Random network connection issues
-
I have recently installed pfsense to replace my Google Nest router. I struggled for a while with getting DNS working correctly, but now that I seem to have that going, I have been seeing a new issue. I do not believe it is DNS related, but if it is then I can elaborate on that resolution.
Right now I randomly cannot get to a website or two. Today it was google.com, mst3kinfo.com and yahoo.com. Every other site I tried to visit has worked great. NSlookup resolves to the correct IP, but I cannot ping the IP. Also tracert goes nowhere, not even a first hop. This happens on all my devices, not just one.
With a reboot of the pfsense box, everything starts pinging and working just fine. But there will be other sites that do not work that take me a few days to realize they are down.
I have tried disabling any addons (really only have snort) and disabled the firewall itself which says it just becomes a NAT. Nothing seems to keep everything up and running. There is just a few sites everyday that I discover don't work, and if I reboot it then there are all new sites I have issues with.
Any thoughts or suggestions? It is so bad that I have to switch to my Google Nest sometimes just so I can work without issues.
-
@crowax Well, PFSENSE, as it comes 'out of the box' without any customization, should just plain work, with the possible exception of PPPOE internet needing a username/password login. The default firewall setting for LAN is to allow all outgoing. The default DNS is for the router to resolve using internet root servers- no forwarding is needed to any public DNS like 8.8.8.8 or 1.1.1.1. Even if PFSense is behind another router, like a cablemodem-router combo, as long as the LAN network that PFSense is set with is different from the LAN network that the router in front of it has, PFSense will work. So maybe a bit more information as to what kind of internet service you have and what is in front of the PFSense router, would be usefull, and what settings you have changed for DNS so that we know a bit about your setup would be helpfull.
-
@tzvia
Thank you for the reply.For the DNS I have two PiHole instances that have not been a problem with my Google Nest. At first I tried to set PiHole to go to 8.8.8.8 and pfsense/DHCP assigned the PiHole as the DNS server. This had some issues on and off. What I had to do was set the pfsense to assign its own IP as the DNS server for computers. Then the DNS settings inside pfsense point to the PiHole. However I have also set it to 8.8.8.8 and 1.1.1.1 earlier when troubleshooting. It didn't make a difference. The names still resolved fine but I could not ping the IP's.
I have DHCP enabled to hand out addresses to all my devices. Using itself as the gateway and DNS.
The only other change was a few port forwards to get 443 and 80 to point to my reverse proxy.
I have a standard Spectrum modem that I connect to pfsense WAN with DHCP.
The only major step I did not try was to completely wipe and start over. I have had this issue since day 1 but I think the only thing I was working on then was my port forwarding.
-
Unable to connect to some random sites like that is usually either an MTU issue or a bad subnet mask somewhere. Since you're unable to ping or even reach the first hop in a traceroute it's unlikely to be MTU so check the routing table for some bad route.
Steve