pfSense with AT&T fiber-- WAN keeps dropping offline
-
@wgstarks said in pfSense with AT&T fiber-- WAN keeps dropping offline:
I'll stop Snort just to see if that makes a difference. It's the only thing I see there that might apply.
Stopping Snort didn't help. Still dropping offline.
-
It looks like these issues may be due to AT&T network problems. They’ve got a supervisor checking the network equipment in my area to try and figure out what’s going on and have scheduled a tech to come out and replace the fiber to Ethernet converter box inside my house. We’ll see.🤨
-
Tech came out and replaced ONT box. I'm seeing better network performance but still getting random periods of packet loss up to about 50 - 60% lasting 30 seconds or so. I think this has to be an AT&T network issue. The tech supervisor agrees and is going to have their crews check their splitters (whatever those are???) for my area.
The entire AT&T fiber network in my area is only about a year old. The supervisor I meet with says that currently they still have only a few subscribers in this area and are still finding bugs in the system when new installations are performed. I hope he's right.
-
We switched to Cox gigablast (their residential fiber product) a while back and encountered oddities over the first year or so. Sounds like similar issues...only a handful of subscribers in the area and a new f/o network roll out that wasn't fully tested ahead of time.
-
I see you're pinging Google DNS. I know pfSense has an option to kill the WAN states in the event that the loss gets too high. It's possible you're conflating the WAN being down and the route to Google DNS being bad.
-
@harvy66
I’m just going by the display in the status page. Packet loss hits 100% and lots of high latency alarms in the system log. Tried using AT&T’s DNS servers for monitoring WAN but no difference. Looks to me like the AT&T router is still being used somehow even in DMZ+ mode. I’ve seen lots of complaints online about the very small state tables they use in their firmware. I don’t have the background to know if this is true or not, but I do see lots of “excessive connections” errors in the logs for the fiber modem. The tech crews have checked the lines several times without finding any issues. -
What is the DHCP lease time from the AT&T modem? I had a home connection that was passing through the connection to give the internal router (in this case not a pfSense) the public IP, and the DHCP lease time was 10 minutes, which apparently triggered a connection reset on the internal router. Just before every-10-minute disconnections started happening the router firmware was updated, so I'm not sure if the apparent NIC-reset-on-DHCP-renewal was a mew problem with that router's firmware or that AT&T coincidentally lowered the lease time to 10 minutes. I am pretty sure the lease time has not been 10 minutes in the past.
At any rate I worked around it by setting the AT&T modem/router to not pass through the public IP, and to put the router in its DMZ (as I recall I had to restart both devices to get the internal router to appear as an option). The lease time to the router is now 1 day and not as noticeable as the few seconds of dropout at each renewal.
I don't know if this helps you but thought I'd try.
-
@wgstarks did you ever get this resolved? I have an ATT fiber that is also dropping the connection in the early mornings. Almost every hour from 1am to 5am
-
@kabrutus said in pfSense with AT&T fiber-- WAN keeps dropping offline:
@wgstarks did you ever get this resolved? I have an ATT fiber that is also dropping the connection in the early mornings. Almost every hour from 1am to 5am
No. The AT&T techs seem to be very poorly trained afa troubleshooting goes. After 3 weeks, and about a dozen service calls, I had them disconnect my service and refund the money I had paid them. I’m using Spectrum’s Gigabit plan now. Much more reliable but very expensive compared to AT&T Fiber.
-
@wgstarks sucks. I guess I will have to deal with it for now. Roughly, what's the price for the spectrum gigabit? I know they have copper 940/35 but I need up/down
-
@kabrutus said in pfSense with AT&T fiber-- WAN keeps dropping offline:
I know they have copper 940/35 but I need up/down
That’s what Spectrum is calling their gigabit plan. I know it’s not really a true gigabit connection though. For me the price is about $120 US/month and a one time $200 installation fee.
-
Too bad I didn't see this sooner. I use pfSense with ATT Fiber no issue. It took about a week in the beginning to find the right combo after being on cable but no issues in more than a year now.
-
I had this same problem with a Comcast Business connection. It appears that pfSense is very sensitive to packet loss on the WAN interface and will often issue a WAN alarm. I don't know if this is a bug or a feature, but it causes the connection to reset and I'm without internet for a couple minutes at a time. Very annoying. I solved the problem by switching to a Netgear router temporarily, and temporary became semi-permanent.
-
pfSense is only doing what it is told to do.
If you want less sensitivity to WAN alarms, increase the thresholds. If you don't want gateway monitoring at all, turn it off.
Personally, speaking for myself, I find 20% packet loss to be completely unacceptable and the circuit might as well be down.
If you only have one WAN, there is certainly no reason not to crank the thresholds up to 99 to avoid anything that might trigger a gateway event becuase with only one WAN you might as well be down. That way you keep a quality history in Status > Monitoring but don't trigger gateway events.
-
@raellic
I doubt this was the cause of my problem. The modem would reboot constantly even with gateway monitoring disabled. -
Your modem rebooting constantly is something pfSense should fix?
-
@derelict said in pfSense with AT&T fiber-- WAN keeps dropping offline:
Your modem rebooting constantly is something pfSense should fix?
No. As I posted, I don’t believe pfsense had anything to do with it.
