/rc.newwanip dilema, it detects a new IP when the IP is still the same
-
Apr 19 05:16:38 xinetd 86271 Reconfigured: new=0 old=1 dropped=0 (services) Apr 19 05:16:38 xinetd 86271 readjusting service 19000-tcp Apr 19 05:16:38 xinetd 86271 Swapping defaults Apr 19 05:16:38 xinetd 86271 Starting reconfiguration Apr 19 05:16:38 xinetd 86271 Reconfigured: new=0 old=1 dropped=0 (services) Apr 19 05:16:38 xinetd 86271 readjusting service 19000-tcp Apr 19 05:16:38 xinetd 86271 Swapping defaults Apr 19 05:16:38 xinetd 86271 Starting reconfiguration Apr 19 05:16:37 check_reload_status Reloading filter Apr 19 05:16:37 php-fpm 45752 [pfBlockerNG] Starting cron process. Apr 19 05:16:37 check_reload_status Reloading filter Apr 19 05:16:36 php-fpm 45752 /rc.start_packages: [squid] Starting a proxy monitor script Apr 19 05:16:35 php-fpm 45752 /rc.start_packages: [squid] Reloading for configuration sync... Apr 19 05:16:34 php-fpm 45752 /rc.start_packages: [squid] Stopping any running proxy monitors Apr 19 05:16:34 php-fpm 45752 /rc.start_packages: [squid] Removing freshclam cronjob. Apr 19 05:16:33 php-fpm 45752 /rc.start_packages: [squid] Antivirus features disabled. Apr 19 05:16:33 php-fpm 45752 /rc.start_packages: [squid] Adding cronjobs ... Apr 19 05:16:32 php-fpm 45752 /rc.start_packages: [squid] - squid_resync function call pr:1 bp: rpc:no Apr 19 05:16:32 php-fpm 45752 /rc.start_packages: Restarting/Starting all packages. Apr 19 05:16:31 check_reload_status Starting packages Apr 19 05:16:31 php-fpm 53269 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 1.2.3.4 -> 1.2.3.4 - Restarting packages. Apr 19 05:16:29 php-fpm 53269 /rc.newwanip: Creating rrd update script Apr 19 05:16:29 php-fpm 53269 /rc.newwanip: Resyncing OpenVPN instances for interface WAN. Apr 19 05:16:27 xinetd 86271 Reconfigured: new=0 old=1 dropped=0 (services) Apr 19 05:16:27 xinetd 86271 readjusting service 19000-tcp Apr 19 05:16:27 xinetd 86271 Swapping defaults Apr 19 05:16:27 xinetd 86271 Starting reconfiguration Apr 19 05:16:27 php-fpm 53269 /rc.newwanip: rc.newwanip: on (IP address: 1.2.3.4) (interface: WAN (real interface: em0).*masked my ip with 1.2.3.4
this causes interruption on my network every, lets say every 30mins if im lucky (DHCP lease time from my ISP is 1 hour), sometimes those newwanip things doesnt happen for a day but once it happens, its disaster, my entire network hiccups, specially with VPN that it needs to reconnect.
In short theres a short blackout on my internet connection (about 20-30seconds) when that newwanip trigger happens. When my IP is still the same as always.
-
Do you lose internet connection completely or just through the vpn? Dhcp is still renewed even though it’s the same IP. From the logs, it appears this restarts your vpn service to the new IP(the same but still renewed). I don’t have any boxes that use DHCP for the WAN to see if this is normal behavior.
Once the openvpn service restarts, the clients would need to wait until their client see it’s down to attemp a reconnect. That usually takes about 20-30 seconds from my experience.
-
i loose the conenction entirely, Im actually downloading a game when that happens (steam, not routed to VPN) and yeah the downloads goes to 0 afor about 5 second and goes up again.
take note: my ONU is still UP (no downtime) and it happens in timely manner when dhcp client goes renew and that newwanip script kicks in.
-
Could be something with squid or pfBlocker being restarted, I don’t use the other services you have installed but I can set something up in a lab later and test. I know plenty people here use those packages so they can probably share if they ever see those issues.
-
I dont use pfblocker. I installed Squid and some other minor packages like cron and shellcmd, nothing follows. I also have nxfilter installed (java based dns resolver) but even with that disabled, I even bothered running as much vanilla as possible (no squid with VPN), issue still persist.
OpenVPN setup to only routed only on certain devices and/or designated destination ports/ip.
Of course the workaround fix (for the meantime) is to run a router between my ONU and pfsense and set a static IP on my WAN, that eliminates the issue.
-
Apr 19 05:16:37 php-fpm 45752 [pfBlockerNG]
Sorry, meant to say pfBlockerNG.
I also have nxfilter installed (java based dns resolver) but even with that disabled, I even bothered running as much vanilla as possible (no squid with VPN), issue still persist.
Installed where? I wasn't aware that was in the available packages. Did you install something on your own? Not sure how I would feel about JAVA running on my firewall but thats just me.
I just tested my box at home which does use DHCP for WAN and renewing didn't bring my internet down.
If you've done a lot of modification to pfSense by installing things from shell this could be the issue. If not and everything was installed from the package manager, would it be possible to remove those packages for testing?
-
Well i actually accounted that maybe the packages was causing the issue but a vanilla pfsense installation still causing a issue.
As i said before the only fix i can do is static ip which involves me placing a router between onu and pfsense.
I also have java based apps installed right on the pfsense but other than that theres no modification was done on pfsense filesystem, but hey even without java the issue persist.
-
Well i actually accounted that maybe the packages was causing the issue but a vanilla pfsense installation still causing a issue.
As i said before the only fix i can do is static ip which involves me placing a router between onu and pfsense.
I also have java based apps installed right on the pfsense but other than that theres no modification was done on pfsense filesystem, but hey even without java the issue persist.
This doesn't sound like a vanilla pfSense installation to me. It sound to me like you've installed programs through the shell and this has made changes to the core system. Uninstalling them might not fix the issue. Its your box and you can modify it anyway you want but doing so comes with risk and unexpected behavior. The only way I see fixing this would be to reinstall pfSense (Not factory reset, just changes the config) and stick to only the packages available to the GUI. While community packages can still cause issues sometimes, they are at least tested and uninstalling them should resolve any unwanted behavior.
After you have a fresh install, check and make sure your problem is gone. Install one package at a time, configure it, and check to make sure it isn't causing any problems. Then repeat with the next package. Anytime you update a package, I would only do one at a time and make sure your not experiencing any issues.
-
ok look, I actually restored my config after I tried all the possible fixes, i tell you not even a vanilla installation fixes it, and i dont want to bother my self to resinstall pfsense just to post new logs.
you can just use your imagination or common sense and think of those extra packages doesnt exits.
I repeat, I restored my config after I tried everything and gave up posted here to ask help and thus those logs says.
just fyi that pfblocker should not be causing issues anyway since it was disabled as I posted those logs.