Suddenly Loss Routing Between L2 Segements

jlw52761

Out of the blue tonight I started having an issue where everything stops routing between the L2 segments, including WAN. I can't even get to the segments from the pfSense console, which is the box doing the routing.
Nothings changed, I was sitting on the couch watching YouTube when things went haywire. The only way to get things functional again is to boot into my 22.05 boot environment. Whenever I am booted into the 23.01 boot environment, after a few minutes the problem occurs again.
The only thing that stands out in the logs is at boot, and it's the following when starting the WAN interface:

[fib_algo] inet.0 (bsearch4#26) rebuild_fd_flm: switching algo to radix4_lockless

I don't see anything else standing out and I admit this may be a red herring. Up until tonight, this rig has been rock solid and I upgraded to 23.01 from 22.05 a couple weeks back, and before tonight, no issues.
Any suggestions on what else to look at would be great, or is this possibly something with FreeBSD 14 that doesn't like the hardware? Nothing obvious to these eyes anyway.

Here's the specs on the box:
*Dell R330 (BIOS and Firmware fully updated)
*Xeon E3-1280 v5 @ 3.70GHz (Quad Core HT Enabled)
*64GB RAM (x4 16GB DDR4 2133MHz)
*PERC H330 in HBA Mode
*Two 500GB WD RE4 WD5003ABYX SATA (7.2k) in ZFS Mirror
*Intel Pro/1000 PT Dual Port NIC (WAN & Internal LAN/VLAN Interfaces)
*Broadcom NetXtreme Embedded (Disabled in BIOS)

danioj

@jlw52761 would you mind sharing how you resolved this? Assuming you have. I have an issue after restore from backup which is similar and this exact error is in my boot log too.

jlw52761

@danioj I haven’t upgrade to 23.01 again as that seems to be my issue. My other firewalls are at 23.01 and I keep looking to see if I can a patch or something as I’m sure it’s some driver issue under the new FreeBSD version.

coxhaus

I am recently running pfsense 23.01 with a Cisco L3 switch. It is set up with a full class C for the network to my L3 switch. I plan to go to a 32 bit mask in the future once it all works right. I wanted local pfsense access in case of any issues.

I have been running for about 3 days so I am still working on my issue. It seems when I turn off IPv6 by checking none in the interface I lose IPv4 access to the outside world from my local pfsense network, Inside still works. My L3 VLANs still work. I have not run pfsense in many years but in the past local pfsense IPv4 network was not restricted outbound only non-touching networks needed firewall access.

My plan is to open the IPv4 network in pfsense's firewall like I do for the VLANs in my L3 switch to see if fixes it. Right now I just change IPv6 back to DHCP for the WAN interface and it all works. I plan to test opening the firewall when my wife is not around to see if it works.

I normally turn off IPv6 as I don't use it.

Did you recently change anything with IPv6?

jlw52761

@coxhaus I have this setting unchecked, blocking IPv6
"All IPv6 traffic will be blocked by the firewall unless this box is checked"

coxhaus

@jlw52761 I solved my problem. I had my L3 switch gateway defined with lower case letters. I blew away my static maps, deleted the gateway and set it all up using all upper case letters. I set my default gateway on the WAN interface. It all works now. I have turned off IPv6 on the WAN gateway.

I am now on 23.05.