502 bad gateway



  • Hi, first commit here.
    Once a day, pfSense crash with error 502 bad gateway. Got massive subjects with googling that. None of answer work. You're my last chance.
    My setup :

    • pfSense 2.4.3-RELEASE-p1
    • i3-4030
    • 4GB RAM
    • 4 NIC (one wan, one lan with wifi router, 2 disabled)

    What I use/install from a fresh install (dit it 3-4 times) :

    What I do when it crash :

    • SSH + option 16 => not working
    • reboot => working

    Thanks



  • this is my system.log while it's crashing

    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    [...]
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    Sep  3 19:13:44 pfSense check_reload_status: Could not connect to /var/run/php-fpm.socket
    

    x 5000
    I saved log directory so if you need more log tell me. But please help I'm loosing trust about pfSense...



  • this morning

    Sep 4 05:01:03	check_reload_status		rc.newwanip starting igb0.832
    Sep 4 05:00:50	check_reload_status		Linkup starting igb0.832
    Sep 4 05:00:50	check_reload_status		Linkup starting igb0
    Sep 4 05:00:50	kernel		igb0.832: link state changed to UP
    Sep 4 05:00:50	kernel		igb0: link state changed to UP
    Sep 4 05:00:45	check_reload_status		Linkup starting igb0.832
    Sep 4 05:00:45	check_reload_status		Linkup starting igb0
    Sep 4 05:00:45	kernel		igb0.832: link state changed to DOWN
    Sep 4 05:00:45	kernel		igb0: link state changed to DOWN
    Sep 4 05:00:42	check_reload_status		Linkup starting igb0.832
    Sep 4 05:00:42	check_reload_status		Linkup starting igb0
    Sep 4 05:00:42	kernel		igb0.832: link state changed to UP
    Sep 4 05:00:42	kernel		igb0: link state changed to UP
    Sep 4 05:00:38	check_reload_status		Linkup starting igb0.832
    Sep 4 05:00:38	check_reload_status		Linkup starting igb0
    Sep 4 05:00:38	kernel		igb0.832: link state changed to DOWN
    Sep 4 05:00:38	kernel		igb0: link state changed to DOWN
    Sep 4 05:00:38	check_reload_status		Linkup starting igb0.832
    Sep 4 05:00:38	check_reload_status		Linkup starting igb0
    Sep 4 05:00:38	kernel		igb0.832: link state changed to UP
    Sep 4 05:00:38	kernel		igb0: link state changed to UP
    Sep 4 05:00:34	check_reload_status		Linkup starting igb0.832
    Sep 4 05:00:34	check_reload_status		Linkup starting igb0
    Sep 4 05:00:34	check_reload_status		Linkup starting igb0.832
    Sep 4 05:00:34	check_reload_status		Linkup starting igb0
    Sep 4 05:00:34	kernel		igb0.832: link state changed to DOWN
    Sep 4 05:00:34	kernel		igb0: link state changed to DOWN
    Sep 4 05:00:34	kernel		igb0.832: link state changed to UP
    Sep 4 05:00:34	kernel		igb0: link state changed to UP
    Sep 4 05:00:30	check_reload_status		Linkup starting igb0.832
    Sep 4 05:00:30	check_reload_status		Linkup starting igb0
    Sep 4 05:00:30	kernel		igb0.832: link state changed to DOWN
    Sep 4 05:00:30	kernel		igb0: link state changed to DOWN
    Sep 4 05:00:24	check_reload_status		Linkup starting igb0.832
    Sep 4 05:00:24	check_reload_status		Linkup starting igb0
    

    I have fiber and got no prob with ISP box. I'm using same cable.
    I had to reload PHP-FPM.



  • New update.
    I captured in live the up and down of pfSense.

    clog -f /var/log/dhcpd.log > dhcpd.log
    clog -f /var/log/system.log > system.log
    0_1536087081944_log.zip

    The only way to have a decent WAN for hours is hard reboot.

    Thanks



  • I switch to OPNsense because dhclient is native for my configuration : https://docs.opnsense.org/manual/how-tos/orange_fr_fttp.html
    No down interface since 1 week, the logs are clean.



  • Hi,

    @oasis_ck said in 502 bad gateway:

    Change the binary dhclient for the WAN (https://lafibre.info/remplacer-livebox/probleme-pour-remplacer-une-livebox-4-par-un-routeur-pfsense/)

    This link talks about modifying programs. What did you download ?
    These programs would run on FreeBSD 10 ? 32 bits ?
    Now you are using 64 bits - FreeBSD 11.x

    What I want to say : you can't mix 32 and 64 bits programs, neither when the are compliked against another OS (OS libs/headers).

    Did you take all this in account ?



  • Hi @Gertjan , thanks for your interest
    Yep I take all this in account and, by the way, I also tried with dhclient binary from OPNsense to pfsense and it's exactly the same behavior.
    Finally, OPNsense is like pfsense for my issue...
    I plug the ISP box on the WAN interface (OPNsense now) and no log out since 2 weeks.
    But I don't like that (more wires, more stuff) and I really want to use pfsense/opnsense directly to WAN.

    I restart from the beginning :
    now, if I use modifying binary or opnsense native binary, I have a WAN access with random log out and 2 erros in my logs when I catch an IP :

    Sep 22 12:21:50 OPNsense dhclient[27297]: unknown dhcp option value 0x5a
    Sep 22 12:21:50 OPNsense dhclient[27297]: unknown dhcp option value 0x78
    

    What thoses errors are related to dhcp option ?



  • @oasis_ck said in 502 bad gateway:

    Hi @Gertjan , thanks for your interest
    Yep I take all this in account and, by the way, I also tried with dhclient binary from OPNsense to pfsense and it's exactly the same behavior.
    Finally, OPNsense is like pfsense for my issue...
    I plug the ISP box on the WAN interface (OPNsense now) and no log out since 2 weeks.
    But I don't like that (more wires, more stuff) and I really want to use pfsense/opnsense directly to WAN.

    I restart from the beginning :
    now, if I use modifying binary or opnsense native binary, I have a WAN access with random log out and 2 erros in my logs when I catch an IP :

    Sep 22 12:21:50 OPNsense dhclient[27297]: unknown dhcp option value 0x5a
    Sep 22 12:21:50 OPNsense dhclient[27297]: unknown dhcp option value 0x78
    

    What thoses errors are related to dhcp option ?

    I tried this : https://www.google.com/search?q=DHCP+option+0x5a&ie=utf-8&oe=utf-8&client=firefox-b

    Le "0x5a" : https://lafibre.info/remplacer-livebox/cacking-nouveau-systeme-de-generation-de-loption-90-dhcp/48/

    Etc.

    What I make from it :
    France ;)
    ISP == Orange.
    You are trying to replace your Livebox ....
    (am I still right ? ;))

    Their are many forums (France) with threads that discuss the subject : ditch the Livebox ^^



  • Yeah, you're right
    I followed many thread before posting here. Most of thread are dated from 2016 and some guys running my issue. They resolved it by repluging this f#!* livebox and maybe the others don't care about random disconnection.

    I'm really motivate to resolve this. I attach my full dhclient log (clog /var/log/dhcpd.log | grep dhclient). As you can see, the longuest disconnection is 26 sept. I replugged my box in the evening.
    dhclient.zip