Network Down after latest Snapshot


  • Banned

    I was told to start a new thread on this although I believe it is related to previosuly posted issue on Unbound commit problems.

    Updated, rebooted.

    After 20-30 minutes webgui was still not accessible.

    SSH in, restart webconfigurator. Was able to access webgui via IP only, hostname fails for DNS resolution - can't even resolve hostname to unbound.

    When I finally get into the WebGUI I see the following services down:

    Bandwidthd - don't care
    DHCPD - kind of need that
    DNSBL - not an immediate concern
    NTPD - time would be nice
    Suricata - not an immediate concern
    Unbound - need that

    I can successfully start all services except for DNSBL, that won't stay up.

    Unbound & DHCPD will start, but I still can't even resolve local hostnames, have to access via IP.

    OpenVPN services are all up, but fail to connect. I see RESOLVE: Cannot resolve host address errors throughout the logs
    This again points in the direction of an issue with Unbound.

    I've rebooted several times, rebooted modem, nothing. I've run a zpool scrub, all is good.

    I was told I could revert to an older snapshot with the system - patches package. But I don't know how to do that. Tried putting in the URL of an older snapshot, but it fails to fetch.

    Any help greatly appreciated! Would honestly just like to get the network back up ASAP by reverting to an old snapshot before troubleshooting why it isn't working. Would really appreciate someone telling me specifically how to do that.
    I can successfully start


  • Banned

    More signs pointing to Unbound.

    Website requests on multiple clients on network (Desktop, Laptop, Cell Phone) all return DNS errors.

    Attempting to save settings on Unbound GUI page freezes up the GUI requiring webconfigurator restart or system reboot via SSH.

    I did contact my ISP to confirm that there were no issues with my connection on their end. There are not.

    It seems to me that all signs point to Unbound, another thread asking about unbound reinforces that.

    I also tried fetching https://github.com/pfsense/pfsense/commit/38d110824c87ff60c6289c0432d55009586ceee4
    and https://github.com/pfsense/pfsense/commit/8a0aa42c197361ebb82387e5bdc8378e5440837f in System / Patches. But the fetch fails. I'm betting that Unbound won't resolve it.


  • Banned

    Just accessed top via SSH.

    The top 4 processes are Unbound @ 99.99%+, maxing out the CPU on my i5-2400.

    EDIT: I was able to kill -9 all unbound processes and it let me disable unbound and save the settings. All VPN interfaces came back up immediately. I was then able to fetch the two reversion linked by jimp - thank you. Applied them, disabled Forwarder, re-enabled Resolver. All is well.

    The problem, at least for me was definitely Unbound.



  • This likely also happened to me. I upgraded to the latest snapshot and the CPU was spiked throughout the day while I wasn't home. I use pfSense as my primary router in a virtualized ESXi (6.5) environment so it took down my entire network.    I ended up switching back to my stable 2.3 instance for now because I can't tolerate this kind of unstability.  I have some strange errors related to the hard drive but that is odd because it is an SSD.  CAM status: ATA status error, ATA status 41 (DRDY ERR) error: 02 (NM )

    I have my 2.4 build snapshotted in case you all need something to help triage this issue.



  • 2.4.0-BETA (amd64)
    built on Wed Jul 05 03:37:29 CDT 2017
    FreeBSD 11.0-RELEASE-p10

    unbound as a resolver
    pfblockerNG
    suricata
    freeradius 3

    Working normal. No problem after update or reboot.