pfSense cannot get WAN IP after reboot
-
No wonder you got a good RTT with all these combined. So you use 1.1.1.1 as your DNS server (without DNS resolver), plus ExpressVPN? So why don't you use ExpressVPN's DNS?
-
@PzrrL
slang: T = thing
DHCP Static Mapping = useful for few devices therefore (old thing):
https://forum.netgate.com/topic/115482/frequent-unbound-restartsI am very interested in this WAN DHCP issue so i will be waiting for your results!!! (this is also an old topic, for a long time I was investigating a DOCSIS cable modem was the problem)
and this is necessary:
use the ARPWATCH package for tracking
-
@PzrrL No wonder you got a good RTT with all these combined. So you use 1.1.1.1 as your DNS server (without DNS resolver), plus ExpressVPN? So why don't you use ExpressVPN's DNS?
for greater safety:
-DNS resolv. is slightly slower via ExpVPN DNS
-and otherwise I use DoT (DNS over TLS) + DNSSEC (Unbound), this is not provided by ExpVPNthis is the configuration:
so, finally:
in principle, CloudFlare stores DNS logs for 1 day and does not analyze ...
Who knows?
Is it better, if ExpVPN to store logs? / Who knows?
so at least DoT and DNSSEC work -
@DaddyGo said in pfSense cannot get WAN IP after reboot:
I do have around 20-30 devices, so is it still a good idea to make all of the recognized devices static? Cuz I am planning on segregate IoT /Guest devices to another VLAN (not familiar with it), so I think I might possible to keep only reserved devices on LAN, and others goes to IoT VLAN.
and this is necessary:
use the ARPWATCH package for tracking
May I know where can I find this setting? And tracking of what? I know what is DHCP Static mapping, like mapping devices to my desired IP. But what about ARP?
-
@DaddyGo said in pfSense cannot get WAN IP after reboot:
this is the configuration:
Thanks for letting me know. Will try replicate it HAHA. Since my setup was up only few days ago (though I did research for months already), I am still working on it and adding more "features" on it.
And I thought people generally use DNS resolver on pfSense instead of 3rd parties.
-
@DaddyGo Great news I brought you (and to myself)! set WAN to 100baseTX full-duplex works! Thanks!!!! But what is the reason behind?
-
What I wrote above is that the different ethernet controllers (chip) (one is the modem eth. port the other is the pfSense WAN port) can't match the link speed properly, since I have seen that when it works you are on 100base, so you should be forced the WAN port not to use the Auto-negotiation.
@PzrrL PzrrL
"And I thought people generally use DNS resolver on pfSense instead of 3rd parties"with this I too have experimented a lot over the years and all my systems are built that way
so I can control everything and in the greatest security I thinkYou know (privacy is a myth):
@PzrrL
May I know where can I find this setting?
-
@DaddyGo said in pfSense cannot get WAN IP after reboot:
and this is necessary:
use the ARPWATCH package for tracking
Do you usually turn this on or off then?
-
@DaddyGo Really huge thanks to you, thank you!
-
@PzrrL Do you usually turn this on or off then?
for a static entry always on -
@daddygo I have the same problem but my pfSense is running in Proxmox. I have a 30 Mbs connexion and the only option I have in the interface config is 10baseT.
Any option ?
-
@ninthwave
Is there a way to use pastebin ?https://imgur.com/i7GsbW0
-
@ninthwave said in pfSense cannot get WAN IP after reboot:
Is there a way to use pastebin ?
If this forum complains about the URL, do the 'smart' thing :
https: slash slash pastebin dot com/cMNrLnjC
-
@gertjan Thanks. I know how to use pastebin. My problem is I cant download the log with WinSCP.
-
@ninthwave said in pfSense cannot get WAN IP after reboot:
@gertjan Thanks. I know how to use pastebin. My problem is I cant download the log with WinSCP.
Can you guys starts another new thread? This is a year old already.
