WAN Gateway offline
I set up a simple LAB with a Cisco Router 1841, a Netgate XG-7100-1U, a Cisco Catalyst 3500 Switch and two laptops.
It's a very simple situation. On the Netgate I cofigured two interfaces:
WAN, with the public IP xxx.xxx.xxx.yyy given me by the ISP, the GW xxx.xxx.xxx.zzz which is the Router IP.
LAN, with a classic IP addresses class 192.168.1.0/24.
The default GW is th GW_WAN.
Every hh:28 the FW begins to loss packets and the GW_WAN goes offline. After a couple of minutes the GW_WAN come back online and everything goes well. Until the next hh:28.
I change the configuration in System/Routing/Gateways/Edit in this way:
- payload in from 0 to 1.
- Probe Interval to 1000.
- Loss interval to 4000.
- Alert interval to 4000.
I also changed the Monitor IP from black to 184.108.40.206.
But nothing solves the problems.
I also checked the router connecting directly to it, but everything is good.
I don't know how to solve this problem. I know that is certainly something in the FW configuration but every change I made did not solve the issue.
- I changed the payload in System/Routing/Gateways/Edit from 0 to 1.
Have you checked the Logs? Like
Status > System Logs > System > Gateways
Here it is an extract:
May 22 17:33:25 dpinger GW_WAN 220.127.116.11: Clear latency 14936us stddev 136us loss 0%
May 22 17:28:13 dpinger GW_WAN 18.104.22.168: Alarm latency 14958us stddev 167us loss 25%
May 22 17:19:34 dpinger send_interval 1000ms loss_interval 4000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 4000ms latency_alarm 500ms loss_alarm 20% dest_addr 22.214.171.124 bind_addr XXX.XXX.XXX.XXX identifier "GW_WAN "
May 22 17:00:10 dpinger send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 126.96.36.199 bind_addr XXX.XXX.XXX.XXX identifier "GW_WAN "
May 22 16:33:09 dpinger GW_WAN XXX.XXX.XXX.XXX: Clear latency 740us stddev 126us loss 5%
May 22 16:28:10 dpinger GW_WAN XXX.XXX.XXX.XXX: Alarm latency 723us stddev 59us loss 22%
Do you have pfSense v2.4.5? Is something scheduled to run at that time, like a pfBlocker or other package update? There are known issues in 2.4.5's version of FreeBSD with large tables. If that's what you've got try disabling the IPv6 bogon block (suggested in various posts since the 2.4.5 release).
Yes, I have the 2.4.5 but I had the same problem with the previous 2.4.4. Infact I made the upgrade hoping this would solve the issue.
Now I've read that pfSense will release the 2.4.5_1 that will solve some issues including this.
I will let you know.
I made another test. I configured another lab with these appliances:
FastGate Router -> Netgate SG-1100 (PfSense) -> Netgear Switch -> Laptops
Everything is going OK. No offline WAN_GW.
So, I'm thinking that the problem is Cisco Router.