Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Watchdog?

    General pfSense Questions
    4
    8
    1282
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      hypernative last edited by

      Is there anyway to install Watchdog functionallity on Pfsense 2.2 ? I want to achive function to restart the hardware then WAN link is down.

      1 Reply Last reply Reply Quote 0
      • johnpoz
        johnpoz LAYER 8 Global Moderator last edited by

        Seems a bit of overkill ;)  And kind of hard on the equipment if you have any sort of extended outage..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

        1 Reply Last reply Reply Quote 0
        • H
          hypernative last edited by

          Overkill. Why?
          If the router looses WAN connection, I want it to be automatically restored when I am not at home..

          1 Reply Last reply Reply Quote 0
          • C
            CC last edited by

            Sorry, why would you want to reboot the entire firewall, is that the only way of bringing the link up (instead of Dial on demand with a pinger etc)?

            1 Reply Last reply Reply Quote 0
            • H
              hypernative last edited by

              Dial on demand.. that's new information for me. The line is fiber..

              Why i want it to be restarted compeltely: The router is running is a VPN-client, all traffic is routed via the external vpn source. If the VPN provider has problems, and
              later when the VPN service is UP again there can be scenarios when the router has to be restarted..

              1 Reply Last reply Reply Quote 0
              • johnpoz
                johnpoz LAYER 8 Global Moderator last edited by

                Never seen a situation that a loss of a connection be it connection to the interface direct or vpn connection would require a reboot of the hardware.  If that is the case something is clearly wrong.

                Worse case scenario would be a restart of say the vpn connection once the actual wan connection is back up and you can reach the vpn.. There is currently a watchdog package that you can use to restart services if say the service crashes.  I have it running on my freerad service, vpn both server and client, sshd, etc.  Reboot of the "firewall" for anything other than a kernel update or replacement of actual hardware seems wrong direction to me..

                Lets say the vpn connection goes down because the provider has an issue, or let say there is just a connectivity issue to them either at your local end or somewhere in the internet… a reboot of your firewall seems a drastic measure.. Why can the vpnclient just continue to retry to reconnect?  The Infinitely resolve server settings should do that..

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                2440 2.4.5p1 | 2x 3100 2.4.4p3 | 2x 3100 22.01 | 4860 22.05

                1 Reply Last reply Reply Quote 0
                • w0w
                  w0w last edited by

                  I addition to what johnpoz said, I've never seen watchdog functions that reboot hardware on software events.
                  In hardware, watchdog means special chip that starts the timer and resets the CPU or the main processing unit, when desired watchdog time is reached. The OS must reset timer before it reached or reset occurs. This functionality is not implemented in pfSense but it can be added by free-ipmi package, for example.

                  I think hypernative just wants some script that will correctly reboot router on a event, that is a little bit strange, but sometimes it is really simplest solution…

                  1 Reply Last reply Reply Quote 0
                  • C
                    CC last edited by

                    @hypernative:

                    Dial on demand.. that's new information for me. The line is fiber..

                    Why i want it to be restarted compeltely: The router is running is a VPN-client, all traffic is routed via the external vpn source. If the VPN provider has problems, and
                    later when the VPN service is UP again there can be scenarios when the router has to be restarted..

                    Well I was referring to reauthorizing PPOE (if you were using it), and again, can't you build an IPSEC tunnel on the pfsense directly to the remote end, that would bring the tunnel up when it sees interesting traffic instead of involving another random bit of hardware running it's own VPN client?

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post