3 Month Old Install loosing segment connection. Returns upon reboot.
-
I setup a new pfsense box about 3 months ago with updates. I think I updated it once more since then. Anyway I have 5 network segments. About every 2 weeks or so. The dmz segment would loose internet. The simple test is I could not ping the gateway ip or any other ip on the pfsense box. I checked the back of the box and the nic still showed a connection and a data light for that nic. I proceeded to do additional troubleshooting. Disabled and checked log for firewall security like squid, snort, etc, etc. Didn't find anything being blocked. I disabled and enabled just that interface in pfsense. Nothing would bring that back to life until I rebooted the box. Now the other day. Instead of the DMZ segment not responding. The wireless segment did the same thing and not the dmz. I also tried to search the forum and all I could find was pfsense can start having problems with 5 nics and probably should use Intel. I used four nic's and the on board nic. If anybody has any idea about this. Ideas are welcome. I have one more idea to try myself too. But if you can post anything I need to get you next time this happens. I can do that. Oh and when I trace route or ping back to say the servers in the dmz zone or say the wireless. No dice either in the area.
2.3.2-RELEASE-p1 (amd64)
built on Tue Sep 27 12:13:07 CDT 2016
FreeBSD 10.3-RELEASE-p9I noticed that we now have another release so I might upgrade to that.
Thank you,
Josh
-
So I updated the pfsense to the latest version and when I came in the next morning. The segment was down again. I did look around again and checking the dmesg on the system. Found out that the re2 interface went down and did not come back up. So I checked the light on the back of the nic. Everything was good. I decided to move the cable to another switch. The switch and card showed the connection was just fine. But the box still showed the nic down. It did not register anything from the card. Now I tested another segment and the box had no problem showed the link down and coming back up. So I'm going to look into how to restart just the interface in pfsense on the shell prompt. See if that solve the issue. I did do some searching based on this issue and found a few other people with it. One person found a bad switch. So that is why I tried another switch. So if this rings any bells. Please let me know
Thanks,
Josh
-
"re2"? Realtek? Realtek has notoriously crappy drivers/hardware. Intel NICs are the de facto standard on FreeBSD/pfSense.
Do your logs say anything useful?
-
Just an update. went down again and I tired my other thought disable stuff in cmos like printer ports and such. 10 years ago when I was having strange nic issue. This solved it. But once again today. No dice. Still goes down. So I'll look into the logs tomorrow and see besides the link going down. (yet the card and switch says up.) what else it shows in the logs and post what I find.
Thanks,
Josh
-
So I tried a few more things. I tried one more switch. I tried to disable and re-enable the port again. I noticed it does keep the ip number. But it shows no media. Not sure if I said that before. But everything else shows up. I also tried to force a few settings on link type too. You know 100 or 1gb or auto select etc. But after no luck. I changed it back to default. Upon checking the log. I have found this.
21 12:40:32 kernel re2: PHY write failed
Mar 21 12:40:32 kernel re2: PHY write failed
Mar 21 12:40:33 kernel re2: PHY write failed
Mar 21 12:40:33 kernel re2: PHY write failed
Mar 21 12:40:33 kernel re2: PHY write failed
Mar 21 12:40:33 kernel re2: PHY write failedThis is when I tried to disable and re-enable that interface in the pfsense admin menu. I found one entry that says either bad hardware or bad drive in kernel. Now I don't know if I said this. I had 2 nics. One nic this was doing it two about once every 1.1/2 to 2 weeks. Then it moved from that nic to this other nic. They are both the same realtek pci express nics. So no surprise. I hope this help. I'll keep searching. Also one more thing I'm going to try when I get a sec. I noticed the bios was outdated on the intel mainboard so I'll update that.
Thanks,
Josh
-
Avoid ShitTek NICs. Problem solved.