22.214.171.124 -> WAN stops working periodically
About once a day all outbound connections stop working since I moved to 3.0.0.x. on pfsense 2.4.5p1. After a bit of trial and error I realized that a quick restart of pfsense fixes it immediately.
- pfblockerNG -> general -> General Settings -> pfblockerNG -> "enable" set to off then on
I looked at error.log and pfblockerng.log and did not see any problems.
Has anyone else run into this? Any suggestions what I can test or log next time this happens? Thanks!
Gertjan last edited by
Leave pfblockerNG activated and de activate / remove (!) all your feeds. This is situation when you installed it. It does nothing. pfblockerNG without feeds is just one big no-op.
The pfblockerNG logs are useful when you detect that sites or other destinations are blocked that you need. Check the FirewallpfBlockerNG > Alerts page, see the Alerts and DNSBL lists.
If the entire WAN goes away, see the general system log, Status> System Logs > System > General and this one Status > System Logs >System > DNS Resolver and check if unbound is starting often.
Monitoring info here : Status > Monitoring, check Quality on interface WAN : any packer losses ?
Are you using the default 'unbound' mode or the new python mode ?
Well, it sounds like you can log into the PFSense GUI, so I would go to Diagnostics and do a DNS lookup and a PING from there to see if PFSense is having a DNS issue or what. Would also go to the main Dashboard and just see if you have a WAN IP (probability do). From there, it would be a good idea as mentioned already above by Gertjan, to check unbound. Is PFBlockerNG in Python mode?
I am still on standard unbound mode (no python) since I like to have the Resolver DHCP Registration feature enabled. Thanks to both of you for the info, I will reply back if/when it happens again and which steps yielded info.
RonpfS last edited by RonpfS
since I like to have the Resolver DHCP Registration feature enabled.
Use Static DHCP only, DHCP Registration restart unbound at every new lease and that will cause DNS service disruptions and problems when new leases are issued at a faster rate than Unbound restart time.
@ronpfs Interesting point. This is on a small home network (<100 devices) and almost every device has a static IP so unless a device is misbehaving that seems less likely. Would there be any evidence in the logs if I run into that situation?
RonpfS last edited by RonpfS
You will see timestamps in DHCP log that matches Unbound restart in Resolver log.
For more : https://forum.netgate.com/search?term=DHCP%20Registration&in=posts&matchWords=all&categories=62&sortBy=timestamp&sortDirection=desc&showAs=posts
@im_not_a_robot I believe I am having the same issue. Internet traffic just stops, as we are all WFH at the moment I have had to disable it completely, but will try to collect more information on the weekend.
- an unplanned reboot happening about once a week
- pfblockerng or unbound does not start up correctly upon restart
#2 is fixed by re-starting pfblockerng but #1 will need more digging. It's easy to see if this is happening by checking NTP logs (search for "Starting") or system logs.
The reboot is interesting. In all three cases LAN was fine, WAN was knocked out by the restart, CPU temps are very good, and in at least two of the cases I was making network adjustments through the unifi UI for my access points at the time that things went down. Possibly coincidence.