internet connection drops out multiple times a day, didn't come back on today

chuccck

I am very new to all of pfsense; followed some guides to set it all up and things were going well. But a couple times of day the whole network would drop out and come back in 5 minutes or so. Today it dropped out and never came back. My map is modem --> pfsense box --> wireless router in bridge mode. Here are my logs from when it happened? https://pastebin.com/GenC300c

Can anyone fill me in to what is happening?

JKnott

@chuccck

What's up? Is the modem working properly? When it fails, do you lose the connection completely? Can you ping the gateway? I assume fe80:2::a677:33ff:fef9:ccea is your WAN interface.

Also, you've got a lot on there that just noise at this point. Do you really need 2 VPNs and dyndns running? Concentrate on getting the connection going. Is IPv4 working?

chuccck

Thanks for the reply. I don't need any vpns! I thought I turned them off after experimenting with it. I can turn off the dynamic dns too and go back to duckdns clients.

How do I confirm the vpns are disabled?

@JKnott said in internet connection drops out multiple times a day, didn't come back on today:

@chuccck

What's up? Is the modem working properly? When it fails, do you lose the connection completely? Can you ping the gateway? I assume fe80:2::a677:33ff:fef9:ccea is your WAN interface.

Also, you've got a lot on there that just noise at this point. Do you really need 2 VPNs and dyndns running? Concentrate on getting the connection going. Is IPv4 working?

JKnott

@chuccck said in internet connection drops out multiple times a day, didn't come back on today:

How do I confirm the vpns are disabled?

I can't say about IPSec, but on the OpenVPN server page there's a check box "Disable this server" which might do the trick.

chuccck

@JKnott said in internet connection drops out multiple times a day, didn't come back on today:

@chuccck said in internet connection drops out multiple times a day, didn't come back on today:

How do I confirm the vpns are disabled?

I can't say about IPSec, but on the OpenVPN server page there's a check box "Disable this server" which might do the trick.

ok. I uninstalled some unused packages, disabled the dynamic dns, and deleted any vpn certificates or client setups . It is up and running now, but I still see open and ipsec in the logs.

JKnott

@chuccck

If the connection stays up, the problem is with one of those things. It's now a process of elimination to find out which.

chuccck

@JKnott thanks. What would be the best way to monitor it or get alerts if it drops again and I'm not on a device to notice it?

JKnott

@chuccck

When I had a similar problem several years ago, I wrote a Linux shell script that would ping my ISPs gateway every minute and log the failures. You could do the same in FreeBSD, which pfSense runs on. PfSense also has gateway monitoring, but I've never used it.

chuccck

@JKnott

alright it dropped out again. Below is the log, I set up a remote logging server and filtered out the "filterlog" category items. It looks like something with the dhcpv6 maybe? Do I even need dhcpv6? see anything else? why is there ipsec and openvpn still in there?

https://pastebin.com/2XrvvDfV

stephenw10

What sort of WAN connection do you have there?

You are seeing >20% packet loss to 8.8.8.8. That is causing dpinger to alarm, 20% is default value, triggering other services to reload. It also shows 100ms ping time which is unusually high.
If your WAN is wireless of some kind you should tune to gateway monitoring settings to match it. That probably means greater than 20% packet loss in your case.
If it's the only gateway you can also disable the monitoring action so it does not trigger service reloads but does still log data.

Steve

chuccck

@stephenw10

I'm not trying to do anything complicated. It's just a Netgear modem connected to the wan. I changed the gateway monitor to 8.8.8.8 just to set up some kind of external address for a way to monitor drop outs. Should I disable the gateway monitor?

stephenw10

I would disable the monitoring action. No need to disable the monitoring. If only as a test.

But 100ms to 8.8.8.8 implies some WAN weirdness like a WISP or similar. Is it that?

Steve

chuccck

@stephenw10 will disable the monitor. Not a wisp, just Comcast line straight to a Netgear cm500 cable mobem

stephenw10

Hmm, OK. Weirdly high ping then. Suspiciously so.

You can disable the monitor but then you'll have no monitoring data to work with. I would just disable the monitoring action.

Steve

chuccck

@stephenw10 yeah I think it's part of the dropout, I don't think it's a cause

chpalmer

Like this-

chuccck

@chpalmer wow thanks! I thought it was just the box that said monitoring. I should leave that one unchecked and check the disable monitoring action?

stephenw10

Yup. That will prevent service reloading etc but will still log monitoring data.

In very rare cases we have seen stuff objecting to the monitoring pings but you won't be hitting that on a Comcast cable connection.

Steve

chuccck

@stephenw10 thanks! Do this for both ipv4 and ipv6?

stephenw10

Yes.