Pfsense needs to be restartet in case of pppoe 24h disconnect



  • Hi,

    since I have upgraded my pf from 1.2 stable to 1.3 (1.3-ALPHA-ALPHA built on Tue Aug 12 19:22:04 EDT 2008 FreeBSD 7.0-RELEASE-p3) my pf needs to be restartet when my provider does an 24h disconnect.
    Log shows that no gateway can be reached. If I try to disconnect the Interface manually nothing happens by clicking on disconnect…
    When I restart my pf everything is normal again (for the next 24h to the next disconnect from provider)

    Same configuration worked fine with 1.2 stable.

    Any known bugs?

    Provider: Interroute Germany, PPPOE dialin with 16MBit ADSL+ T-Com
    pf is virtualized under vmware-server with 2 nics. One nic is directly attached to the dsl-modem.

    Sry for bad english ;-)

    regards

    SiD



  • I have noticed the same behavior. If ISP revokes lease on pppoe address there is no more connectivity. Wan interface is pppoe with automatic reconnect checked and set not to disconnect an idle connection. ISP is embarq/sprint adsl the box is an alix with 1.3 full install on a microdrive. The behavior and logs are identical to what is reported above.



  • what happens if you do not reboot the box but hit the save button under interfaces -> wan ?
    does pfsense reconnect then ?



  • Hi, if I save the Interface/WAN Page there is an error shown on the page:

    Fatal error: Cannot unset string offsets in /usr/local/www/interfaces_wan.php on line 366 
    


  • No ideas?  :-[

    I´ve updated to today-build, don´t know where to look….



  • Had the same behaviour too. I have a Wimax-based ISP and they have frequent disconnections. When it happens, Pfsense does not automatically reconnect. Disconnect button does not work no matter how many times I click on it. If I go to Interfaces -> WAN and click "SAVE" then it's working again, no need to restart the computer.

    However, I must always double check on the Interface -> WAN page because the Type always revert to "Static" instead of "PPPoE".

    Running latest 1.3 ALPHA on a VA Linux 1221. Updated the firmware yesterday with the pfSense-20080823-2015.img but the status page still shows "built on Fri Aug 15 16:26:59 EDT 2008".

    Hope this helps.

    ArkAngel



  • You need to use the update files, not the img files as these are the embedded disk images.



  • @databeestje:

    You need to use the update files, not the img files as these are the embedded disk images.

    Thanks, started to use the auto-update sunday, much better. But if I remember right, there are img files for the full install and images for the embedded. I never used the embedded. If I did not used the right image I think it would not have permitted the firmware upgrade.

    ArkAngel



  • Hi,

    the problem is still present and i think its a major bug for pppoe users, who cannot use it for wan connections. In germany nearly all DSL Providers give only pppoe access. If i just hit the "save" Button under my WAN Interface it took along time until the webinterface reacts to it (it seems to be frozen, also if i try to access it while he is restarting the mpd services). I added now a cronjob to restart every 24 hours the pfSense Box but it its not a solution.



  • When you enable this feature it is supposed to setup a cron entry.  Do you see the entry in /etc/crontab?



  • I think it is the code underlying this that is broke not the cron job.

    The PPPoE disconnect button has never worked for me on 2.0 (and 1.3) on embeded (never tried it on full).
    When I click the disconnect button nothing happens and if I do get disconnected (I have no forced reset from my ISP) the button still says disconnect and when clicked has no effect. Just stays with disconnect as the text. The only way to get PPPoE to come up is to reboot.

    I think (but haven't looked too hard) that the disconnect code is looking at the interface (ie xl0) and not the PPPoE adaptor.



  • Yes there is a entry for the restart i think:

    0       4       *       *       *       root    /etc/pppoerestart
    

    i tried to start it by hand. I got an error:

    
    # /etc/pppoerestart
    
    Fatal error: Call to undefined function interfaces_wan_pppoe_restart() in /root/- on line 1
    
    

    so that might be why it will not disconnect to a given time. But i hope that he also reestablish the link to my dsl provider if he looses it at any time.



  • try latest snapshot and report.



  • Hi ermal,

    same error occurs if try to restart it by hand with the latest snapshot.

    Greetz,
    mino



  • Yeah i am going to trace this cause it happened to me at my home installation on pppoe too.
    I will come back with something later tomorrow.

    Do you have anything in logs after mpd exits and it tries to restart it?!



  • I believe this should be fixed now.  Please try next snapshot cycle.

    If you want to test now, replace the pppoe_reconfigure function in /etc/pppoe_restart with interface_reconfigure();



  • PS: you need to click save on the wan interfaces configuration page to regenerate the /etc/pppoe_restart file..



  • As sullrich said retry with latest snapshot.



  • Okay, i installed the latest snapshot. I saved the WAN interface many times. But the /etc/pppoerestart file is still the same and so the error still occurs.

    
    #!/bin/sh
    echo 'es_dyndns_reset(wan); ?>' | /usr/local/bin/php -q
    
    


  • The new file should be on /var/etc/pppoefile actually.
    It should have interface_reconfigure in it.



  • Okay can be executed but it wont restart the wan session, it just reload the filter (seen in the logs)

    
    # cat /var/etc/pppoewanrestart
    #!/bin/sh
    /usr/bin/touch /tmp/filter_dirty
    # 
    
    


  • Did you click save on the Interfaces -> WAN page?

    The code is there…

    define("CRON_PPPOE_CMD", "#!/bin/sh\necho '' | /usr/local/bin/php -q");



  • You are on an older snapshot. Try a new one.



  • So I have now the latest snapshot:

    2.0-ALPHA-ALPHA
    built on Fri Nov 21 04:39:23 EST 2008
    FreeBSD 7.1-PRERELEASE

    Console:

    
    # cat /var/etc/pppoewanrestart
    #!/bin/sh
    /usr/bin/touch /tmp/filter_dirty
    #
    
    
    
    #cat /etc/crontab
    ...
    0	4	*	*	*	root	/etc/pppoerestart
    0	4	*	*	*	root	/var/etc/pppoewanrestart
    ...
    
    

    So you see still the same. And in my crontab are now two entries, i think the old entry and the new corrected one. I think i triggered the save routine now 3 times but same result.

    And i recognized that if i save the wan configuration and aplly them the whole system is interuppted. I take up to 30 seconds until my box reacts on request (http, ssh and so on) to the box itself. I think a routine for resetting the interface or restarting the mpd daemon shut not block the whole system.



  • First edit /etc/crontab and remove both of those reset entries.

    Next update to the snapshot that will be ready about 2 hours from this post.  Next click save on interfaces, wan.

    Check the file in /conf/ (not /var/etc/).  /var/ is a ramdisk on embedded and that file will be wiped out on a reboot.



  • Okay i did what you said.

    My /etc/crontab now look like that:

    cat /etc/crontab

    SHELL=/bin/sh
    PATH=/etc:/bin:/sbin:/usr/bin:/usr/sbin
    HOME=/var/log
    #minute hour    mday    month   wday    who      command

    pfSense specific crontab entries

    Created: November 29, 2008, 9:49 am

    0 * * * * root /usr/bin/nice -n20 newsyslog
    1,31 0-5 * * * root /usr/bin/nice -n20 adjkerntz -a
    1 3 1 * * root /usr/bin/nice -n20 /etc/rc.update_bogons.sh
    */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 sshlockout
    1 1 * * * root /usr/bin/nice -n20 /etc/rc.dyndns.update
    */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -v -t 3600 virusprot
    */60 * * * * root /usr/bin/nice -n20 /usr/local/sbin/expiretable -t 3600 snort2c
    */5 * * * * root /usr/local/bin/checkreload.sh
    */5 * * * * root /etc/ping_hosts.sh
    */140 * * * * root /usr/local/sbin/reset_slbd.sh
    0 5 * * * root /etc/pppoerestart
    0 4 * * * root /conf/pppoewanrestart

    If possible do not add items to this file manually.

    If you do so, this file must be terminated with a blank line (e.g. new line)

    My reset time is set to 4 o'clock. I dunno why still there is a entry for 5 o'clock, it wasnt there before.

    So today at 4 o'clock he triggered the script and reinitiate the pppoe connection. But after that the dnsmasq hung. He consumes up to 80% of the cpu usage and dont like to respond anymore. I killed the process and startet it again, it works now again. I think a bit of delay is needed after restarting the dnsmasq service. Because i also triggered the script(/conf/pppoewanrestart) by hand and the same problem occured. I got also a message back, but i think it has nothing to do with the dnsmasq problem:

    /conf/pppoewanrestart

    Warning: Missing argument 2 for services_dyndns_reset(), called in /root/- on line 1 and defined in /etc/inc/services.inc on line 438



  • Okay this is due to Ermals changes (eri–).  I'll leave this to him to fix.



  • Try next snapshot should be fixed.



  • Hello,

    err…snap server has no new snaps since 5th. Can you kick him awake?  :P

    cheers,



  • Sorry, isnt fixed. Same problem occurs.

    Actual Version:
    2.0-ALPHA-ALPHA
    built on Tue Dec 9 06:25:48 EST 2008
    FreeBSD 7.1-RC1



  • What do you mean by same?



  • So today at 4 o'clock he triggered the script and reinitiate the pppoe connection. But after that the dnsmasq hung. He consumes up to 80% of the cpu usage and dont like to respond anymore. I killed the process and startet it again, it works now again. I think a bit of delay is needed after restarting the dnsmasq service.

    This problem what i had reported before.



  • I just wanted to let you know, that this bug still exists and it makes 2.0 pretty much unusable for users in germany and some other countrys where the ISP does frequent disconnects (every 24 hours)…

    The only way to get the connection back up is to click "save" on the wan interface page or reboot, since the disconnect button is not working...

    "2.0-ALPHA-ALPHA
    built on Fri Dec 26 18:44:24 EST 2008"



  • Disconnect actualy works afaik.



  • yep it drops the connection ;) but then the button still says "disconnect", and the only way to get it back up is clicking save on the wan interface page  ;D



  • Hi,

    Once again, in a more detailed way the error description.

    Our provider here in germany reset after every 24 hours the connection. Also the connection can drop instantly if there is a connection error. So pfSense should monitor the connection if there is still a wan link(a ip address given). And if not, restart it. There should be unlimited retrys, because if it is the only wan connection its vitale.

    Also the problem with the periodic reset is still present. If i set in my wan connection a periodic resettime, the reset will successfully triggered at the given time.

    The triggered script:

    Output of "cat /etc/crontab | grep pppoe"

    
    0       5       *       *       *       root    /etc/pppoerestart
    0       4       *       *       *       root    /conf/pppoewanrestart
    
    

    I dunno why we need there two scripts. But i think the first is the real "periodic reset" script. But if you trigger it by hand or by crontab the same result happens:
    Output of "ps aux":

    
      PID USERNAME  THR PRI NICE   SIZE    RES STATE    TIME   WCPU COMMAND
    27289 nobody      1 113    0  3132K  1680K RUN    424:26 77.29% dnsmasq
    36685 root        1   4    0 41312K 16828K accept   0:14  0.00% php
    ....
    
    

    The dnsmasq hung. No DNS requests will by anymore handled. The easiest way to handle it is by console:

    
    # killall -9 dnsmasq
    # dnsmasq
    
    

    It also works over the webinterface, but you must use the IP address of the interface because hostname will not be resolved by dnsmasq. And then press once the Interface WAN save button and apply your "changes". I hope that can be fixed now.



  • One more Problem seem to occur now. After he reestablish the connection sometimes it terminate after a hour or two. Its very bad for german ppl to try the new pfSense and to post bugs, if the box is more offline than online. I hope somebody from the dev team can help us :)



  • Okay a short log part of the errors when he randomly disconnects:

    
    Feb 19 18:51:54 	php: : ERROR! PPTP enabled but could not resolve the $pptpdtarget
    Feb 19 18:51:54 	php: : Could not find gateway for interface(wan).
    Feb 19 18:51:54 	last message repeated 9 times
    Feb 19 18:51:54 	php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was 'pfctl: DIOCSETSTATUSIF'
    Feb 19 18:51:54 	php: : New alert found: There were error(s) loading the rules: pfctl: DIOCSETSTATUSIF The line in question reads [ DIOCSETSTATUSIF]:
    Feb 19 18:51:54 	php: : There were error(s) loading the rules: pfctl: DIOCSETSTATUSIF - The line in question reads [ DIOCSETSTATUSIF]:
    
    

Locked