Frequent Gateway Alarms and WAN Interface Reset



  • Hi All,

    I'm a pfSense noob, so please bear with me.

    A month ago I made the move from a consumer grade router to pfSense on an HP T620 Plus thin client (quad core, 8GB RAM, quad GbE NICs). I performed a clean install of pfS v2.4.4-RELEASE-p3, and for now it's a pretty vanilla config with one WAN and one LAN, and no VLANs, VPN, tunneling, or other "advanced" configs or rules yet. I've never seen the CPU, memory, or disk exceed 25% usage, and they're typically under 10%.

    I'm experiencing frequent Gateway Alarms and consequent resets as demonstrated in the log excerpt below. Sometimes they are every few hours, but at times they can become almost non-stop and make internet access completely unusable. I have an asymmetrical cable connection (100/10) with a dynamic address, and most reports of similar cases seem to point to buffer bloat, so I tried enabling traffic shaping (PRIQ) using the wizard, but it did not improve the situation. I reduced the bandwidth limits all the way down to 50% of typical throughput, but still experience the errors. Swapping my consumer router back in eliminates the resets.

    Also, since installing pfS, I cannot access speedtest.net, and receive the following error: "Latency Test Error
    Could not connect to the test server. A firewall could be blocking the connection or the server might be having some issues. Please try again later." This error occurs even when I have external access and am not currently in the midst of an alarm reset. Does that provide a clue?

    I realize that the root problem is likely due to the packet loss from the ISP and not pfSense, but the reset (which is probably a good thing at times) is killing me in this instance. Is there another way to disable that feature or prevent the continual restart of the interface? Any other suggestions on how to make the connection more stable? It took me over 30 minutes just to create this post because every time I try to submit the form it triggers a reset.

    Thanks in advance!

    Jun 25 11:58:21 	rc.gateway_alarm 	19923 	>>> Gateway alarm: WAN_DHCP (Addr:72.188.XXX.XXX Alarm:1 RTT:2358.525ms RTTsd:1295.952ms Loss:21%)
    Jun 25 11:58:21 	check_reload_status 		updating dyndns WAN_DHCP
    Jun 25 11:58:21 	check_reload_status 		Restarting ipsec tunnels
    Jun 25 11:58:21 	check_reload_status 		Restarting OpenVPN tunnels/interfaces
    Jun 25 11:58:21 	check_reload_status 		Reloading filter
    Jun 25 11:58:22 	php-fpm 	47790 	/rc.openvpn: Gateway, none 'available' for inet, use the first one configured. 'WAN_DHCP'
    Jun 25 11:58:22 	php-fpm 	47790 	/rc.openvpn: Gateway, none 'available' for inet6, use the first one configured.
    

Log in to reply