1 Gig Fios and PFSense

jbeez

Also... any dpinger messages in my log about WAN_DHCP show the public IP of my Verizon FiOS upstream gateway. Your log message is showing an RFC1918 address.

Physically are you connecting just your wan nic right to your ONT? You aren't bridging those interfaces in pfsense at all are you?

mikeinnyc

WAN_DHCP Gateway ??? with your PFS Box, you plugged it in and just got a working WAN IP DHCP lease right away...until they changed it

Most likely it's not your PFSense router. It's most likely that Verizon has changed your Public IP DHCP block along with the DNS servers that Verizon uses to resolve. You did nothing wrong so don't worry. I am assuming you are willing to have your IP address changed X times per month in exchange for a lower-rate nonstatic IP. Verizon "may" change your IP faster than Toliet Paper in the NYC Subways but only if 1) you get flagged by pattern high burst traffic usage or by multiple open ports for longer than normal periods. 2) OR, It could just be your power failed and it changed the "WAN IP and the DNS servers."

I know it's hard but try to pay up and Go Static IP if you are running more than cameras outside specifically file sharing aka web hosting. Otherwise, you'll be unplugging that ONT box and trying to get a new lease may be hourly even with ddns. Best of luck and I hope you get a DHCP ... static lease for at least one year.

sstatjm

@jbeez at this point I am just exhausted. I am currently connected to the verizon router that's why you are seeing that ip address.
To get a stable connection I have to connect to the verizon router. the moment i connect directly the ONT all hell breaks lose and service drops. Yes, i did call them to release the DCHP lease........... 4hrs and 45 mins later. Back to square one.

jbeez

@mikeinnyc said in 1 Gig Fios and PFSense:

WAN_DHCP Gateway ??? with your PFS Box, you plugged it in and just got a working WAN IP DHCP lease right away...until they changed it

Most likely it's not your PFSense router. It's most likely that Verizon has changed your Public IP DHCP block along with the DNS servers that Verizon uses to resolve. You did nothing wrong so don't worry. I am assuming you are willing to have your IP address changed X times per month in exchange for a lower-rate nonstatic IP. Verizon "may" change your IP faster than Toliet Paper in the NYC Subways but only if 1) you get flagged by pattern high burst traffic usage or by multiple open ports for longer than normal periods. 2) OR, It could just be your power failed and it changed the "WAN IP and the DNS servers."

I know it's hard but try to pay up and Go Static IP if you are running more than cameras outside specifically file sharing aka web hosting. Otherwise, you'll be unplugging that ONT box and trying to get a new lease may be hourly even with ddns. Best of luck and I hope you get a DHCP ... static lease for at least one year.

idk if this is the same everywhere, but I'm in the Phila area, and my verizon wan IP has changed maybe three times in the last 2yrs, its very stable for me.

Again I don't work at verizon, IDK what they do, how consistent it is, but I can speak to my personal experience, I also have some unifi gateways and edgerouters on maybe 4 or 5 other verizon networks that I admin and they are also stable, although most of them are in this area as well.

sstatjm

@jbeez It was a frustrating night last night. What I ended up doing was going back to the verizon provided router and connect my pfsense to it. I put that ip address into the DMZ. So far that is working. But now another issue has arise from all this now my upload speed is about a 1/3 of the 1gig speed advertised.

This is just fun!!

mikeisfly

For what it's worth, I have Verizon FiOS and Gigabit internet and I have no issues. I'm connected directly to the ONT. I would check to make sure your Fiber is clean. You may be able to have Verizon come out and check the connections. If possible, use other hardware like a traditional router just to see if it maybe an issue with your hardware.

dma_pf

@sstatjm

@jbeez said in 1 Gig Fios and PFSense:

idk if this is the same everywhere, but I'm in the Phila area, and my verizon wan IP has changed maybe three times in the last 2yrs, its very stable for me.
Again I don't work at verizon, IDK what they do, how consistent it is, but I can speak to my personal experience, I also have some unifi gateways and edgerouters on maybe 4 or 5 other verizon networks that I admin and they are also stable, although most of them are in this area as well.

I'm also in the northeast US. Been on FIOS for about 3 years and have never had any issues connecting pFsense directly to their ONT. IP address assignments have also been very "sticky" with only a few changes over the years.

I do have pfsense set to only use IPv4...no IPv6. I've never used Verizon's DNS servers. I don't use any monitoring on the gateway. Here's my interface and gateway.

I've never had to mess around with any other settings to get FIOS to work.

With the FIOS router attached to the ONT you can have Verizon run some diagnostics to try to rule out any issues behind the ONT. This sounds like this is probably not the case.

There's probably something in pfsense that's setup wrong or not working correctly. I would suggest making a local backup of your current pfsense configuration (Diagnostics/Backup & Restore), then do a reset to factory defaults (Diagnostics/Factory Defaults), then reboot and see how the connection works.

sstatjm

@dma_pf What version of pfsense are you running?

dma_pf

@sstatjm 2.6

sstatjm

@dma_pf ok cool thanks. I just rebuild it and so far its holding up good. 26 mins and counting
So now what's next!!! anybody have any suggestions on what I should keep?

mikeinnyc

@jbeez I worked at the other Blue cable company. VZ tech guys had some Fked up stories. Both company employees eventually shared the same employment multiple times back and forth. It's like the Philly cheese steak cooks immigrated to NYC and then back to Philly and then told stories. No, the grass is not greener! Don't ever call tech and tip them off is all that I'll say. "Their job is to collect more revenue on the quota chain you just don't know it." One can go months straight under the radar...until someone does their admin network monitoring job. Watch this Video and you'll laugh

Stay low my friends and never call in for anything if you don't have to. Just open up that ONT yourself on the side of your house. Unplug that black box for a few minutes then plug it back in and close the ONT unit. P.S. this is not good tech advice at all... I ate too many lead paint chips!

For the entrepreneur, you certainly can use a dual wan but the primary should be business static and one of them can be a residential DHCP but not both. Plus, google will index higher-ranking static IPs over ever-changing residential IPs. A simple way to check is to go to Business Static IP check Type = business or residential?

I just want to hear a few stories of customers winning on DHCP leases. Meaning maybe it changes once per year. The problem is just when you think you won they change the IP address more than normal. Now back to paint chips.

y2raza

@sstatjm So did you ever find a solution to your problem? I have FIOS, too, however, it does not drop packets as much as your connection does. It is still very annoying though.

sstatjm

@y2raza

No problems since I rebuilt pfsense. No issues so far

y2raza

@sstatjm do you have gateway monitoring on, which IP address do you use for ICMP ping?

sstatjm

@y2raza
gateway monitor ip is coming from the isp
I am not using icmp.