OpenVPN Not Accepting Connections

arrmo

Will keep poking - but first I want to make sure it's stable / staying up now (with this removed) … agreed? Just want to make sure I have a reasonable baseline first.

Thanks!

PiBa

Yes agreed, first make sure it stays stable with NUT widget removed

arrmo

Hi,

One thing that just occurred - that may be normal / expected, but given the issues before it was breaking when running … is unbound supposed to restart every 2 hours? I see in the log it seems to be (at least this last time, exactly 2 hours).

Thanks!

Hugovsky

How long do your dhcp leases last?

arrmo

24 hours.

arrmo

So far, so good - up 24 hours now, which is a recent record … ;). I do see some unbound restarts, but I'm guessing this is nothing new, I just wasn't looking for it before. Not sure why unbound is being restarted, but you can see it below. Leaving the system 24 hours more before messing with it.

clog /var/log/resolver.log | grep unbound | grep stopped
Jul 30 12:26:34 pfSense unbound: [7522:0] info: service stopped (unbound 1.6.3).
Jul 30 16:52:10 pfSense unbound: [7522:0] info: service stopped (unbound 1.6.3).
Jul 30 16:52:10 pfSense unbound: [7522:0] info: service stopped (unbound 1.6.3).
Jul 30 18:52:10 pfSense unbound: [7522:0] info: service stopped (unbound 1.6.3).
Jul 30 18:52:10 pfSense unbound: [7522:0] info: service stopped (unbound 1.6.3).
Jul 31 04:04:17 pfSense unbound: [7522:0] info: service stopped (unbound 1.6.3).
Jul 31 04:04:17 pfSense unbound: [7522:0] info: service stopped (unbound 1.6.3).
Jul 31 06:04:17 pfSense unbound: [7522:0] info: service stopped (unbound 1.6.3).
Jul 31 06:04:17 pfSense unbound: [7522:0] info: service stopped (unbound 1.6.3).

Thanks!

arrmo

OK, found the smoking gun, finally … :). And I was wrong - got sidetracked by a couple items happening at the same time, but I put things back together very slowly. The widget is OK, the end culprit is the driver for my USB NIC. It's the axge driver, for the ASIX AX88179 chipset ... which is on the FreeBSD compatibility list, but seems to have issues with pfSense. There is actually an open ticket I found for it, https://redmine.pfsense.org/issues/4494

When I put this device back in place ... fire and ashes in < 15 min ... ;). I actually got a crash report (submitted that), and a spontaneous reboot. Removed the adapter, and things were smooth again. Not quite sure how to handle this one now, as it should be supported HW.

Thanks for all the debug help and pointers!

jimp

While USB NICs may be on the FreeBSD HCL and they may operate, none of them are known for their stability. They are best to be avoided at all costs. If you have a managed switch, setup and use VLANs instead of trying to rely on a USB NIC.

arrmo

Agreed, and already on that … ;). Just struggling a bit to put the pieces together there (setup wise). I have found a lot of partial solutions / info, nothing in one place all together.

Thanks!

arrmo

FYI, some very good info here,
https://blog.spirotot.com/2016/06/28/pfsense-vlans-with-one-nic-nuc-a-tp-link-tl-sg108e/

Perhaps capture this somewhere, so it's tucked away for folks? Just to make it easy for others.

Thanks!