Pfsense stopped allowing traffic after a vMotion. It seemed "hung".



  • Pfsense stopped allowing traffic through after a vMotion.

    • We know that, the VM hosting pfsense came up after vMotion.
    • but the VMs behind it were not accessible as if pfsense was "hung",
      (hung in the sense that it was not responding to pings and not allowing traffic initated from the WAN side).
    • pfsense version is v2.4.3 on FreeBSD 11.1

    1- Has anyone seen this type of "pfsense hung" behavior after a vMotion?

    2- What may be the root cause of the problem?

    3- Which logs would have helped troubleshoot such and issue? The logs are not available any longer :-(

    4- What monitoring capabilities/tools can be used to detect this type of failure, in case it happens again?

    Thanks,



  • I've seen Windows VMs do this on rare occasion. I don't vMotion my instance very much but it's never hung when I did. Also, there is a big difference between not passing traffic and being 'hung' in that even the console doesn't respond. Unless it's happening with some regularity, I would just assume it was a glitch and forget it.



  • @kom

    What we were told is that, pfsense was not responding to ping and was not allowing traffic to pass.
    We don't have information on whether or not its console was responding.

    Normal operation was restored after a forced restart of the VM that is hosting the pfSense.
    This suggests the culprit is likely to be FreeBSD or pfsense.

    We are looking for the root cause and the fix, for at least to be better prepared if/when the "glitch" happens again.
    Additional questions about the logs and monitoring are for that purpose as well.

    Thanks,



  • Perhaps you might benefit from running two instance in pfSense HA mode, or using VMware HA.


Log in to reply