Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Interface config lost after power outage?

    General pfSense Questions
    4
    13
    1633
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      VaKo last edited by

      I am running the latest full fat 2.3.2-RELEASE (amd64) on a Dell Optiplex with an Intel 340 quad port NIC and SSD.

      I've had 2 power outages this month, and on both occasions pfsense lost all the configuration for the network interfaces and remains at the first boot screen where you assign interfaces. The system has gone through proper shutdowns before, so it's not losing the config after a reboot, just in the event of sudden power loss.

      Is this expected behavior? Is there any way to prevent this?

      (Yes, I do have a UPS, but it only goes for an hour-ish and doesn't provide telemetry which Network UPS Tools could make use of.)

      1 Reply Last reply Reply Quote 0
      • jimp
        jimp Rebel Alliance Developer Netgate last edited by

        That is definitely unusual. It should only revert to that state if an interface is missing at the time it checks. Perhaps your power event is causing one of your system's NIC to disappear?

        1 Reply Last reply Reply Quote 0
        • w0w
          w0w last edited by

          Next time it happened, skip to shell and  check what shows ifconfig

          Check for the firmware/BIOS update.

          BTW what UPS do you have? There are some tricks that you can use and some external monitoring devices and event timers can be found also.

          1 Reply Last reply Reply Quote 0
          • V
            VaKo last edited by

            @jimp

            The box has a Intel i340 T4 card which has somewhat up to date firmware in it (via Dell). I do have a ZTE MF823 dongle attached via USB which might prove to be the culprit if this is a NIC not being alive/connected at the correct time in the boot sequence.

            @w0w

            Will do. The UPS is a APC BE400-UK, nothing special. Technically it would be possible to add a power sensor that sent a shutdown signal after x minutes (where x is 80% of tested runtime) but this is additional cost and complexity. If this is a known issue rather than a bug I might go that way but if it's just a bug then I would rather fix the bug.

            1 Reply Last reply Reply Quote 0
            • w0w
              w0w last edited by

              This is strange but some user reported that he had successfully  connected this ups to both nut and apcupsd.

              1 Reply Last reply Reply Quote 0
              • V
                VaKo last edited by

                The 550 and 700 models have the ability to talk to apcupsd via USB, the 400 is just a dumb box and afaik doesn't have any way to get telemetry data into pfsense.

                1 Reply Last reply Reply Quote 0
                • w0w
                  w0w last edited by

                  Yep, thats why it's strange :)
                  Anyway, about config lost, I think it's hardware related and it is really hard to fix on software side when physical interface is lost after power outage.

                  1 Reply Last reply Reply Quote 0
                  • V
                    VaKo last edited by

                    If this is the case, why does one interface being removed cause the entire configuration for 6 interfaces (quad port NIC, built in and a USB interface) to be deleted, rather than one interface being marked as off-line?

                    1 Reply Last reply Reply Quote 0
                    • jimp
                      jimp Rebel Alliance Developer Netgate last edited by

                      There have been dozens of threads over the years, if you want to read the whole reasoning, do some searching. The tl;dr version: It is the only safe and secure failure mode. Any automated assumptions could result in a broken or insecure configuration.

                      1 Reply Last reply Reply Quote 0
                      • V
                        VaKo last edited by

                        OK, that is what I needed to know. It is expected behavior when using pfsense that if an interface doesn't appear at the right time during boot, it will invalidate the entire config for all interfaces and refuse to function until you physically login or fire up the ILO.

                        The reasoning for this is sound, but it might be an idea to make it clearer that this is expected behavior. A simple error message flag on the GUI stating something like "Due to interface loss, the interfaces have been reset as a security precaution." would have made this far clearer than an expectation to search a forum for answers.

                        So my solution would appear simple, move the LTE modem to a separate device and use regular ethernet.

                        1 Reply Last reply Reply Quote 0
                        • jimp
                          jimp Rebel Alliance Developer Netgate last edited by

                          It doesn't remove the entire config, it knows all about them, their rules, etc. You just have to re-enter the mappings. And it does print a message about the interfaces being mismatched on the console before the prompt. A message in the GUI would be useless as you can't reach the GUI at that point.

                          And yes, a real Ethernet connection is always preferable to a USB device.

                          1 Reply Last reply Reply Quote 0
                          • virgiliomi
                            virgiliomi last edited by

                            @VaKo:

                            So my solution would appear simple, move the LTE modem to a separate device and use regular ethernet.

                            You might look at something like this to bring wired Ethernet connectivity to a USB 4G modem…

                            http://shop.proxicast.com/shopping/proxicast-pocketport-2-pocket-sized-3g-4g-lte-usb-cellular-modem-bridge-mini-router.html

                            It can function as a router, but it also offers a bridge mode.

                            1 Reply Last reply Reply Quote 0
                            • V
                              VaKo last edited by

                              @jimp

                              Just an idea to make it far more obvious what has happened and why. A error in the GUI linking to a wiki page would least have saved me asking why this happened.

                              @virgiliomi

                              I am thinking of either the TP-Link TL-MR3020 or firing up my old OpenWRT RouterStation Pro.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post

                              Products

                              • Platform Overview
                              • TNSR
                              • pfSense
                              • Appliances

                              Services

                              • Training
                              • Professional Services

                              Support

                              • Subscription Plans
                              • Contact Support
                              • Product Lifecycle
                              • Documentation

                              News

                              • Media Coverage
                              • Press
                              • Events

                              Resources

                              • Blog
                              • FAQ
                              • Find a Partner
                              • Resource Library
                              • Security Information

                              Company

                              • About Us
                              • Careers
                              • Partners
                              • Contact Us
                              • Legal
                              Our Mission

                              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                              Subscribe to our Newsletter

                              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                              © 2021 Rubicon Communications, LLC | Privacy Policy