Odd behaviour!
-
Not sure if this is the right section (admin please feel free to move if wrong)
I've got a fairly basic set up..... Virgin superhub3 in modem mode plugged into Netgear jgs524e.
Thin client running full fat pfsense 2.4 plugged into Netgear jgs524
Vlan set up on these 2 ports (as thin client only has single nice)
Everything else plugged into Netgear jgs524 normally.....
Now onto the issue, everything has been running issue free for 3 days....Then out of the blue my android TV box could no longer connect to virgin-tv-go (can login and view program guide but no live TV of box sets.
My phone worked fine via WiFi. My pc also failed to connect to virgin-tv-go.virginmedia.comMy wife's phone stopped loading eBay via WiFi (mine still worked, as did my pc) both work via 4g
My phone could no longer load virgin media's home page via wifi (wife's could but was slugish) android TV box also failed to load the virgin home page. My pc could load it but was about sluggish. Phones loaded via 4g no problem and almost instantly.
Wife's phone will not load amazon.co.uk but will load .com via WiFi (mine loaded both as did my pc) both work via 4g
Wife had issues loading several sites like the daily mirror via WiFi.my phone and pc worked fine.
The pfsense rules are all standard out of the box configuration so to speak.
Rebooting pfsense made no difference. Nither did a superhub3 reboot.
Tried using Google's DNS servers (8.8.8.8 & 8.8.4.4) instead of virgin provided 194.something, made no difference.
Device reboots made no difference either.
I've taken pfsense out of the loop and put superhub3 back into standard mode (as I needed it's DHCP server) and all the above issues have vanished.Pfsense showed no errors that I'm aware of, but I'm still learning how to use it.
Has anyone had any similar issues with pfsense blocking similar services?My first thought was "it can't be pfsense" as it's not blocking those services/websites on all devices.
But having taken pfsense out of the loop I'm beginning to believe it is pfsense's fault (there is also the chance resetting the superhub3 back into normal mode may have fixed things?)
If it makes any difference my pfsense thin client hardware is a "10zig 58**" Intel atom d2550 2gb ram 16gb SSD. Installed pfsense 64bit full version (not the lighter embedded version) via USB stick and have used all default settings (apart from the vlan)
I did try with the dreaded usb-ethernet nice and it worked fine but limited me to about 60mbps download (paying for 200mb from virginmedia) so ditched it and used a vlan. No space for another internal nice and 1gb Ethernet connection vlan'd wasn't going to be slowing me down -
https://www.netgate.com/docs/pfsense/routing/connectivity-troubleshooting.html
https://www.netgate.com/docs/pfsense/routing/unable-to-access-some-websites.html -
I've tried quite a few of these but some others in there I'll try tonight.
I've just found out when eBay would not work on wife's phone via WiFi.... The eBay app would load but wouldn't load the sujested items page but searching for stuff and her watched list actually loaded :/
The thing that's bugging me from a fault diagnosis point is everything was working for 3 days then started with these issues with no changes to pfsense or network set up -
If thats a cable modem I bet its a Puma 6 equipped model being a Virgin Superhub 3 en all... Reason I state that is that Puma 6 modems can have issues with UDP connections which DNS queries are..
But- Look at Status / Services on your box and see if everything is running.
-
@chpalmer yes i think the "SuperHub3" does indeed have the intel Puma 6 chip-set which has known issues.
i will be putting the PFsense box back into the loop tonight and running some more tests.the bit that really annoys me is that there is no consistency, some websites would not load on some devices but would work no problems on others.
ill report back with anything i can find during tonight's testing. fingers crossed
-
@chpalmer ![alt text]
not sure what services should be running but this is the page, everything seems to be running ok? -
@grimson just booted up my pfsense machine, put superhub back into modem mode, and plugged it all back as origionally. and ive hit the same issues
ive run through both of those links and cant find anything out of the ordinary. -
i cant see anything out of the ordinary in the firewall logs when trying to access ebay/virgintvgo/websites that wont load.
im beginning to wonder if this is even a pfsense issue? surely if something was being blocked it should be blocked on all devices?
is there any logs or screenshots i can post up that would help rule anything out??
-
This may seem like a bizarre request, but would you please check and report the MTU of your WAN interface? If your WAN MTU is 576 it would explain the odd behavior you describe. There is a fix in the install guide for 2.4.4.
-
@bfeitell both wan and Lan are saying MTU 1500
They are both via the same NIC vlan'd as I've only got 1 NIC with no room for expansion (thin client) -
Which thinclient? Is there room for a half card?
-
@chpalmer it's a "10zig" 58xx model.
I have got several usb to ethernet adapters (please don't shoot me) I did have great success with one.... But it was limiting my download to 60mbps so I went for vlan's
My only other option is to get a mini pcie ethernet card (one with a small board and cable leading to rj45 port on another small board and try to butcher the case. Don't want to go down that route really.
Vlan's should work fine. My internet is only 200/12mbps down/up so shouldn't be limited but a vlan.... Speed tests all indicate I'm getting 200-220 down and 12-13up.
It's just a few pesky issues :( -
@noob said in Odd behaviour!:
10zig" 58xx
This guy? https://www.parkytowers.me.uk/thin/10zig/58xx/index.shtml
Try this program.. https://www.grc.com/dns/benchmark.htm
-
@chpalmer that's the puppy! Was a 99p bargain on eBay. Was planning on using it for the kids of CCTV station. But I'm still saving up for the HIKvision IP cameras and the kids well they are not allowed in my office so screw em lol
I'll try that DNS tester. Any results I should be looking out for or will they jump out at me if there is an issue? -
Maybe a mini pci to ethernet solution??
https://www.youtube.com/watch?time_continue=16&v=HtxXaZrcB58
The dns program will show if your DNS queries are having issues. Ill see if I can find some documentation on what to look for..
Triggering snowflakes one by one..
-
https://www.dslreports.com/forum/r31122876-
-
from what i can make out.... DNS tester above results..
the bad:
System has only ONE (router based) nameserver configured.
the good:
System's sole nameserver is alive and replying to queries.
System nameserver is faster than ALL public alternatives.
This system's nameserver is 100% reliable.
This system nameserver returns errors.
System nameserver is replying to all query types.just for giggles i did the DNS "spoofability" test too:
Anti-Spoofing Safety: Excellent
External Ping: ignored (Nice, as it's preferable for it to be less visible.)
External Query: ignored (This means the nameserver is more spoof resistant.)
DNSSEC Security: supported (This server supports improved security standards.)
Alphabetic Case: all lower (An improvement could be created by mixing case.)
Extra Anti-Spoofing: unknown (Unable to obtain server fingerprint.)the only thing i can see thats wrong is the DNS benchmark tester only round 192.168.1.1 (my pfsence lan ip, default setting) as my only dns resolver..... but in pfsense it has automatically added
127.0.0.1(for loop back?)
194.168.4.100
194.168.8.100
these 2 194 addresses are NTL/Virgin Media's DNS servers -
@chpalmer as i am behind pfsense its showing uncached as 100% where as from that link above should ready 91-99% as the VM hub has a puma chipset.
other than that it all looks fine to me :/
I'm not convinced paying £30+ for a mini pcie to ethernet adapter is going to fix this issue.... Vlan's should work
-
having looked through millions of google/forum pages i came across on that wanted to look at this graph
ive not experienced any outages and everything seems to load so im not really sure how to take this info, any ideas?when i try to upload image like i did yestoday i get "Something went wrong while parsing server response"
-
anyone got any further ideas??
as soon as i take the PFsense box out of the loop everything works fine with no issues. put PFsense back in and i get the same issues,
is there any "logging" i can turn on or post that would help with a diagnosis? -
Bump
