Pfense Internet stop working. Only works after reboot
-
Hello,
I installed and configured my pfense on this old PC:Intel(R) Core(TM) i5-7300U CPU @ 2.60GHz
Current: 2500 MHz, Max: 2601 MHz
4 CPUs: 1 package(s) x 2 core(s) x 2 hardware threads
AES-NI CPU Crypto: Yes (inactive)Everything works fine, but the online problem is that my pfsense loses internet connection after a couple of hours. I have to reboot the device, in order for it to works. Every morning I have to connect to the server and reboot the pfsense with F5 and Yes, then it work.
Can someone help? I am a newbie in pfsense family, so I will really appreciate your help. -
@bangui91
First thing is to check the system log for hints on what's going wrong. -
In that sort of time spam my first suspect would be a bad default gateway.
If you have multiple gateways defined on the system and your WAN can sometimes drop out the system may switch to an internal gateway as the default route which obviously breaks things.
In System > Routing > Gateways. Make sure the WAN is set as the default gateway and not automatic.Steve
-
@bangui91 said in screeshot of my default getway:
Re : Pfense Internet stop working. Only works after reboot
here is the image of the geteway.
For the logs there is nothing.Ok, so it's set to Auto. How many gateways do you have defined?
If it's more than 1 you should set the default IPv4 gateway to be the WAN.
Steve
-
Aug 25 11:13:55 kernel ahci0: <Intel Sunrise Point-LP AHCI SATA controller> port 0xf090-0xf097,0xf080-0xf083,0xf060-0xf07f mem 0xdf048000-0xdf049fff,0xdf04c000-0xdf04c0ff,0xdf04b000-0xdf04b7ff at device 23.0 on pci0 Aug 25 11:13:55 kernel ahci0: AHCI v1.31 with 2 6Gbps ports, Port Multiplier not supported Aug 25 11:13:55 kernel ahcich0: <AHCI channel> at channel 0 on ahci0 Aug 25 11:13:55 kernel ahcich2: <AHCI channel> at channel 2 on ahci0 Aug 25 11:13:55 kernel isab0: <PCI-ISA bridge> at device 31.0 on pci0 Aug 25 11:13:55 kernel isa0: <ISA bus> on isab0 Aug 25 11:13:55 kernel pci0: <memory> at device 31.2 (no driver attached) Aug 25 11:13:55 kernel hdac0: <Intel Kaby Lake-LP HDA Controller> mem 0xdf040000-0xdf043fff,0xdf020000-0xdf02ffff at device 31.3 on pci0 Aug 25 11:13:55 kernel em0: <Intel(R) PRO/1000 Network Connection> mem 0xdf000000-0xdf01ffff at device 31.6 on pci0 Aug 25 11:13:55 kernel em0: Using 1024 TX descriptors and 1024 RX descriptors Aug 25 11:13:55 kernel em0: Using an MSI interrupt Aug 25 11:13:55 kernel em0: Ethernet address: 54:b2:03:16:c6:3e Aug 25 11:13:55 kernel em0: netmap queues/slots: TX 1/1024, RX 1/1024 Aug 25 11:13:55 kernel acpi_button0: <Sleep Button> on acpi0 Aug 25 11:13:55 kernel acpi_button1: <Power Button> on acpi0 Aug 25 11:13:55 kernel acpi_tz0: <Thermal Zone> on acpi0 Aug 25 11:13:55 kernel acpi_tz1: <Thermal Zone> on acpi0 Aug 25 11:13:55 kernel uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 Aug 25 11:13:55 kernel acpi_tz2: <Thermal Zone> on acpi0 Aug 25 11:13:55 kernel acpi_tz2: _HOT value is absurd, ignored (-73.1C) Aug 25 11:13:55 kernel est0: <Enhanced SpeedStep Frequency Control> on cpu0 Aug 25 11:13:55 kernel Timecounters tick every 1.000 msec Aug 25 11:13:55 kernel acpi_tz2: _TMP value is absurd, ignored (-273.1C) Aug 25 11:13:55 kernel hdacc0: <Intel Kaby Lake HDA CODEC> at cad 2 on hdac0 Aug 25 11:13:55 kernel hdaa0: <Intel Kaby Lake Audio Function Group> at nid 1 on hdacc0 Aug 25 11:13:55 kernel pcm0: <Intel Kaby Lake (HDMI/DP 8ch)> at nid 3 on hdaa0 Aug 25 11:13:55 kernel Trying to mount root from ufs:/dev/gptid/710011c6-f940-11eb-9e61-54b20316c63e [rw,noatime]... Aug 25 11:13:55 kernel Root mount waiting for: usbus0 CAM Aug 25 11:13:55 kernel ugen0.1: <0x8086 XHCI root HUB> at usbus0 Aug 25 11:13:55 kernel uhub0: <0x8086 XHCI root HUB, class 9/0, rev 3.00/1.00, addr 1> on usbus0 Aug 25 11:13:55 kernel uhub0: 18 ports with 18 removable, self powered Aug 25 11:13:55 kernel Root mount waiting for: usbus0 CAM Aug 25 11:13:55 kernel ugen0.2: <Logitech USB Optical Mouse> at usbus0 Aug 25 11:13:55 kernel Root mount waiting for: usbus0 CAM -
That all looks normal.
How many IPv4 gateways do you have defined in System > Routing > Gateways?
If there is more than 1 make sure the default is set to the WAN gateway.
Steve
-
@stephenw10
I am using orange Livebox as my internet provider, then pfsense router after that I have my TPlink router connect to lan line.
If you don't my I can give you my anydesk so you can remote connect to my pc -
I'm sorry I can't do that currently.
Go to Status > Gateways.
How many gateways are shown? Can we see a screenshot?Steve
-
here is what I can see :
Aug 25 20:15:36 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:36 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:37 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:37 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:38 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:38 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:39 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:39 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:40 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:40 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:41 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:41 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:42 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:42 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:43 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:43 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:44 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:45 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:45 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:46 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:46 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65
Aug 25 20:15:47 dpinger 39071 WAN_DHCP 192.168.254.130: sendto error: 65 -
Aug 25 20:20:03 dpinger 52155 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 192.168.254.130 bind_addr 192.168.254.13 identifier "WAN_DHCP "
Aug 25 23:56:17 dpinger 91512 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 192.168.254.130 bind_addr 192.168.254.13 identifier "WAN_DHCP "
Aug 25 23:56:19 dpinger 21129 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 192.168.254.130 bind_addr 192.168.254.13 identifier "WAN_DHCP "
Aug 26 00:03:31 dpinger 1574 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 192.168.254.130 bind_addr 192.168.254.13 identifier "WAN_DHCP " -
-
So just one gateway then.
That error indicates the host (the gateway here) is unreachable:
https://docs.netgate.com/pfsense/en/latest/troubleshooting/gateway-errors.html#sendto-error-65That should never happen since the gateway is in the same subnet as the WAN interface.
So it may have lost its IP? Or maybe you have another device handing out dhcp leases?You probably need to wait until it's broken and then check the WAN interface status and the ARP table.
Steve
-
there is any fix for that?
-
We need to know what the problem is before trying to fix it.
Check the WAN interface status when it fails. Check the ARP table. Check the system log.
Steve
-
@bangui91 said in Pfense Internet stop working. Only works after reboot:
WAN_DHCP 192.168.254.130: sendto error: 65
Hummm.
A Livebox from Orange. That's what i'm using also, here @work.
These boxes have a default LAN I of 192.168.1.1 using 192.1681.1.0/24 as their LAN network.I changed it LAN network to 192.168.10.0/24 as I didn't want the change the default LAN I had before (in my company).
This way : nothing (literally) is needed to make pfSense work : it 's plug and play.
My pfSense gets an IP from the Livebox, just like any other network device.
This :
@bangui91 said in Pfense Internet stop working. Only works after reboot:
dpinger 52155 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 192.168.254.130 bind_addr 192.168.254.13 identifier "WAN_DHCP "
Who is this "192.168.254.13" ???
Don't tell my it's the IP of your Livebox ....Btw : The IP to pinged shouldn't even be the IP of your LIvebox. You should puck an IPv4 somewhat further upstream. You can find in the Livebox the gateway it uses, you could use that one for dpinger. Right now your testing the cable between your pfSEnse and the Livebox.
I advise you to shut down the IPv6 part of pfSense. The IPv6 network capabilitiesyour Livebox (Orange) is offering is totally useless for you.
Ditch the TPLink.
Managing a router-after-router-after-router is .... is most probably not what you want.- You use pfSense because its your choice.
- The Livebox because this @=&é*$ Orange obliges us to do so, as I'm using proprietary VDSL right now myself, fibre coming up at the end of the month).
edit : precisions :
When you open the box of a new Livebox, it has pre set a LAN network of 192.168.1.0/24, the Livebox uses 192.168.1.1.
When you install a new pfSEnse it has pre set a LAN network of 192.168.1.0/24, pfSense uses 192.168.1.1.Simpliy said : this gives a routing conflict, as you can't route 192.168.1.x to 192.168.1.y.
Make your choice :
Change the network "192.168.1.1" on your Livebox (make it, for example 192.168.2.0/24)
Or
Change the network "192.168.1.1" on your pfSense (make it, for example 192.168.2.0/24).
There is nothing more to do for a working set up. -
first go into the bios and disable hyperthreading.
secondly, list your network adapters. are they all intel or do you have realtek?
Everyone hates realtek because for the longest time, BSD was shipped with broken drivers.. pfsense version 2.5 finally included working drivers for realteks, however unlike intels that just 'install and work out of the box', you have to direct pfsense to use the new realtek drivers. i've seen the commands, it's very simple. just have to search for the instructions on what to do.. again, it's very simple and as a noob myself, i wouldn't be concerned.third, you should list the packages you have installed for the seasoned vets to go through.. someone here will know
