Interface with my AP cuts out regularly

mh13

@JKnott I'm not sure what you mean about a switch port on a different device. I was wondering if my netgate device was seeing something that caused it to administratively shut down & then bring back up one of its own switch ports, like how a watchdog service will restart a service once it spots an issue

JKnott

@mh13 said in Interface with my AP cuts out regularly:

I'm not sure what you mean about a switch port on a different device.

PfSense doesn't know what's out there. It just sees a valid Ethernet connection. The device could be anything, including a switch, computer, routers, AP, whatever. Since it doesn't know what's out there, there is nothing it could do to cause a port on that switch to shut down. There is no direct connection between ports on a switch, just the circuits that receive a frame on one port and forward it to another. There is no mechanism for one switch port to control another.

stephenw10

Yeah, pfSense does not shut down the switch ports like that. They can be set to stop forwarding or to a bad link type etc but that only happens when the switch is configured not in reaction to anything else. If it was you would see it on the internal port, mvneta1 if that's an SG-3100.
Do you have just the Windows client connected via wifi to the AP and that to the pfSense switch port via the PoE injector?
No other switches etc?

Try putting a switch in between if you can. If the switch port logs stop, and nothing else is logged, in pfSense but you still lose connectivity it's something in the AP most likely.

Steve

mh13

While I did not put a switch in between, as suggested, I do not have the same problem when this same AP is plugged in to a different brand router/firewall of mine. I just did this today. I was streaming a video that kept cutting out (looked like it was stopping & buffering a bunch of times but the netgate was giving me those "interface down"-type messages like I posted originally during those times). When I moved the AP over to my other brand firewall, the buffering look & cutting out stopped completely. It may be something about the AP, but it's got to be [at least also] something about the netgate that is more sensitive or something.

johnpoz

Could be an issue with negotiations with the AP interface and the Nic.. What router did you plug it into? If some soho device prob just a switch port.

What box is pfsense running on?

stephenw10

It's certainly not an issue I've seen on any of our switch port devices. Putting a switch in between would be a good test.
If it is a link negotiation issue you could potentially set both sides to a fixed speed/duplex.

Steve

johnpoz

@stephenw10 said in Interface with my AP cuts out regularly:

If it is a link negotiation issue you could potentially set both sides to a fixed speed/duplex.

if you he wants to set to 100 or 10 sure, but that is not something you should ever do with a gig interface... Didn't we just go over that ;)

stephenw10

Yup, indeed. Hence I added potentially in there.

Whilst you should not ever need to set fixed 1G, and you can I would argue it's an invalid setting, if both ends allow setting that you might as well try it. Assuming it i a link neg issue at all. Prove that first with a switch in between.

mh13

I put a switch in between, and now the issue has cleared up. Thanks for the suggestion. So @johnpoz or @stephenw10 why would one not set a fixed speed at 1000 for an interface? I can think of a time where I had to do that on a firewall that defaulted to 10000 so if you had a gig connection, you had to specify. Why under normal circumstances would someone not do that vs. being able to do it with 10/100? What am I missing? I've just not heard that line before

JKnott

@mh13

In general, the rule is to use auto-negotiate, unless you have a specific reason to lock the connection. One example is with fibre media converters, which only operate at 1 Gb. If you set one end to a fixed rate, then you must also set the other end the same way. Also, if you do that, make sure it's recorded or marked, so that someone doesn't just move the cable from one switch port to another and all of a sudden, a problem appears. Some places use different colour cables to identify special ones. However, auto-negotiate generally works as advertised, so just leave it at that.

mh13

@JKnott So is it mostly because it's an old school process, fixing a speed, and it was more done in the 10/100 days?

Derelict

All gigabit copper is autonegotiate. Period.

You used to have to hard-set a port to match another hard-set port on the other end of the link or autonegotiate on one side only could mis-negotiate the correct speed/duplex. All 1000BaseT ports must have autonegotiate enabled.

Leave it set at the default, usually autonegotiate. That is almost never the incorrect setting.

Specifically setting autonegotiate can cause an extra ifconfig and a port down/up that results in a death spiral of each side going down/up in response to the other.

JKnott

@mh13 said in Interface with my AP cuts out regularly:

@JKnott So is it mostly because it's an old school process, fixing a speed, and it was more done in the 10/100 days?

I don't ever recall it being old school process. I only recall it being done when necessary. One of the advantages of multiple speed switches is you didn't have to worry about what was connected to what port. You just plugged it in and it worked.

JKnott

@Derelict said in Interface with my AP cuts out regularly:

All gigabit copper is autonegotiate. Period.

Not quite. I have worked with some fibre media converters, as I mentioned above, that were fixed at 1 Gb.

Derelict

I said copper

stephenw10

I forget what port speed settings you might have on a Unifi AP, if any. I doubt you want to have it connected at 100Mb so really the only thing you could do there is if it offers a fixed 1G speed, try it. Set the same in pfSense, you have nothing to lose.

Just to be clear though I agree with what has been said here, Gigabit copper should always be auto negotiation otherwise.

Steve

JKnott

@Derelict said in Interface with my AP cuts out regularly:

I said copper

One side of those converters is copper.

Derelict

Right but it will be limited to "converting" the media on the other side, which 1Gbit fiber.

Not the same thing.

If you want the same thing, use a switch to "convert" from fiber to copper.