2.4.2 Connectivity Issues

Ximulate

Since upgrading to 2.4, we've been having issues with devices on our LAN losing internet connection about once a day. Power cycling the router temporarily fixes the issue. Unfortunately, it’s not something that happens when I’m on site, and it’s a busy retail location so staff can’t wait for me to get there and therefore I’m not able to tell exactly what is happening from the LAN side. But, I suspect that the problem is related to the DCHP server. From the WAN, when the problem occurs, I have not been about to VPN (openVPN) into the network.

I have five APU2C4 installed at various locations. Four of the five have been upgraded to firmware version 4.6.0 and pfSense 2.4.2_1. This upgrade was a “clean” install; I flashed the new firmware and flashed pfSense 2.4.2 (selecting ZFS file system) from a USB, then restored the configuration settings (from the previous 2.3.4) and updated to 2.4.2_1.

The problem described above has been occurring at two of the five locations. I thought I had narrowed down part of the problem: After removing Traffic Totals, the problem seemed to be alleviated*… no issues for several days. I reinstalled Traffic Totals, and the problem reoccurs. It’s the latest version of Traffic Totals from the package manager.

On one of the networks, we have a device that regularly sends out reports by email. It’s configured to use an offsite email server. When the problem occurs, it’s not able to send the reports. However, after the staff reboots the router the backlog of reports are sent along with an error message the simply states “DHCP Error” with a timestamp of when the error occurred.

• However, this morning, even with all packages including Traffic Totals removed, we lost the internet connection again. The two problematic routers are both served by the same ISP, actually a WISP that requires a static IP and gateway.  Otherwise, the configurations are practically the same between the four 2.4.2_1 routers.

I'm not sure if its related, but one of the other four 2.4.2_1 routers has had issues "hanging" on reboot. Thankfully, it generally doesn't need to be rebooted and otherwise it seems to be been working fine.

Gertjan

Hi,

Something is missing within your write-up. Where are the logs ??

pfSense keeps a nice DHCP logs that show everything.
Requests from devices coming in.
Proposals going out, etc.

And because these things happen these days : the firewall rules on the concerned interfaces (although FDCP traffic can't be blocked because already accepted up front).
Also : what other devices are between pfSense and the "end user" device ? These can f*ck up DHCP traffic just fine (example : some smart switch with very wrong settings, an AP that has a DHCP server running, or is running in router mode, etc)

On the client device some test could be executed also :
If it is a Windows machine, enter :
ipconfig /release
ipconfig /all
(to see that all IP info is gone)
ipconfig /renew
(and check at the the same moment the DHCP log on pfSense to see all the DHCP handshake).

What I saw with pfSense - or actually any other router on planet earth : when a NIC comes up (Wifi, cable, whatever) the DHCP client (running on the user's device) fires away a request. My router (DHCP server) receives it, and offers a lease).
Done.

If the client doesn't accept the lease, well, that is fine to me. The 'administrator' of that device should have his reasons, and he is responsible for obtaining a connection, or not having a connection. Know that every device that is new, just bought, will work fine.
I'd like that add that from a pfSense's point of view, its DHCP server is pretty sold/stable - at least, it is for me, nearly a decade now.

So, the question is, why, on your network, UDP traffic running from ports 68 and 69 isn't running fine ?

edit : DHCP server settings for every 'LAN' interface ?

@Ximulate:

I'm not sure if its related, but one of the other four 2.4.2_1 routers has had issues "hanging" on reboot.

Fire it up using the console access.
You see something like a boot log scrolling by.
Where does it halt ?

Ximulate

Thank you for the suggestions. I think this most recent issue was a fluke, possibly an issue caused by the recent extreme weather.

I have not found any DHCP conflicts, or incorrectly configured APs, and there are no smart switches on the network (yet.)  I don't know for certain that its a DHCP issue, and prior to 2.4 I had no problems with pfSense or Traffic Totals. Whatever is going on, it happens repeatably with Traffic Totals installed and without Traffic Totals its fine. It also seems to be related to the ISP, or the WAN configuration required for the ISP, as I have two other otherwise identical routers at other locations with Traffic Totals operating without issue. And, again, this problem is happening repeatly on two routers at differnet locations served by the same ISP.

I may try to install Traffic Totals again, so I can post the log files. I have to be cautious doing this as it causes issues with the operation of the business.

Ximulate

I beleive my issues are related to the APU2 BIOS. I've rolled back all but one unit to BIOS V4.0.7. So far, no issues with those routers for the last few days. I haven't reinstalled any packages yet.