[SOLVED] WAN goes DOWN on MiniPC box (Intel network adapter)

stephenw10

Ok, that's some useful info.

Does it recover if you disconnect and re-connect the WAN Ethernet?

Does it correctly show as down when it's disconnected?

What is the WAN actually attached to? Can you power cycle that device?

If you run a packet capture on WAN do you see any packets leaving at all? Do the NIC activity LEDs show traffic on WAN?

Steve

AndrewGR

@stephenw10, thank you for your questions! Here is the answers (updated):

• Does it recover if you disconnect and re-connect the WAN Ethernet?
  No. (checked)

• Does it correctly show as down when it's disconnected?
  Yes. (checked)

• What is the WAN actually attached to? Can you power cycle that device?
  WAN attached to TP-LINK TL-SG1005D switch.
  There is one cable goes to I-net Provider, and there are two routers with white public IP-addresses connected to the switch.
  This setup works absolutely stable with the old router (Cisco RV220W), which I was planning to replace with this MiniPC+pfSense box.
  Yes, I have power cycled the TP-Link switch (changed the port as well), but that didn't help.

• If you run a packet capture on WAN do you see any packets leaving at all? Do the NIC activity LEDs show traffic on WAN?
  Packet capture: yes, I can see the packets leaving the WAN. See 0_1534322188558_packetcapture.txt
  NIC activity: yes, LEDs show the traffic activity properly.

I will switch back to the MiniPC box after EoB today, hopefully the issue will reappear tomorrow morning around 10am.

Any suggestions on other diag data / logs to check and collect?

Thank you, Steve, for your time! Really appreciate your help!

AndrewGR

Okay, it failed again with the same issue after around 15 hours.

I have updated my answers above according to the latest checks. I am getting the impression that Provider's Switch and my MiniPC+pfSense box just get into conflict with each other...

Additionally I did the following checks:

1. I have reassigned the WAN interface from igb3 to igb2 and rebooted the pfSense. But didn't get any success: main GW still was shown as offline.
2. I have connected the MiniPC bo directly to Internet Provider cable (excluding intermediate switch) - no success as well.

Thanks!

stephenw10

Hmm, so the packet capture shows pings leaving as expected. It does not show it ARPing for the gateway for example so it appears to be working correctly at layer 2.

Are you able to ping the other router on the switch?

Can you try swapping out the switch?

Can you packet capture anywhere else, on a switch mirror port perhaps?

Since you see link activity at the switch end during this outage we have to assume pfSense really is sending those ping requests and the replies are just not coming back. You might check the packet capture to make sure it is sending to the correct MAC though.

Steve

AndrewGR

Thank you, Steve! I am feeling that I am about to give up fighting with this issue. I will try to do suggested tests, but what I am planning next - is to install this MiniPC box in another location and test it there with another provider.
Will update this post once I have new input.

Thank you!

--
Andrew

AndrewGR

By the way, a quick clarification:

1. the MiniPC box has 4 lan ports, 1 of them is used for the WAN, and remaining 3 are added to the Bridge.
2. the MiniPC box also has a WiFi card, identified during boot as Ralink 802.11 n WLAN, RT3070. Which is also added to the Bridge together with 3 LAN ports. I have also tested by not adding the WiFi card to the Bridge and defined a separate network for it, but issue anyway was caught.

In case these facts may somehow be related to the issue discussed in this topic – pls., let me know!

Thank you!

stephenw10

The bridge won't help with performance (much better to use a switch) but it shouldn't affect WAN connectivity at all.

Steve

AndrewGR

Another question: I am using MAC address spoofing on the WAN interface (as it is registered with my ISP). Can it be a reason of the issue?
Thanks!

AndrewGR

Hi everyone,

It seems that I managed to fix the issue! Recently I have implemented set of changes which helped to stabilize MiniPC box behavior:

The changes were:

1. I avoid usage of MAC spoofing on WAN (by updating on ISP side MAC that is set for the WAN by hardware setting). – this is the most likely the reason of the issue described in this topic!
2. I have physically removed WiFi adapter, and as result – didn’t set up Wireless interface
3. I did not assign the remaining 2 LAN Ports (just left two default interfaces WAN and LAN)
4. As result – I didn’t create Bridge for the internal interfaces (LAN1, LAN2, LAN3, WIFI)

Now I will be adding back items 2-4 one by one and checking the result. Most probably the issue was exactly due to MAC spoofing, as both ports (WAN and LAN) were extensively used (with traffic like IP CCTV via IPsec), and only WAN had a MAC address spoofed and was going down.

Will update this post once Items 2-4 returned back.

Thanks everyone!

AndrewGR

The latest update: looks like the issue was solved!

I have returned back all the initial settings, except MAC address cloning (spoofing) on WAN interface. And now MiniPC box works absolutely fine!