SG-1000 flagging and/or not working Internet



  • This is an interesting one which occurred last night after an update morning on the same day.

    Hardware: SG-1000
    Build: 2.4.0.b.20170817.2358

    These symptoms were reported to me by a remote site:

    1. Large chunks of the Internet were not accessible. For example, YouTube worked fine, Imgur would not load. Steam and various games requiring logon did not work.

    2. The little "You have Network but no Internet" icon in Windows would appear for a few seconds and then disappear.

    3. UI was accessible and a reboot was initiated from there

    4. This problem appeared a couple of times in a short space of time.

    Looking through the logs the thing that jumps out is lots of lines looking like this:
    kernel: arpresolve: can't allocate llinfo for ##ISP GATEWAY IP## on cpsw0

    The closest thing I have found to what maybe the problem is this:

    https://redmine.pfsense.org/issues/2704

    The WAN is a HFC cable modem but dhcp.log does not have any evidence of a local IP being given out by the cable modem.

    I've not seen this at all before. Anyone else having this problem?

    Attached is a copy of system.log for the whole 24 hour period. Weird behaviour starts at around 21:00.
    system.log.txt



  • Even when https://forum.pfsense.org/index.php?topic=135556.0 says that some message aren't important, I advise you to check if unbound  (the pfSense DNS server) is doing its job.

    This
    Aug 22 22:00:29 SG-1000 php-fpm[95716]: /rc.newwanip: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1503403229] unbound[8257:0] error: bind: address already in use [1503403229] unbound[8257:0] fatal error: could not open ports'
    seen twice means to me that unbound isn't starting - so you will have DNS outage which explains very well that some sites 'work' (URL is resolved) and some don't.


  • Netgate

    Sounds like a transient ISP issue to me.



  • I would personally recommend not touching unbound, i.e. the "DNS Resolver" at the moment with a barge pole - if you have a dynamic IP address on your WAN.
    On my SG-1000 it borked frequently whenever the IP address changed.
    High load average and strange behaviour, it looks like it can't handle the WAN IP changing.
    I've switched to using the forwarder and it's rock solid - for awhile I thought it was the ISP.
    It wasn't in my case