WAN Connection flatlines ever now and then

Anakha56

Forgot version number of PFSense, sorry.

Version is 2.3.4-Release. I do see 2.3.4_1 and will schedule an update after hours on Monday evening. But this problem was also happening with the version previous to 2.3.4.

Anakha56

So according to this graph it does not appear to be an mbuf issue? :/

Does anyone have any suggestions for me to try? Heck if I could pay for a once off support session I would gladly do it…

not_mbuf.PNG_thumb

heper

these errors indicate the packet to the NIC, but the NIC was unable to send on the wire, it fills the buffer until its full.

what type of NICs are in this system?
how many states are in use?
are you gettings interface errors ?

or i could just link to the docs …..
https://doc.pfsense.org/index.php/No_buffer_space_available
;)

i'm guessing its a faulty NIC or a bad driver (realtek?). It might have worked flawless on a slower connection & started to act up once you got your speed boosted ...

Anakha56

@heper thank you for the response and apologies for the late reply.

1: I have no idea what NIC's are on this box but I may have found the information by using```
dmesg | More


2: I am not sure how to read the how many states are in use part. Going Diagnostics --> States, lets just say there a lot of states open the page goes on and on... If I were to reset the states what would happen?

3: Is there an easy way to get interface error logs only? If I go Status --> Interfaces for both NICs there are no in/out errors or collisions as of now but when the problem happens again I will be sure to check this page.

Regarding the page you have linked thats how I found myself to the tuning page. When the issue happens again I will try bouncing the NIC via the ifconfig command, I take it I would have to specify the NIC I want to bounce? So```
ifconfig em3 down; ifconfig em3 up
```the em3 part should match the NIC I want?

It is not a virtual NIC and there are no traffic shaping rules or limiters in place. I also dont have a spare NIC if it is the NIC that is faulty but hopefully with your assistance I can find out if it is indeed the NIC or something else that maybe faulty.

Thank you for your assistance, if anyone else wants to help out please do :).

heper

not familiar/never heard of sundance nics. realtek is famous for being flaky on FreeBSD.
the sundance one might be "stge0' / the realtek one should be "re0'

to see the number of states in use, you could visit status–>monitoring

personally i'd try with a different set of nic (but i always got some spare ones laying around in the back of my car ....)

Anakha56

@heper so this morning it went down again. I checked which interface is the WAN side and it is the Sundance at stge1 so I ran```
ifconfig stge1 down; ifconfig stge1 up


So would that say that the NIC is faulty/driver issue with FreeBSD?

Anakha56

Morning All,

Apologies for resurrecting the thread but some new information has come to light in a sense. I have not had the time to pull the network card and try a different one so it is still very possible that the card is at fault.

I have worked out that the issue is with the VPN clients, when the guys remotely log into the system with OpenVPN and are doing work after an indeterminate amount of time the connection flat lines and I use the command mentioned above to get it up and running again.

Would this still indicate a network card hardware failure? Or could it be a software configuration that might be the issue?

Derelict

Network interface.

Anakha56

:)

Simple answer like that is very reassuring. We recently took offline the LTE firewall so I will take a card from that and see what happens. Never replaced a card in PFSense before so I assume from the software side when it boots up that PFSense will automatically pick up the new card and I will just have to assign it as the WAN connection?

Thank you for the reply, much appreciated. :)

Derelict

The best thing to do is probably install the new NIC and boot from a USB memory stick installer or CD and see what the NICs enumerate as.

If your installation is fairly simple, as in no laggs, vlans, etc, it is a pretty good bet the interface reassignment will work fine.

If it is more complicated you might want to edit the configuration and change the physical interface names.

Regardless you probably want to back up the configuration, reinstall fresh, connect to LAN, and restore the configuration.

I would have a console connected through this evolution.

Anakha56

Very simple setup over here. No VLANS configured on the firewall and it looks like it is a default PFSense install with some changes to get Internet connectivity and VPN access. I always make a backup of the config before doing anything, learnt that lesson the hard way before :). Thank you for your advice :).