Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Losing connection to pfsense/internet randomly

    Scheduled Pinned Locked Moved General pfSense Questions
    9 Posts 3 Posters 861 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      ravadon95
      last edited by

      Hello, im running pfsense on an old computer with SG200-50P 50-Port Gigabit PoE Smart Switch and 2 wan connections

      Here is how everything is connected

      2 Internet connection from the same isp(2 separate modem/router combo > pfsense running on desktop computer > cisco switch > my computer and 6 more computers

      the problem im having is when im playing games or browsing the internet i lose connection for like 5 seconds, i always have cmd up pinging 8.8.8.8, when i lose connection i get General failure and sometimes request timed out at cmd

      Thats happens to computers connected on WAN2 only, WAN1 doesnt lose connection ,just have lags(high latency) but not so common

      Computers connected directly to WAN2 without pfsense or cisco in between had problems with losing internet connection in the past, not sure if it happens now

      But the weird thing is, if WAN2 modem/router is causing this, i should be able to access pfsense webpage when it happens but for some reason i can't access it untill the connection is back

      Atm im waiting for it to happen again to see if i also lose connection to cisco switch

      Meanwhile, could someone point out where the problem could be?

      Thanks

      1 Reply Last reply Reply Quote 0
      • sherpagoodnessS
        sherpagoodness
        last edited by

        post your logs, i bet the modem/router combo is keeping logs too, what does that indicate?

        what kind of nics is the 'old computer' using?

        disable gateway monitoring action under system>routing see if that makes any difference in your situation

        1 Reply Last reply Reply Quote 0
        • R
          ravadon95
          last edited by stephenw10

          Not sure where the modem/router combo logs are, i dont think it actually has one, im using ZXHN H108N

          for nics if i understand ur question, im using TP-link gigabit pci express

          i couldnt find gateway monitoring option under system > routing, if u mean in System > Routing > Gateways > WAN2 > Monitor IP, i left it empty

          In Status > System Logs > System > General

          It keeps saying the following over and over

          Gateway alarm: WAN2_DHCP (Addr:192.168.4.1 Alarm:1 RTT:24.441ms RTTsd:50.345ms Loss:11%)
          
          /rc.filter_configure_sync: The command '/sbin/ipfw /tmp/rules.limiter' returned exit code '65', the output was 'Line 94: bandwidth too large'
          
          Reloading filter
          
          Restarting OpenVPN tunnels/interfaces
          
          Restarting ipsec tunnels
          
          updating dyndns WAN2_DHCP
          
          Gateway alarm: WAN2_DHCP (Addr:192.168.4.1 Alarm:0 RTT:24.996ms RTTsd:49.011ms Loss:6%)
          
          /rc.filter_configure_sync: The command '/sbin/ipfw /tmp/rules.limiter' returned exit code '65', the output was 'Line 94: bandwidth too large'
          
          /rc.filter_configure_sync: MONITOR: WAN2_DHCP is down, omitting from routing group LoadBalance 192.168.4.1|192.168.4.2|WAN2_DHCP|29.992ms|57.18ms|12%|down
          
          /rc.dyndns.update: 17351MONITOR: WAN_DHCP is available now, adding to routing group LoadBalance 192.168.3.1|192.168.3.100|WAN_DHCP|0.8ms|0.118ms|0.0%|none
          
          Reloading filter
          
          Restarting OpenVPN tunnels/interfaces
          
          Restarting ipsec tunnels
          
          updating dyndns WAN2_DHCP
          

          Whats openvpn? im not using a vpn nor i did configure one in pfsense

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            So your WAN2 connection is very lossy. You should fix that.

            Are all your clients being routed via the load-balance gateway group? Or is it set as the default gateway? (that would be invalid).

            For NICs the question really was what driver are they using. So like em0, em1 or maybe re0 re1 etc.

            Steve

            1 Reply Last reply Reply Quote 0
            • R
              ravadon95
              last edited by

              I have rule for each client, each client is routed either via wan1 or wan2, not using the load balance gateway group atm

              For nic, WAN2 at re0 WAN1 at re1 and LAN at re2

              WAN2 is lossy at the modem/router or at pfsense?

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                It's hard to say because you're monitoring 192.168.4.1 which I assume is the local modem. It would be better to set an external monitoring IP to ping against. That said I would not expect to see any packet loss against a local device.

                Line 94: bandwidth too large this indicates a problem with your Limiter setup. Check line 94 in /tmp/rules.limiter.

                Realtek NICs do not enjoy a good reputation. You might consider changing them if you can.

                Steve

                1 Reply Last reply Reply Quote 0
                • R
                  ravadon95
                  last edited by

                  Yes 192.168.4.1 is local modem, should i put 8.8.8.8 in monitor ip?

                  Realtek is the only nics i could find, i'll see if i can find another later

                  I dont know where to look for line 94, dont know where is /tmp/rules.limiter.

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by stephenw10

                    Yes it's better to monitor an external IP like 8.8.8.8. But don't use that if you already have it as a DNS server.

                    You can open it in Diag > Edit File.

                    You could also just check your Limiter setup as it clearly has something misconfigured. Post screenshots we can review.

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • R
                      ravadon95
                      last edited by

                      I had a large Net limit rule in firewall, ive deleted it, but i wasnt using it for anything

                      Thank you for your time steve

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.