pfSense not recovering from WAN event

axxxxe

I have an SG-3100 with the WAN port connected to a cable modem. Every month or so I have a WAN event from which pfSense does not automatically recover and which forces me to log in to pfSense to correct. Obviously this doesn't work when I am off site, so I'm hoping to find a fix.

Here is what I see when everything is working properly:

Here is the log during the event (having stripped out a ton of arpresolve messages):

May 25 05:05:57 check_reload_status Reloading filter
May 25 05:05:57 check_reload_status updating dyndns wan
May 25 05:05:52 check_reload_status Restarting ipsec tunnels
May 25 05:05:52 php-fpm /rc.linkup: Gateway, none 'available' for inet6, use the first one configured. ''
May 25 05:04:35 php-fpm /rc.linkup: HOTPLUG: Configuring interface wan
May 25 05:04:35 php-fpm /rc.linkup: DEVD Ethernet attached event for wan
May 25 05:04:34 kernel mvneta2: link state changed to UP
May 25 05:04:34 check_reload_status Linkup starting mvneta2
May 25 05:03:56 check_reload_status Reloading filter
May 25 05:03:55 php-fpm 21418 /rc.linkup: DEVD Ethernet detached event for wan
May 25 05:03:54 check_reload_status Linkup starting mvneta2
May 25 05:03:54 kernel mvneta2: link state changed to DOWN
May 25 05:03:53 kernel arpresolve: can't allocate llinfo for 84.73.88.1 on mvneta2
.
.
.
May 25 04:54:42 kernel arpresolve: can't allocate llinfo for 84.73.88.1 on mvneta2
May 25 04:54:48 check_reload_status Reloading filter
May 25 04:54:48 check_reload_status updating dyndns wan
May 25 04:54:44 check_reload_status Restarting ipsec tunnels
May 25 04:54:44 php-fpm /rc.linkup: Gateway, none 'available' for inet6, use the first one configured. ''
May 25 04:53:29 php-fpm /rc.linkup: HOTPLUG: Configuring interface wan
May 25 04:53:29 php-fpm /rc.linkup: DEVD Ethernet attached event for wan
May 25 04:53:28 kernel mvneta2: link state changed to UP
May 25 04:53:28 check_reload_status Linkup starting mvneta2
May 25 04:53:00 php-fpm /rc.openvpn: Gateway, none 'available' for inet6, use the first one configured. ''
May 25 04:52:59 check_reload_status Reloading filter
May 25 04:52:59 check_reload_status Restarting ipsec tunnels
May 25 04:52:59 check_reload_status updating dyndns WAN_DHCP
May 25 04:52:59 rc.gateway_alarm 70646 >>> Gateway alarm: WAN_DHCP (Addr:84.73.88.1 Alarm:1 RTT:10.524ms RTTsd:6.587ms Loss:21%)
May 25 04:52:49 check_reload_status Reloading filter
May 25 04:52:48 php-fpm /rc.linkup: DEVD Ethernet detached event for wan
May 25 04:52:47 kernel mvneta2: link state changed to DOWN
May 25 04:52:47 check_reload_status Linkup starting mvneta2

After that I am left with this:

I can resolve the issue by clicking Release and then Renew.

Can anyone explain what is happening and why pfSense doesn't recover from this on its own?

Through experimentation I found that I can apparently simulate the Release/Renew steps by killing and relaunching dhclient. So a hack might be to set up a cron job to periodically do this. (I haven't tested this with an actual WAN event. I just see that killing and restarting dhclient makes the WAN status page update the way it does when I click the buttons.)

Is that a reasonable approach? Any other suggestions?

Thanks!!

Rico

Which ISP? Could be this problem:
https://forum.netgate.com/topic/112869/dhclient-on-wan-occasionally-fails-to-renew-lease-with-cable-isp
https://redmine.pfsense.org/issues/7416
https://forum.netgate.com/topic/121939/verbindungsabbr%C3%BCche (German). In this thread there is also a patched dhclient to fix this problem, but x86 only.

-Rico

axxxxe

Hmm, it's similar to those. After some more searching, it's exactly this: https://forum.netgate.com/topic/127403/auto-renew-dhcp-after-outage/31

Hoping the fix to dhclient gets implemented soon. Til then I will try the included script.

stephenw10

Ooo, that's nasty! Looks like that patch has not made it into 2.5 yet. Are you able to test a 2.5 snapshot if we can get it included?

Steve

axxxxe

Yes!