pfSense GUI/SSH unresponsive and some routing breaks

Chrisnz

I'm having problems with my pfSense box for a while becoming unresponsive at times (Web UI and SSH). It happens 1-3 times a month and I have to pull the plug to restart it. Since I'm not always home, this is no good and pulling the power plug can't be healthy for the OS either.

The last couple of times I suspect it maybe caused by one NIC (re0) since parts of my network (re1, re2) kept working but everyhing from the re0 NIC did not (a WLAN access point is connected, devices could connect to WLAN but not get into the rest of the network) - but in all cases pfSense becomes unresponsive even if accessed from the re2 LAN network.

Is there a way to identify the issues causing it in the log file? Since I can't pinpoint the exact time, I might have to comb a lot of logs, is there something in particular I can look for?

My setup:
PC Engines APU1D4
BIOS coreboot 4.12.0.2
pfSense Community Edition 2.5.1
pfBlockerNG-devel 3.0.0_16

NIC re0: WLAN - Router (TP Link with Gargoyle)
NIC re1: WAN - Fibre modem (Fibre with 100/300Mbps)
NIC re2: LAN - Netgear switch

viragomann

@chrisnz
In general you should find hints in the system log.

Since pfSense is not responding in this case, you can nail down the time of failing by monitoring a pfSense interface with pings. Write a simple ping script which logs the times, when pings are failing. Then check the log for regarding entries.

Chrisnz

@viragomann
Hi, I’m not sure if pinging will work because I can usually can reach the Web GUI but it hangs loading it and SSH also hangs but doesn’t immediately say not available or so. I’ll give it a shot though, thanks.

nattygreg

@chrisnz if you can replace the Nics, I have been messing with Pfsense since b4 1.0 on and off.
Realtek cards are a pain then and still a pain now. But your laggy web gui is from negate cannot reach the internet. Put a secondary dns server ip on the general page. It should stop the lag

stephenw10

In the APU1 they are not normally an issue. They are on-board anyway so they can't be swapped.

If there's nothing in the system log when this happens I'd try logging the serial console output if you can.

Steve

Chrisnz

@stephenw10
I’ll try to pinpoint the time with pings first and see if that works.

I think the serial port is also unresponsive at that time.

stephenw10

The console may seem unresponsive when you connect to it after this has happened but try entering ctl+t. That can often produce a response when nothing else will and shows what process the system is waiting on.
Also if you can log the serial output during the issue there may be an error show there that cannot be written to the system log.

Steve