Reboot SG3100 if internet goes down?
-
No that's not normal. Is there anything useful noted in the logs?
-
@steveits I'm new to Pfsense. Which logs should I look in?
-
Status/System Logs, the General and probably Gateways, perhaps DNS or Routing depending on what the problem is.
-
@dayve
Describe your WAN settings ?
You connected your SG3100 to what ?@steveits said in Reboot SG3100 if internet goes down?:
in the logs?
=> also the DHCP logs (if your using DHCP).
Stuff like this :
@dayve said in Reboot SG3100 if internet goes down?:
Is this normal and is there a way to have auto reboot if I loss my internet?
Not normal at all.
But, unfortunately, upstream devices, often the made at your disposal by your ISP can 'play by the book' or do whatever the want. Up to you to make pfSense cooperate with it.
For example : there are modems out there that er not easy to manage, some fine tuning is needed.
Anyway, an better answer is possible when you show details.Take note : it's possible to boot up pfSense with only a PC(device) hooked up to the LAN leaving the WAN port non connected.
Then, a couple of minutes later, you can connect the WAN, and your Internet connection is established.
If the WAN goes down, and comes back several seconds/minutes/hours later, the connection should be re established.There is are recent 'unbound' (DNS resolver) update available for the Netgate 3100 series.
Check out the forum for extra 'SG 3100' details. -
My WAN is connected to a Hitron CGN3U Cable modem. All settings in Pfsense for the WAN are default. Also have a second gateway that I use for NordVPN.
Here is when it went down System General logs.
I use NordVPN as my dnsresolver. I wonder if it has latency that's when the internet drops.
-
I experience exactly the same problem with my SG-5100. I don't see anything useful in the logs:
(Gateway)
Apr 13 02:37:08 dpinger 76219 WAN_DHCP 208.67.222.222: sendto error: 65
Apr 13 02:37:08 dpinger 76219 WAN_DHCP 208.67.222.222: sendto error: 65
Apr 13 02:36:48 dpinger 87852 WAN_DHCP6 2001:4860:4860::8888: Alarm latency 15126us stddev 8603us loss 22%
Apr 13 02:36:47 dpinger 76219 WAN_DHCP 208.67.222.222: Alarm latency 15301us stddev 19666us loss 22%(General log unfortunately does not go back far enough for me to see the same time frame).
-
@pfguy2018 22% packet loss is probably the start of the Internet outage, and the "sendto" is saying it can't send the packet.
Did you or @Dayve look at https://docs.netgate.com/pfsense/en/latest/troubleshooting/connectivity.html?
Status/System Logs/Settings has an option for how many log lines to display.
-
@steveits
I went through everything in this guide and every setting is fine.
I already have the log display set to the max, but the loss of internet happened in the middle of the night, with more than 2000 log entries being written subsequently and before I had a chance to copy the log. -
As you can see, the modem actually took the interface down.
And up a couple of seconds later.A WAN must have been set up, as dpinger starts to receive ping replies - as does your nordvpn connection, as it is build over your WAN connection.
To test and setup a WAN connection, do so first without VPN.
As soon as it is rock solid, and comes back also ok after a modem 'reset', then activate your VPN again.@pfguy2018 said in Reboot SG3100 if internet goes down?:
Apr 13 02:37:08 dpinger 76219 WAN_DHCP 208.67.222.222: sendto error: 65
dpinger tried to send pings over an interface that was shut down (DOWN). Normally, this means that the device (modem) on the other side of WAN cable hung up during a short period. This is what modems like to do ones in a while.
-
@gertjan said in Reboot SG3100 if internet goes down?:
dpinger tried to send pings over an interface that was shut down (DOWN). Normally, this means that the device (modem) on the other side of WAN cable hung up during a short period. This is what modems like to do ones in a while.
I should have been more clear - this was only a small snippet from the log. The same message was repeated over and over and over for hours, and did not stop until I rebooted. Prior to rebooting, I tried to release and renew the WAN interface, but this did not work. During this time, the WAN interface had an address of 0.0.0.0 instead of the proper IP address from my ISP.
-
@pfguy2018 said in Reboot SG3100 if internet goes down?:
During this time, the WAN interface had an address of 0.0.0.0 instead of the proper IP address from my ISP.
Logs from right before (5 seconds) to 2 minutes afterwards should show details.
Like dhcp-ciient restarting and reset the WAN IP.
Then it asks the ISP for an IP ....... and it repeats, and repeats ..... and no answer. So the IP stays 0. -
I've been having this issue as well and it reminded me of my old cisco cable modem which did the same, my solution at the time and still works here is placing an extra switch between the (bridged) cable modem and the sg-5100. Ymmv.
-
@itpp21 said in Reboot SG3100 if internet goes down?:
I've been having this issue as well and it reminded me of my old cisco cable modem which did the same, my solution at the time and still works here is placing an extra switch between the (bridged) cable modem and the sg-5100. Ymmv.
Interesting suggestion, which I will definitely follow! A couple of questions:
-
Will any gigabit switch do? Or does it have to be a managed switch instead of a simple switch?
-
Why does this work?
-
-
A netgear gs105 will do fine.
It works (assuming) because a fiber or cable modem go through several phases when booting which can throw off pfsense (the WAN side can go offline/online several times quickly and sometimes at online mode not really be ready), when the NIC is always up dpinger will detect a WAN link anyway and act properly after the WAN is really finished booting. With a switch in between pfsense doesn't need to deal with a rapid changing NIC status, which to me sounds like a conflict between rapid going up/down and attempting to get WAN info both at the same time.
Years ago when I had a cisco, that thing went up/down about 20 times before it finally stayed up leaving my firewall at the time totally baffled what was going on and ofcourse not wanting to going online.
-
@itpp21 said in Reboot SG3100 if internet goes down?:
A netgear gs105 will do fine.
It works (assuming) because a fiber or cable modem go through several phases when booting which can throw off pfsense (the WAN side can go offline/online several times quickly and sometimes at online mode not really be ready), when the NIC is always up dpinger will detect a WAN link anyway and act properly after the WAN is really finished booting. With a switch in between pfsense doesn't need to deal with a rapid changing NIC status, which to me sounds like a conflict between rapid going up/down and attempting to get WAN info both at the same time.
Years ago when I had a cisco, that thing went up/down about 20 times before it finally stayed up leaving my firewall at the time totally baffled what was going on and ofcourse not wanting to going online.
I wanted to thank you for your simple but effective suggestion. I stuck a Netgear unmanaged gigabit switch between the modem and WAN port of the SG5100 and rebooted. Then I tested by manually rebooting the modem while keeping the SG5100 powered on. Voila! As soon as the modem came back online, the pfSense WAN interface was up and everything worked! (before inserting the switch, I would have had to reboot pfSense after the modem rebooted in order to restore the WAN interface)
Thank you so much!
-
I lost my internet again last night. And it was doing so good. Can anyone see why in these logs? No internet until I logged in and rebooted.
-
@dayve what log are you looking? I have internet, but no interface.. I'm scared to bounce it again since I currently have internet.. I was looking at the interface last night.. I just got home and was surprised to seen no web interface
-
@wc2l It is from the General system logs. At the same time I got notified my server could not ping outside my network.