pfSense drops Internet ?

wangel

So this has happened 3 or 4 times now ... and it's driving me batty because I can't find any rhythm or reason to why or what is causing it.

Everything will be fine. Internet will be working, no issues ... then it drops off. In the past it's happened at night, but today it was in the middle of the day, so I decided to try and diagnose it.

My cable modem had not dropped .. it was still synced. I could still access pfsense, so I ssh'ed in. I tried to ping 8.8.8.8 and could not. Ping would return "Permission Denied". As shown in the follwing screen shot

So I tried to power cycle the modem, figured why not. It synced back up with no issues, but I had no WAN ip. I tried to release/renew the interface, still could not get a WAN ip. In the past, I had tried to disable and re-enable the WAN interface, but that doesn't work either.

I was forced to reboot. Reboot always seems to fix it.

I hate rebooting =( ... I'd like to figure out what is causing it ... but I don't know where to start. It's also random. It could go a month or more now and be fine --- it could go a day or so. I don't know.

Below is my NIC info;

em0: <Intel(R) PRO/1000 Network Connection 7.6.1-k> port 0xe020-0xe03f mem 0xfea80000-0xfea9ffff,0xfea60000-0xfea7ffff irq 24 at device 0.0 on pci1
em0: Using an MSI interrupt
em0: Ethernet address: 00:15:17:f1:72:f0
em0: netmap queues/slots: TX 1/1024, RX 1/1024
em1: <Intel(R) PRO/1000 Network Connection 7.6.1-k> port 0xe000-0xe01f mem 0xfea20000-0xfea3ffff,0xfea00000-0xfea1ffff irq 25 at device 0.1 on pci1
em1: Using an MSI interrupt
em1: Ethernet address: 00:15:17:f1:72:f1
em1: netmap queues/slots: TX 1/1024, RX 1/1024

I'm wondering if it's a tweakable or something I need to adjust in the advanced settings? Some table or memory that is running out ??

This is running on an hp thinclient, 8gb of RAM ...

Thanks for the help,
wangel

dragoangel

Ping would return "Permission Denied"
I know how help you. Lol

dragoangel

@wangel Answer simplest question:
Did you use 8.8.8..8 as monitoring IP for WAN?
If answer is: "YES", then: change it. Google ban icmp from time to time. I have such experience before. You can use 1.1.1.1, at least I don't have issue until with it. If you use tunnel broker you can ping your tunnel endpoint (good practice too)

wangel

@dragoangel
Thanks for that info ... but I tried pinging other ips too. I tried 1 I know I can always ping, 192.107.41.3.

I also tried 8.8.4.4.

The entire Internet drops out --- not just pinging google =(

Thanks,
wangel

dragoangel

@wangel Really strange that only reboot help. You tried reboot modem and not pfsense?

wangel

@dragoangel
Yes sir --- rebooting the modem does no good, I can't get a DHCP address =(

dragoangel

@wangel said in pfSense drops Internet ?:

@dragoangel
Yes sir --- rebooting the modem does no good, I can't get a DHCP address =(

If you connect pc straight to modem this not reproduce?
P.s. hate modems))

wangel

@dragoangel
Correct, if I connect PC straight to modem it works.

biggsy

@wangel said in pfSense drops Internet ?:

Correct, if I connect PC straight to modem it works.

Have you tried spoofing the MAC address of your PC under Interfaces > WAN > General > MAC Address?

Rico

What is your ISP and modem?

-Rico

kiokoman

and if i can ask.. do you have suricata/snort running inline mode?

wangel

@kiokoman Suricata is running, but it is running in Legacy mode.

I thought it might have something to do with Suricata also.... but I didn't see anything in the logs showing that....

wangel

@Rico ISP is Spectrum ... modem is a Surfboard 6183 or 6180, I forget which. But it's a Surfboard.

wangel

@biggsy
No, I have not tried that. I can just to see what would happen tho, heh.

chpalmer

@wangel said in pfSense drops Internet ?:

Can you please show a screenshot of this page- SystemRoutingGatewaysEdit

wangel

@chpalmer

chpalmer

Try clicking the "Disable Gateway Monitoring Action" box and see if it reoccurs. Re-enable the gateway monitoring.

You should let the monitoring happen so you can look and see later if your ISP is dropping out or not by watching the logging graphs. StatusMonitoring

wangel

@chpalmer Done.

Will monitor/report back if it happens anymore. Thank you sir!

ady2

I have similar issue (Internet stop working on all interfaces) described here: https://forum.netgate.com/topic/143661/one-interface-loses-internet-access-and-i-could-get-it-back-only-after-reboot-the-pfsense
but still no solution found

Gertjan

@ady2 said in pfSense drops Internet ?:

I have similar issue

Probably not.
@wangel didn't post back, so, fingers crossed : case closed.
The other thread is also a case closed.

Btw : problems described might match, and if so the answers in these threads contain the solutions.
If your problem is identical, the proposed solutions would also work for you.
So, what is it : the problem looks identical, but you did not apply proposed solution ? Why not ?