WAN interface stops working every few days.

stephenw10

It's 2.4.5p1. Because, yeah, this sure looks like #10414 in 2.4.5.

gawainxx

@stephenw10 said in WAN interface stops working every few days.:

The TTL exceeded message you are seeing from upstream when it happens still makes it look like some upstream routing problem to me.

If you are able to use the ISP router in there as a test though that would rule out an obscure pfSense issue.

Steve

I'm not using the ISP router for routing or dhcp atm, just handling the vlan tagged traffic to see if it has any influence...
I may have to suffer and try running a double NAT for a week or two though to see if the behaviour persists when ISP router handles traffic.

gawainxx

@stephenw10 said in WAN interface stops working every few days.:

It's 2.4.5p1. Because, yeah, this sure looks like #10414 in 2.4.5.

Interesting, I'll need to take a close look at that thread later. The webui does definately take several seconds to load when I initially try to access it while the gateway issues are occuring

stephenw10

If you are somehow hitting that still you would see high latency to the firewall itself from a LAN side client everytime you ran Status > Filter reload.

Steve

gawainxx

@stephenw10

hmm, manually doing a filter reload caused the ping to firewall to jump from 1 to 100ms for a single ping but nothing noteworthy aside from that.

I am however still using the ISP "Modem" (Truly a router) to handle the VLAN tagging, which i set up last night.

hugoeyng

@gawainxx I already faced this kind of trouble.
The latency starts growing until th Wan interface stops working.
A (not) solution was to turn monitoring IP to of.

Then I changed my ISP and both, the trouble and the ISP, desappeared.

gawainxx

@hugoeyng said in WAN interface stops working every few days.:

@gawainxx I already faced this kind of trouble.
The latency starts growing until th Wan interface stops working.
A (not) solution was to turn monitoring IP to of.

Then I changed my ISP and both, the trouble and the ISP, desappeared.

To verify, you changed the monitoring function/action off?
I'll add that to my to-do list.
Unfortunately the speed with my ISP is awesome and the pricing is reliable, unlike Comcast. I'd rather not go to Comcast if I can help it as it's tiresome to negotiate pricing once every year.

kuradeel

One more thing to check, is it possible that your machine is overheating? Specifically the network card? I've had a situation where the network card was malfunctioning and a reboot of the machine would not fix it. I physically had to shut the entire machine down (remove power) in order to fix the problem. I think it stems from the network card in particular overheating. If you have something blocking the airflow or the processors on the network card do not have heatsinks, then perhaps it's that. I had issues with a Broadcom card just generally so I switched to Intel and haven't looked back, except for when I have an overheating issue. Sounds like you have the issue at or around noon? Go on eBay and get something like the INTEL EXPI9404PTL PRO/1000 PT Quad Port PCIe card for like $30. Intel makes the best gigabit cards in my opinion.

gawainxx

@kuradeel
I doubt it, the r210 ii has excellent airflow and mobo, proc temps are all green.

This has happened with onboard as well as 3 different PCIe NICs 2x broadcom, 1x Intel all different chips

gawainxx

@hugoeyng said in WAN interface stops working every few days.:

@gawainxx I already faced this kind of trouble.
The latency starts growing until th Wan interface stops working.
A (not) solution was to turn monitoring IP to of.

Then I changed my ISP and both, the trouble and the ISP, desappeared.

Did already established connections continue to work without issue?

IE if I'm using splashtop and connected controlling a remote desktop I'm able to continue using it with no speed delay, however I'd be unable to reconnect once I disconnect.

hugoeyng

@gawainxx System/Routing/Gateways
Edit the Gateway and disable monitoring.

Remembering that it is not a solution but a way to get it working.

hugoeyng

@gawainxx I am not able to answer this question.

gawainxx

@hugoeyng said in WAN interface stops working every few days.:

@gawainxx System/Routing/Gateways
Edit the Gateway and disable monitoring.

Remembering that it is not a solution but a way to get it working.

Crapped out again, going to give this a try to see if it makes a difference.

gawainxx

Nope, Issue occured again 1 hour later....

Guess I'm going to throw the ISP's provided "Modem" (router) in as my main internet and double nat for a bit so that I can rule out whether it's something weird with PPPOE in pfsense, it'll also give me an escalation path as I'd be using the ISP's hardware.....

Port forwarding configuration with this config is going to suck though.

akuma1x

@gawainxx Lots of ISP modems have a "DMZ" feature. You could use this, if available, since it will pass ALL (or most) ports right into the pfsense WAN port. Once there, you can deal with the pfsense box doing the port forwarding, like it was at the edge of your network.

Jeff

gawainxx

@akuma1x said in WAN interface stops working every few days.:

@gawainxx Lots of ISP modems have a "DMZ" feature. You could use this, if available, since it will pass ALL (or most) ports right into the pfsense WAN port. Once there, you can deal with the pfsense box doing the port forwarding, like it was at the edge of your network.

Jeff

Thanks, I'm working with this right now. This should help me rule out pfsense because i can directly interface with the modem if needed and this provices a path for escalating with the ISP.

gawainxx

Welp, It's definitely an ISP issue.. it just happened to coincide with me swapping the pfsense box.

Issue occured twice today, the second time I was home and able to test some things.
Pings to the ISP modem/router had little to no latency from behind pfsense whereas pings to 8.8.8.8 or 8.8.4.4 had incredibly high latency and packet loss.

I then connected my laptop directly to the ISP modem/router and did pings with the same results. Rebooted the ONT to get internet back.

The good news is my network setup isn't to blame but this means that I'll likely need to go through a long painstaking process of trying to get a resolution through the ISP.

stephenw10

Urgh. Good luck!

At least you have some sort of answer I guess.

The fact existing connections stay working really makes it seem like some sort of state exhaustion. that would still have to be somewhere upstream though if pfSense is doing PPPoE, the USB router would not see those states.

Steve