Have I Found a bug?
-
@guardian What DNS servers are you using on your network? Or, it could be your ISP has a low refresh time (maybe too low) on your WAN IP address, and it's getting reset.
From your logs above:
"pfSense package system has detected an IP change or dynamic WAN reconnection"Do you have your Gateway Monitoring set to "kill states on gateway failure"?
Jeff
-
@akuma1x said in Have I Found a bug?:
could be your ISP has a low refresh time (maybe too low) on your WAN IP address, and it's getting reset.
Thanks for the reply Jeff @akuma1x - It is more likely that the dnsresolver isn't functioning. I have my system configured so the unbound DNS resolver is responsible for all DNS resolution.
AFAIK the lease is 1 week, and based on log, I expect that the lease might have just expired, and renewed. The provider has ip reservation based on hardware/customer id/etc, so IP is unlikely to change-and didn't in this case. It is possible that the IP address might temporairly be set to the default configuration IP address of the gateway before it the IP gets refreshed - I have no way of knowing.
Do you have your Gateway Monitoring set to "kill states on gateway failure"?
How do I set this?
-
@guardian This setting is found in:
System -> Advanced -> Miscellaneous -> Gateway Monitoring
And general gateway settings talked about in the pfsense book:
https://docs.netgate.com/pfsense/en/latest/book/routing/gateway-settings.htmlBy the way, you technically DON'T want to set the gateway states to be killed on a "gateway down" event. It is most useful, and I'm pretty sure required, when you have a multi-WAN setup.
Jeff
-
@guardian said in Have I Found a bug?:
Sep 17 17:05:54 guardian kernel: em0: link state changed to DOWN
That's your WAN right? It looks like it actually lost link for a minute or so and then was flapping for a a while after that. Is it directly connected to the modem? I would say the modem rebooted and whatever you saw just before that was it failing for some reason.
Also is that a USB KVM you have connected to it that keeps connecting and disconnecting? It would be much better if that didn't happen.
Steve
-
Thanks for the reply @akuma1x, @stephenw10 -- individual responses below, but I think that the issue might be unbound becoming confused by a momentary loss of connection (the gateway address becomes something like 192.168.0.10 until the modem reconnects -- and on reconnection it gets the same IP address back [Not a guaranteed static IP, but I've only seen it change every 2 or 3 years unless I change the mac address of my router). As it stands I am letting unbound do resolution right to the root servers, since I don't like the idea of one entity handling my DNS queries, but I'm thinking that maybe I should reexamine this strategy.
@akuma1x said in Have I Found a bug?:
@guardian This setting is found in:
System -> Advanced -> Miscellaneous -> Gateway Monitoring
And general gateway settings talked about in the pfsense book:
https://docs.netgate.com/pfsense/en/latest/book/routing/gateway-settings.htmlBy the way, you technically DON'T want to set the gateway states to be killed on a "gateway down" event. It is most useful, and I'm pretty sure required, when you have a multi-WAN setup.
Jeff
Thanks for the detailed info Jeff... I looked and can confim that "State Killing on Gateway Falure" is DISABLED.
@stephenw10 said in Have I Found a bug?:
@guardian said in Have I Found a bug?:
Sep 17 17:05:54 guardian kernel: em0: link state changed to DOWN
That's your WAN right? It looks like it actually lost link for a minute or so and then was flapping for a a while after that. Is it directly connected to the modem? I would say the modem rebooted and whatever you saw just before that was it failing for some reason.
You got that, it is the WAN. - I think the lease might have rolled over (7 days). Yes, pfSense is connected directly to the modem (modem in bridge mode).
I don't think the instability lasted more than about 20 seconds or so (just a guess), but I find it interesting that I didn't reboot the modem, just pfSense.
I think @akuma1x might have got it right that it was a DNS issue.... I was able to ping an IP address, but name resolution wasn't working.
Also is that a USB KVM you have connected to it that keeps connecting and disconnecting? It would be much better if that didn't happen.
Correct again Steve... that's exactly what is happening, but I don't know what to do about it.... I need access to a console sometimes (times like the one we are talking about). It's been happening for the last 5+ Years, so other than a ton of log spam, I don't know think it is a problem. (Anything I'm missing?)
-
I'm on Rogers too and find them to be rock solid, though it's impossible to rule out interruptions with any provider. Also, they would have nothing to do with the GUI. I'd start looking at problems with what you're running pfSense on.
-
I would not expect it to lose link to the modem whatever the dhcp lease state it. That seems like a problem.
The fact the modem hands it a private IP also seems to confirm that. It will only do that when it loses sync with the upstream cable.
You should add the modems private IP to the 'reject leases from' field in the WAN dhcp setup so pfSense never pulls a private IP which is known to cause problems.Steve
-
Thanks @JKnott / @stephenw10
@JKnott said in Have I Found a bug?:
I'm on Rogers too and find them to be rock solid, though it's impossible to rule out interruptions with any provider. Also, they would have nothing to do with the GUI. I'd start looking at problems with what you're running pfSense on.
It hasn't been a huge problem... AFAIK just the last 2 lease renewals caused. Maybe they would have cleared if I gave them time, but I intervened by resetting the router and/or modem.
What modem are you using? I have a CODA-4582U... I think it is about 2 years old (can't remember exactly)... I assume that the F/W gets updated remotely when the modem boots.
@stephenw10 said in Have I Found a bug?:
I would not expect it to lose link to the modem whatever the dhcp lease state it. That seems like a problem.
The fact the modem hands it a private IP also seems to confirm that. It will only do that when it loses sync with the upstream cable.Agreed... I believe there was a brief loss of sync (but it's just a guess).
You should add the modems private IP to the 'reject leases from' field in the WAN dhcp setup so pfSense never pulls a private IP which is known to cause problems.
Just checked that setting I noticed that I had 192.168.100.1 blocked which is the login for the customer admin screen for the modem. I don't know if I should be blocking 192.168.0.1 as well, or if will prevent reconnection entirely.
**As I said in an earlier post, I thinking that I may have unbound set up incorrectly since it handles ALL DNS (any traffic on port 53 is redirected to unbound to prevent programs using their own dns) on my network back to the root servers.
Anything I should check out that might cause unbound to get confused by a momentary loss like the one indicated in the log?
Is there an easy way to restart unbound from the command line? If it happens again, I would like to try that first before resetting anything. If that clears it, then I'll be closer to figuring it out -- and maybe I'll be lucky and not see another event for a month or two.... who knows.**
Thanks again for the support.
-
I have a Hitron, but I don't recall the model.
-
You have to block whichever DHCP server is handing you that private lease.
It only blocks dhcp it won't stop you accessing the modem.Steve