Pfsense brakes network after connecting

elevator

Hey guys,

I have trouble with my pfsense firewall after changing the router from BT home hub 4 to BT Home Hub 6.

I use a Wifi bridge to connect the pfsense to the main network (it is a shared house). When I plug in the pfsense to the TP-Links RE450 LAN port the whole network collapse after 1-3 minutes. No internet and nothing will work.

I thought this is a problem with the Wifi bridge (incompatibility with the Router), but when I connect my macbook to it, no problems at all. I testet it for about an hour streaming stuff. Worked like it shout be.

I tried to change the WAN port of the pfsense to DHCP, static, disabled block bogon networks, I have no idea what could cause the reason to brake the LAN.

Do you have any Idea what this could be???

Thanks
???

elevator

Here is a picture to show it


jahonix

@elevator:

When I plug in the pfsense to the TP-Links RE450 LAN port the whole network collapse after 1-3 minutes.

Any chance you swapped LAN and WAN on your pfSense and had it serving DHCP addresses to the network as well?

elevator

hey Chris, I didn't change the cables, but what I saw now in the log if the router after connecting the pfsense are DNS failures:

14:31:10, 24 Aug.
ppp1:DNS name resolution failure (13.32.125.162.in-addr.arpa)
14:30:13, 24 Aug.
ppp1:DNS name resolution failure (169.254/16)
14:29:13, 24 Aug.
ppp1:DNS name resolution failure (202.14.22.2.in-addr.arpa)
14:29:10, 24 Aug.
ppp1:DNS name resolution failure (10.255.138.195.in-addr.arpa)
14:29:10, 24 Aug.
ppp1:DNS name resolution failure (16.255.138.195.in-addr.arpa)
14:27:23, 24 Aug.
ppp1:DNS name resolution failure (ff02::1:ffcc:701a.localdomain)
14:27:10, 24 Aug.
ppp1:DNS name resolution failure (238.146.248.17.in-addr.arpa)
14:27:10, 24 Aug.
ppp1:DNS name resolution failure (211.146.248.17.in-addr.arpa)
14:26:28, 24 Aug.
ppp1:DNS name resolution failure (ff02::1:ff13:779d.localdomain)
14:25:16, 24 Aug.
ppp1:DNS name resolution failure (87.92.252.17.in-addr.arpa)
14:25:11, 24 Aug.
ppp1:DNS name resolution failure (97.92.252.17.in-addr.arpa)
14:23:53, 24 Aug.
ppp1:DNS name resolution failure (202.14.22.2.in-addr.arpa)
14:20:21, 24 Aug.
ppp1:DNS name resolution failure (::)
14:20:16, 24 Aug.
ppp1:DNS name resolution failure (::.localdomain)
14:20:15, 24 Aug.
ppp1:DNS name resolution failure (nflximg.net.localdomain)
14:20:11, 24 Aug.
ppp1:DNS name resolution failure (136.32.125.162.in-addr.arpa)
14:20:10, 24 Aug.
ppp1:DNS name resolution failure (nflximg.net.localdomain)
14:19:31, 24 Aug.
ppp1:DNS name resolution failure (frlp.lp.cs.quickconnect.to.localdomain)
14:19:15, 24 Aug.
ppp1:DNS name resolution failure (ff02::1:ff2a:bace)
14:19:10, 24 Aug.
ppp1:DNS name resolution failure (ff02::1:ff2a:bace.localdomain)
14:18:15, 24 Aug.
ppp1:DNS name resolution failure (247.11.252.17.in-addr.arpa)
14:16:39, 24 Aug.
ppp1:DNS name resolution failure (dec.quickconnect.to.localdomain)
14:16:08, 24 Aug.
ppp1:DNS name resolution failure (5.138.243.46.in-addr.arpa)

the failures are only when the firewall is connected.

jahonix

You connect pfSense WAN to the WLAN router?
pfSense LAN is on a different switch than this TP-Link device?
It uses a different IP subnet than WIFI?

elevator

The BT hub is 192.168.1.254, the pfsense: WAN 192.168.1.50 and the LAN subnet is 192.168.10.0/24

I’ve changed the DNS server on the pfsense from 192.168.1.254 to 8.8.8.8 and the dns failures are almost gone from the log files from the BT hub.

But I still struggle with a dns problem, the VPN tunnels are up and running when I connect the pfsense to the TP-Link but the internet is slow and stuck sometimes, it’s really strange.

Again, when I connect my MacBook to the TP-Link it works without any problems. The only changes are the switch from BT hub 4 to 6 and I updated pfsense to the latest release.

jahonix

How is your pfSense Lan connected? You built a loop somewhere and your switch is not catching up with Spanning Tree or so?

elevator

Thanks for your help Chris !

The funny thing about this is, that all worked before I changed the router and updated pfSense.

I've done a picture how it looks like.

jahonix

Since you made changes at two locations it's nearly impossible to track this issue down remotely.

elevator

I found the malefactor: my p2p client resilio sync on my synology server. This is causing all the trouble with the new router.

When I turn the sync off / stop the app it’s working like before. Shortly after turning it on, the whole network Stucks. I think it has something with UPnP to do.