pfSense not recovering from WAN event
-
I have an SG-3100 with the WAN port connected to a cable modem. Every month or so I have a WAN event from which pfSense does not automatically recover and which forces me to log in to pfSense to correct. Obviously this doesn't work when I am off site, so I'm hoping to find a fix.
Here is what I see when everything is working properly:
Here is the log during the event (having stripped out a ton of arpresolve messages):
May 25 05:05:57 check_reload_status Reloading filter
May 25 05:05:57 check_reload_status updating dyndns wan
May 25 05:05:52 check_reload_status Restarting ipsec tunnels
May 25 05:05:52 php-fpm /rc.linkup: Gateway, none 'available' for inet6, use the first one configured. ''
May 25 05:04:35 php-fpm /rc.linkup: HOTPLUG: Configuring interface wan
May 25 05:04:35 php-fpm /rc.linkup: DEVD Ethernet attached event for wan
May 25 05:04:34 kernel mvneta2: link state changed to UP
May 25 05:04:34 check_reload_status Linkup starting mvneta2
May 25 05:03:56 check_reload_status Reloading filter
May 25 05:03:55 php-fpm 21418 /rc.linkup: DEVD Ethernet detached event for wan
May 25 05:03:54 check_reload_status Linkup starting mvneta2
May 25 05:03:54 kernel mvneta2: link state changed to DOWN
May 25 05:03:53 kernel arpresolve: can't allocate llinfo for 84.73.88.1 on mvneta2
.
.
.
May 25 04:54:42 kernel arpresolve: can't allocate llinfo for 84.73.88.1 on mvneta2
May 25 04:54:48 check_reload_status Reloading filter
May 25 04:54:48 check_reload_status updating dyndns wan
May 25 04:54:44 check_reload_status Restarting ipsec tunnels
May 25 04:54:44 php-fpm /rc.linkup: Gateway, none 'available' for inet6, use the first one configured. ''
May 25 04:53:29 php-fpm /rc.linkup: HOTPLUG: Configuring interface wan
May 25 04:53:29 php-fpm /rc.linkup: DEVD Ethernet attached event for wan
May 25 04:53:28 kernel mvneta2: link state changed to UP
May 25 04:53:28 check_reload_status Linkup starting mvneta2
May 25 04:53:00 php-fpm /rc.openvpn: Gateway, none 'available' for inet6, use the first one configured. ''
May 25 04:52:59 check_reload_status Reloading filter
May 25 04:52:59 check_reload_status Restarting ipsec tunnels
May 25 04:52:59 check_reload_status updating dyndns WAN_DHCP
May 25 04:52:59 rc.gateway_alarm 70646 >>> Gateway alarm: WAN_DHCP (Addr:84.73.88.1 Alarm:1 RTT:10.524ms RTTsd:6.587ms Loss:21%)
May 25 04:52:49 check_reload_status Reloading filter
May 25 04:52:48 php-fpm /rc.linkup: DEVD Ethernet detached event for wan
May 25 04:52:47 kernel mvneta2: link state changed to DOWN
May 25 04:52:47 check_reload_status Linkup starting mvneta2After that I am left with this:
I can resolve the issue by clicking Release and then Renew.
Can anyone explain what is happening and why pfSense doesn't recover from this on its own?
Through experimentation I found that I can apparently simulate the Release/Renew steps by killing and relaunching dhclient. So a hack might be to set up a cron job to periodically do this. (I haven't tested this with an actual WAN event. I just see that killing and restarting dhclient makes the WAN status page update the way it does when I click the buttons.)
Is that a reasonable approach? Any other suggestions?
Thanks!!
-
Which ISP? Could be this problem:
https://forum.netgate.com/topic/112869/dhclient-on-wan-occasionally-fails-to-renew-lease-with-cable-isp
https://redmine.pfsense.org/issues/7416
https://forum.netgate.com/topic/121939/verbindungsabbr%C3%BCche (German). In this thread there is also a patched dhclient to fix this problem, but x86 only.-Rico
-
Hmm, it's similar to those. After some more searching, it's exactly this: https://forum.netgate.com/topic/127403/auto-renew-dhcp-after-outage/31
Hoping the fix to dhclient gets implemented soon. Til then I will try the included script.
-
Ooo, that's nasty! Looks like that patch has not made it into 2.5 yet. Are you able to test a 2.5 snapshot if we can get it included?
Steve
-
Yes!