem pelas portas wan.
Sem resposta de ping em nenhuma porta.
Ironicamente está ocorrendo a pouco tempo, pois estava em producao sem problemas a mais de um mes.

hardware novo..

chipbr

VM ou físico?

Já verificou se não é algum recurso de economia de energia, hibernação, etc?
é mais comum do que parece, principalmente em hardware novo que vem com isso ativo por padrão.

cr1stt0f3r

Sim, já conferi isto antes de coloca-lo em producao..

O engraçado que ele estava funcional por mais de 1 mes, depois passou a perder a comunicação..

cheguei a formatar e comecar do zero, mas continuou a repetir.

Troquei os patchcord de todas as placas e mudei o dns para "dns resolver".
Acompanhar em como ele vai se comportar hoje..
Obrigado!

charadasu

Bom dia!

Será que não seria algum serviço parando? por exemplo o servidor DHCP? habilita o ssh Secure Shell Server no pfsense assim consegue acessar ele via putty na tela preta, "mais sem IP não vai conseguir", continuando.., tenta diminuir as configurações do servidor, deixa o mais padrão possível, pois você disse que estava funcionando bem talvez deve ser algo que você mudou dentro desse período que provocou isso…

boa sorte..

cr1stt0f3r

Agradeço a todos que estão acompanhando essa novela..

Instalei o ntopng e olhei o system logs novamente, e filtrando, apareceu estes logs..
Os ips 172 são de minha rede interna, aparanta ser ataque de syn flood, fazendo com que o server caia por completo..
O bom que os horarios coincidem com as quedas, então já temos um norte!

Pelo que pude entender do log, parece ser um host atacando o outro.. se for isto, porque o server estaria "no meio" dessa briga? rs

Alguma recomendação?
Instalei o snort, mas não sei configurar nada deste aplicativo..

Jan 18 12:05:21	ntopng		1484748321|2|1|0|Host [172.16.2.54](/lua/host_details.lua?host=172.16.2.54&ifname=re1) is a SYN flooder [87919 SYNs sent in the last 3 sec] TCP 172.16.2.54:52409 > 172.16.2.42:7680 [proto: 0/Unknown][87919/0 pkts][5802654/0 bytes][SYN]
Jan 18 12:05:21	ntopng		1484748321|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is under SYN flood attack by host 172.16.2.42 [87919 SYNs received in the last 3 sec] TCP 172.16.2.54:52409 > 172.16.2.42:7680 [proto: 0/Unknown][87919/0 pkts][5802654/0 bytes][SYN]
Jan 18 12:07:41	ntopng		1484748461|2|1|0|Host [172.16.2.55](/lua/host_details.lua?host=172.16.2.55&ifname=re1) is a SYN flooder [72691 SYNs sent in the last 3 sec] TCP 172.16.2.55:62399 > 172.16.2.42:7680 [proto: 0/Unknown][72691/0 pkts][4797606/0 bytes][SYN]
Jan 18 12:07:41	ntopng		1484748461|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is under SYN flood attack by host 172.16.2.42 [72691 SYNs received in the last 3 sec] TCP 172.16.2.55:62399 > 172.16.2.42:7680 [proto: 0/Unknown][72691/0 pkts][4797606/0 bytes][SYN]
Jan 18 12:08:42	ntopng		1484748522|2|1|0|Host [172.16.2.54](/lua/host_details.lua?host=172.16.2.54&ifname=re1) is a SYN flooder [83189 SYNs sent in the last 3 sec] TCP 172.16.2.54:52529 > 172.16.2.42:7680 [proto: 0/Unknown][83189/0 pkts][5490474/0 bytes][SYN]
Jan 18 12:08:42	ntopng		1484748522|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is under SYN flood attack by host 172.16.2.42 [83189 SYNs received in the last 3 sec] TCP 172.16.2.54:52529 > 172.16.2.42:7680 [proto: 0/Unknown][83189/0 pkts][5490474/0 bytes][SYN]
Jan 18 12:09:43	ntopng		1484748583|2|1|0|Host [172.16.2.54](/lua/host_details.lua?host=172.16.2.54&ifname=re1) is a SYN flooder [1569602 SYNs sent in the last 3 sec] TCP 172.16.2.54:52529 > 172.16.2.42:7680 [proto: 0/Unknown][1569602/0 pkts][103593732/0 bytes][SYN]
Jan 18 12:09:43	ntopng		1484748583|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is under SYN flood attack by host 172.16.2.42 [1569602 SYNs received in the last 3 sec] TCP 172.16.2.54:52529 > 172.16.2.42:7680 [proto: 0/Unknown][1569602/0 pkts][103593732/0 bytes][SYN]
Jan 18 12:11:01	ntopng		1484748661|2|1|0|Host [172.16.2.55](/lua/host_details.lua?host=172.16.2.55&ifname=re1) is a SYN flooder [71939 SYNs sent in the last 3 sec] TCP 172.16.2.55:62431 > 172.16.2.42:7680 [proto: 0/Unknown][71939/0 pkts][4747974/0 bytes][SYN]
Jan 18 12:11:01	ntopng		1484748661|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is under SYN flood attack by host 172.16.2.42 [71939 SYNs received in the last 3 sec] TCP 172.16.2.55:62431 > 172.16.2.42:7680 [proto: 0/Unknown][71939/0 pkts][4747974/0 bytes][SYN]
Jan 18 12:12:02	ntopng		1484748722|2|1|0|Host [172.16.2.55](/lua/host_details.lua?host=172.16.2.55&ifname=re1) is a SYN flooder [1555575 SYNs sent in the last 3 sec] TCP 172.16.2.55:62431 > 172.16.2.42:7680 [proto: 0/Unknown][1555575/0 pkts][102667950/0 bytes][SYN]
Jan 18 12:12:02	ntopng		1484748722|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is under SYN flood attack by host 172.16.2.42 [1555575 SYNs received in the last 3 sec] TCP 172.16.2.55:62431 > 172.16.2.42:7680 [proto: 0/Unknown][1555575/0 pkts][102667950/0 bytes][SYN]
Jan 18 12:13:03	ntopng		1484748783|2|1|0|Host [172.16.2.55](/lua/host_details.lua?host=172.16.2.55&ifname=re1) is a SYN flooder [3037430 SYNs sent in the last 3 sec] TCP 172.16.2.55:62431 > 172.16.2.42:7680 [proto: 0/Unknown][3037430/0 pkts][200470380/0 bytes][SYN]
Jan 18 12:13:03	ntopng		1484748783|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is under SYN flood attack by host 172.16.2.42 [3037430 SYNs received in the last 3 sec] TCP 172.16.2.55:62431 > 172.16.2.42:7680 [proto: 0/Unknown][3037430/0 pkts][200470380/0 bytes][SYN]
Jan 18 12:14:04	ntopng		1484748844|2|1|0|Host [172.16.2.55](/lua/host_details.lua?host=172.16.2.55&ifname=re1) is a SYN flooder [4518129 SYNs sent in the last 3 sec] TCP 172.16.2.55:62431 > 172.16.2.42:7680 [proto: 0/Unknown][4518129/0 pkts][298196514/0 bytes][SYN]
Jan 18 12:14:04	ntopng		1484748844|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is under SYN flood attack by host 172.16.2.42 [4518129 SYNs received in the last 3 sec] TCP 172.16.2.55:62431 > 172.16.2.42:7680 [proto: 0/Unknown][4518129/0 pkts][298196514/0 bytes][SYN]
Jan 18 12:15:05	ntopng		1484748905|2|1|0|Host [172.16.2.55](/lua/host_details.lua?host=172.16.2.55&ifname=re1) is a SYN flooder [5999820 SYNs sent in the last 3 sec] TCP 172.16.2.55:62431 > 172.16.2.42:7680 [proto: 0/Unknown][5999820/0 pkts][395988120/0 bytes][SYN]
Jan 18 12:15:05	ntopng		1484748905|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is under SYN flood attack by host 172.16.2.42 [5999820 SYNs received in the last 3 sec] TCP 172.16.2.55:62431 > 172.16.2.42:7680 [proto: 0/Unknown][5999820/0 pkts][395988120/0 bytes][SYN]
Jan 18 12:48:07	ntopng		[Redis.cpp:79] ERROR: ntopng requires redis server to be up and running
Jan 18 12:48:07	ntopng		[Redis.cpp:80] ERROR: Please start it and try again or use -r
Jan 18 12:48:07	ntopng		[Redis.cpp:81] ERROR: to specify a redis server other than the default
Jan 18 12:48:27	ntopng		[HTTPserver.cpp:503] ERROR: Unable to start HTTP server (IPv4) on ports 3000: Address already in use
Jan 18 13:50:36	ntopng		1484754636|2|1|0|Host [172.16.2.45](/lua/host_details.lua?host=172.16.2.45&ifname=re1) is a SYN flooder [79305 SYNs sent in the last 3 sec] TCP 172.16.2.45:59664 > 172.16.2.46:7680 [proto: 0/Unknown][79305/0 pkts][5234130/0 bytes][SYN]
Jan 18 13:50:36	ntopng		1484754636|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [79305 SYNs received in the last 3 sec] TCP 172.16.2.45:59664 > 172.16.2.46:7680 [proto: 0/Unknown][79305/0 pkts][5234130/0 bytes][SYN]
Jan 18 13:51:57	ntopng		1484754717|2|1|0|Host [172.16.2.45](/lua/host_details.lua?host=172.16.2.45&ifname=re1) is a SYN flooder [89416 SYNs sent in the last 3 sec] TCP 172.16.2.45:59669 > 172.16.2.46:7680 [proto: 0/Unknown][89416/0 pkts][5901456/0 bytes][SYN]
Jan 18 13:51:57	ntopng		1484754717|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [89416 SYNs received in the last 3 sec] TCP 172.16.2.45:59669 > 172.16.2.46:7680 [proto: 0/Unknown][89416/0 pkts][5901456/0 bytes][SYN]
Jan 18 13:54:09	ntopng		1484754849|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is a SYN flooder [70603 SYNs sent in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][70603/0 pkts][4659798/0 bytes][SYN]
Jan 18 13:54:09	ntopng		1484754849|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [70603 SYNs received in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][70603/0 pkts][4659798/0 bytes][SYN]
Jan 18 13:55:10	ntopng		1484754910|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is a SYN flooder [1554599 SYNs sent in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][1554599/0 pkts][102603534/0 bytes][SYN]
Jan 18 13:55:10	ntopng		1484754910|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [1554599 SYNs received in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][1554599/0 pkts][102603534/0 bytes][SYN]
Jan 18 13:56:11	ntopng		1484754971|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is a SYN flooder [3037317 SYNs sent in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][3037317/0 pkts][200462922/0 bytes][SYN]
Jan 18 13:56:11	ntopng		1484754971|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [3037317 SYNs received in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][3037317/0 pkts][200462922/0 bytes][SYN]
Jan 18 13:59:22	ntopng		1484755162|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is a SYN flooder [65429 SYNs sent in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][65429/0 pkts][4318314/0 bytes][SYN]
Jan 18 13:59:22	ntopng		1484755162|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [65429 SYNs received in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][65429/0 pkts][4318314/0 bytes][SYN]
Jan 18 13:59:38	ntopng		[HTTPserver.cpp:503] ERROR: Unable to start HTTP server (IPv4) on ports 3000: Address already in use
Jan 18 14:00:23	ntopng		1484755223|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is a SYN flooder [1548430 SYNs sent in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][1548430/0 pkts][102196380/0 bytes][SYN]
Jan 18 14:00:23	ntopng		1484755223|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [1548430 SYNs received in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][1548430/0 pkts][102196380/0 bytes][SYN]
Jan 18 14:01:24	ntopng		1484755284|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is a SYN flooder [3028865 SYNs sent in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][3028865/0 pkts][199905090/0 bytes][SYN]
Jan 18 14:01:24	ntopng		1484755284|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [3028865 SYNs received in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][3028865/0 pkts][199905090/0 bytes][SYN]
Jan 18 14:04:13	ntopng		1484755453|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is a SYN flooder [61861 SYNs sent in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][61861/0 pkts][4082826/0 bytes][SYN]
Jan 18 14:04:13	ntopng		1484755453|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [61861 SYNs received in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][61861/0 pkts][4082826/0 bytes][SYN]
Jan 18 14:04:29	ntopng		[HTTPserver.cpp:503] ERROR: Unable to start HTTP server (IPv4) on ports 3000: Address already in use
Jan 18 14:05:14	ntopng		1484755514|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is a SYN flooder [1543965 SYNs sent in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][1543965/0 pkts][101901690/0 bytes][SYN]
Jan 18 14:05:14	ntopng		1484755514|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [1543965 SYNs received in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][1543965/0 pkts][101901690/0 bytes][SYN]
Jan 18 14:06:33	ntopng		1484755593|2|1|0|Host [172.16.2.42](/lua/host_details.lua?host=172.16.2.42&ifname=re1) is a SYN flooder [80223 SYNs sent in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][3092304/0 pkts][204092064/0 bytes][SYN]
Jan 18 14:06:33	ntopng		1484755593|2|1|0|Host [172.16.2.46](/lua/host_details.lua?host=172.16.2.46&ifname=re1) is under SYN flood attack by host 172.16.2.46 [80223 SYNs received in the last 3 sec] TCP 172.16.2.42:53429 > 172.16.2.46:7680 [proto: 0/Unknown][3092304/0 pkts][204092064/0 bytes][SYN]

chipbr

veja este topico

https://forum.pfsense.org/index.php?topic=88659.0

cr1stt0f3r

Pelo que entendi, é: As maquinas internas estao gerando tanto flood que o ntop esta registrando aos milhares, fazendo o server inflar ao ponto de não retornar respostas pelas placas de rede?

Bastando desativar os alertas do ntop? "Disables all alerts generated by ntopng, such as flooding notifications."

cr1stt0f3r

Olá, para aqueles que por acaso cair neste tópico, ainda estou a testar o meu problema..
Diversas vezes achei que poderia ser algum problema físico:
Formatei servidor, troquei servidor, troquei placa de rede, troquei switch, nada mudou.

Troquei o SO do server original, pelo endian.
Não houve falha alguma.. só me deixando imaginar que está havendo algum ataque das minhas estações para o servidor ou em broadcast..

O que encontrei de diferente no SO é que ele já vem padrão com tudo bloqueado, apenas com algumas regras pra liberacao de http, https, dns, pop, imap e etc, o resto não realiza acesso, por falta de cadastro.

Montei uma terceira maquina com o pfsense nas mesmas metricas, com regras basicas apenas para uso.
Irei realizar o teste em rede em breve!

Retornarei com atualizações disto. abraços!

![firewall pfsense2.PNG_thumb](/public/imported_attachments/1/firewall pfsense2.PNG_thumb)
![firewall pfsense2.PNG](/public/imported_attachments/1/firewall pfsense2.PNG)
![firewall pfsense.PNG_thumb](/public/imported_attachments/1/firewall pfsense.PNG_thumb)
![firewall pfsense.PNG](/public/imported_attachments/1/firewall pfsense.PNG)

cr1stt0f3r

Olá, boa tarde.

Confirmando o meu problema, é na minha rede interna!
Após desconectar o backbone de um setor especifico, a comunicação do servidor volta ao normal.
Imagino que os equipamentos sejam incompatíveis ou algum cliente da rede com problemas ou infectado. Estou em fase de analise, mas de todo modo, não é um problema ou característica do PFSense.
Agradeço a atenção daqueles que me ajudaram, seja por aqui ou por Skype!

Abraços!

empbilly

@cr1stt0f3r:

Olá, boa tarde.

Confirmando o meu problema, é na minha rede interna!
Após desconectar o backbone de um setor especifico, a comunicação do servidor volta ao normal.
Imagino que os equipamentos sejam incompatíveis ou algum cliente da rede com problemas ou infectado. Estou em fase de analise, mas de todo modo, não é um problema ou característica do PFSense.
Agradeço a atenção daqueles que me ajudaram, seja por aqui ou por Skype!

Abraços!

Boa sorte na resolução!! :D

Edite teu primeiro post e no titulo coloque como [RESOLVIDO].

cr1stt0f3r

Refinando o problema: No setor, imaginava que poderia ser alguma camera ou computador..
Acabou que a culpa era de um router tp-link.

Removi e tudo voltou ao normal!

Cheguei a tentar fazer update do firmware bem como desativar o maximo de funcoes agregadas, mas continuou a derrubar a rede toda..

Dei baixa no equipamento e o usei para acender uma fogueira.

Abraço amigos! ;D