SG-1100 has uplink but no connection to ISP gateway
-
My SG-1100 is configured for a static IP from my local ISP. It has an uplink to the ISP’s ONT:
Still there is no connectivity to the ISP’s gateway:
When I assign the same IP to my laptop and connect it directly, it can connect. My ISP’s support says that that points to a problem with my router, and I would have to agree.
ISP Support and I have taken all these usual troubleshooting steps:
- Reboot the ONT
- Reboot the router
I have not
- Reset the SG-1100 to factory settings and reload settings from a very recent backup
- Reinstalled the firmware on the SG-1100
To reset it to factory settings, will have to connect it to a serial terminal? I have a RS-232-to-USB adapter, but is from the early 2000s, and I don’t think there are 64-bit drivers for it.
Any other suggestions?
-
What mask did you put on your wan address. For you to have a .27 the mask would have to be no smaller than /27 (0.0.0.0 - 0.0.0.31) 255.255.255.224.. Did you maybe make it a /32 which I believe it defaults to?
When you connect your laptop, can it ping that gateway address?
If the gateway does not answer ping then yes pfsense would think the connection is offline.
Do you get mac address for the gateway in your arp table?
-
Thanks @johnpoz!
Here is what I found:
That is the subnet mask given to me by the ISP.
The ARP table shows the gateway, and I verified with a representative of the ISP that the MAC address is correct:
Does this provide any clues?
Oh, and yes, I can ping the gateway from my laptop, when it assumes the IP address my router is supposed to have and connects directly.
-
Would any of these symptoms be consistent with a bad connection inside of the Ethernet connector? I mean, could it be that there is a single wire that’s not making contact while all the other are, and I would get an Up status on the WAN port? I am not familiar enough with the Ethernet hardware layer.
-
Highly unlikely anything wrong with the cable if it comes up and shows link and does gig as the connection.
Again when you connect your laptop and it works - can you ping the gateway? I would assume you would use the same cable - so that would test it the cable as well.
If gateway doesn't answer ping you can always mark it as online. Or pick some other upstream IP to ping that does answer.
You see a mac address and its in your arp table. So seems to me just not answer ping, if pfsense thinks your gateway is down, then no nothing is going to work.
-
@dominikhoffmann your wan interface appears to be on a vlan ?
might be better to provide all relevant information instead of bits and pieces
-
@johnpoz: Yes, I can ping the gateway from my laptop, when hooked up directly. That rules out any hypothesis that the gateway ceased responding to pings recently.
-
@heper: I appreciate your input! That appears to be normal:
This is a configuration I have not changed from the default.
@heper said in SG-1100 has uplink but no connection to ISP gateway:
might be better to provide all relevant information instead of bits and pieces
I apologize! I only know to provide what I initially understand to be relevant. I am relying on pointers from @johnpoz and you to learn what else might be insightful.
-
@dominikhoffmann said in SG-1100 has uplink but no connection to ISP gateway:
I apologize! I only know to provide what I initially understand to be relevant.
Hi,
as John said, it is likely that GW not respond to PING...
(although this is contradicted by a direct laptop connection)perform a test with a known DNS server IP for GW monitor
I am already saying, - yes, not the solution, but it is a test...
then perform a "tracert" and search for a nearby upstream IP that responds to PING
(as much as possible to the accuracy of the GW parameter, whic is measured by pfSense - dpinger)
-
@heper said in SG-1100 has uplink but no connection to ISP gateway:
your wan interface appears to be on a vlan ?
this does not mean that there is no PING response
just watch my ONT setting,.... with VLAN.... (and there is GW PING)
-
Not enough experience with ont sort of devices - but with say cable modems. If you change the device connected them (the mac) you need to power cycle them.
Have you powercycled the device between changing between laptop and pfsense?
I take it you have done that since you do mention rebooting it.
You could sniff on pfsense and if its sending out pings, but not getting an answer - then yeah its going to show offline. I would do a packet capture and validate that.. Then maybe ask the isp why that is happening.. Showing them the sniff saying hey - sending pings, to this ip/mac - why no answer..
-
@johnpoz said in SG-1100 has uplink but no connection to ISP gateway:
Have you powercycled the device between changing between laptop and pfsense?
As long as the cable modem requires a power cycle, the ONT responds immediately and assigns a new IP from the range based on the MACs.
so it mentions OP ONT, so the above process is not necessary here
BTW:
package capture is a good idea
-
I now works. After resetting the SG-1100 to factory settings and only changing it from being a DHCP client on the WAN to the static IP assigned by the ISP, I made another call to the ISP, because short of refreshing the device there was nothing left to try. Their ARP table had my laptop’s MAC address lodged in it, from when I had hooked it up straight to the ONT. Once the support rep cleared that MAC address, I started getting connectivity.
There is no telling what had been wrong initially.
The ONT (optical network terminal) doesn’t get rebooted by the customer. It is something the ISP can do remotely, though, and they did that initially. Their troubleshooting steps apparently do not involve doing that for everything.
Thanks to all for helping! I certainly learned something.
-
@dominikhoffmann said in SG-1100 has uplink but no connection to ISP gateway:
Their ARP table had my laptop’s MAC address lodged in it
Yeah that for sure would cause you grief ;) Glad you got it sorted.. But wouldn't you be able to remove power from the ont? That would for sure reboot it --- heheh.
-
@dominikhoffmann said in SG-1100 has uplink but no connection to ISP gateway:
I certainly learned something.
even from my ISP (L2 eng.) age I can think of these, which were the rigid settings of the network security:
DHCP MAC Address Exclusion List
Prerequisites for GPON DHCP Leasequerythese are parameters configured on the "head - end" that are sometimes good, sometimes bad
-
@johnpoz: So would that ISP ARP table reside in the ONT or in their data center equipment. I am not sure how transparent the ONT is. As far as I understand it is merely a physical-layer bridge.
-
Normally a true hardware bridge wouldn't have a arp table.. But I am not up to speed on those devices..
They are a bit more involved than just a simple bridge.. Do you have a specific model number.. There are many different ways an ISP might be setup.. I doubt the device they deployed to you is just a simple hardware bridge..
-
@dominikhoffmann said in SG-1100 has uplink but no connection to ISP gateway:
As far as I understand it is merely a physical-layer bridge.
They can be configured in different ways, as several types of services are available through it (DATA, VoIP, IPTV, etc).
They (ONT) usually do not act as a network bridge, this is how ARP appears:
(All configurations are received from OLT after proper authentication, therefore difficult to hack)
https://community.fs.com/blog/components-and-architecture-of-gpon-ftth-access-network.html
in bridge mode, f.e PPPoE or IPoE.:
https://forum.huawei.com/enterprise/en/huawei-ont-bridge-mode-introduction/thread/498679-100181I know Huawei in your place is not current, but it is a good description
-
@daddygo: “Mathematics: The Beautiful Language of the Universe”
Mathematics is the body of truths about numbers. Truth is the Logos, the second person of the Trinity who said about himself, “I am the Truth, the Way, and the Life.”
-
@dominikhoffmann said in SG-1100 has uplink but no connection to ISP gateway:
Mathematics is the body of truths about numbers.
Hmmm,
Yeah, I graduated with a degree in mathematics in the early 90s, but I don't remember it anymore...
BTW:
I didn't rotate the Bible much, only once I read it, because I think it’s mandatory...
somehow in my reading, math and faith, opposite poles
