Pfsense goes down every morning
-
He's asking what the physical interface is. What brand NIC and possible which model. A cheap NIC is like using crappy fuel in a high performance car. Just by looking at the forums, the number one cause of issues is crappy NICs.
-
The NIC is physical NIC in the Qotom mini PC. Not sure of the brand. It is mounted on the mini PC motherboard.
-
That model has Realtek NICs, which may be the cause. Hard to say. realtek is hit and miss. Some work, some don't at all, and some in-between. The NIC is the single most important part of a firewall.
-
The re0 interface is flapping like crazy..
Is the nic directly connected to a modem? perhaps try putting a little switch in between? Or setting a fixed network link speed? Tried with a different cable?Below a subset of the system logging this go's on for a while until the reboot happens it seems.. With this happening there is little chance it will work properly at that time.. And afaik a link state change should normally only be logged due to physically removing/plugging-in the cable, or when there is some big trouble on or close to the physical layer..
Line 19: Sep 30 08:49:43 SexyEpicRouter kernel: re0: link state changed to UP Line 43: Sep 30 08:49:49 SexyEpicRouter kernel: re0: link state changed to DOWN Line 57: Sep 30 08:49:53 SexyEpicRouter kernel: re0: link state changed to UP Line 150: Sep 30 08:50:04 SexyEpicRouter kernel: re0: link state changed to DOWN Line 163: Sep 30 08:50:08 SexyEpicRouter kernel: re0: link state changed to UP Line 229: Sep 30 08:50:17 SexyEpicRouter kernel: re0: link state changed to DOWN Line 248: Sep 30 08:50:21 SexyEpicRouter kernel: re0: link state changed to UP Line 287: Sep 30 08:50:28 SexyEpicRouter kernel: re0: link state changed to DOWN Line 294: Sep 30 08:50:32 SexyEpicRouter kernel: re0: link state changed to UPMy 2 cents..
-
The re0 interface is flapping like crazy..
Is the nic directly connected to a modem? perhaps try putting a little switch in between? Or setting a fixed network link speed? Tried with a different cable?i did try a different cable and there wasn't any difference.
changed both WAN and LAN to "1000baseT <full-duplex>" from autoselect… maybe that will calm things down. although had to reboot the router becuase it lost the WAN gateway.
before rebooting, Also noticed that under services "unbound" is not started... there were errors regarding the unbound. tried to restart the service but to no avail.
I went ahead and purchased a dual intel nic mini pc to replace this one since the wife works from home and i need to get this up and running.. we will see what that does the network on monday night.</full-duplex>
-
Sunday morning and with the cable change and other items mentioned about (upnp and Nat), the network is at a crawl.
The status dashboard says that it is online. An public IP address is displayed. Oh and zero loss.All web pages are timing out if they can get through.
-
What happens with a 'ping 8.8.8.8 -t' on a workstation command-line. And a 'ping google.com' ?
What do the logfiles say today? Are there still link UP/DOWN or other messages in system log? Or unbound showing errors in dns log?
Are all status/services running? -
I went ahead and purchased a dual intel nic mini pc to replace this one since the wife works from home and i need to get this up and running.. we will see what that does the network on monday night.
Hope that solves this for you. Let us know
I came up with this filter to sift thru your system log a bit…
cat system.txt | cut -b 32- | sed -E -e 's/\[[0-9]+(:[0-9]+)?\]//g' -e 's/cookie\ is\ [0-9]+/cookie/g' -e 's/PIDS?:\ [0-9]+/PID_XXX/g' | sort | uniq -c | sort -rnShows 75 link down/up events on the NIC in a 6 hour timespan. That is definitely going to cause major issues no matter what, so you've got to stabilize that.
other comments – do you absolutely need avahi? If not, disable it. Same goes for pfBlocker. It's a great package but, at least until you have this problem sorted out, may make it harder to troubleshoot.
-
I came up with this filter to sift thru your system log a bit…
cat system.txt | cut -b 32- | sed -E -e 's/\[[0-9]+(:[0-9]+)?\]//g' -e 's/cookie\ is\ [0-9]+/cookie/g' -e 's/PIDS?:\ [0-9]+/PID_XXX/g' | sort | uniq -c | sort -rnShows 75 link down/up events on the NIC in a 6 hour timespan. That is definitely going to cause major issues no matter what, so you've got to stabilize that.
other comments – do you absolutely need avahi? If not, disable it. Same goes for pfBlocker. It's a great package but, at least until you have this problem sorted out, may make it harder to troubleshoot.
thanks for the script… I will not get to it tonight. funny thing is that Charter admitted that the area was having problems. Your handy script had the 75 up/downs to 8 in the last 12 hours. so that is an improvement. I am going to switch the hardware (with intel NICs) over this weekend when the wife is out of town.. :)
thanks...
-
What should I be looking for?
In Germany it is common that many of the ISPs are cutting the Internet connection once a day, could this be the
point you should also looking for?If there is a double NAT situation you could try out to set at the pfSense WAN settings a satic IP address from the
network of the router in front of that pfSense box. Because the DHCP lease will be out after xyz minutes/days/weeks
or so on.
