2.7.0 PPPoE Continually Reconnecting
-
I will add that 2.7.0 broke my PPPoE. I was not able to get it to work at all. Yes, PPPoE connected to my modem, pulled an IP address, but no traffic would go in/out of WAN. I have very little blocked on firewall rules, they were the same that worked in 2.6.0.
I pulled a full copy of 2.7.0 and did a fresh usb install. Did not work.
The only thing that worked was reverting to 2.6.0 (usb install).
-
@threadhead Your issue sounds like mine, 2.7.0 breaks PPPoE. I don't think I have a version of 2.6.0 to go back to on USB, and there doesn;t seem to be anywhere on pfsense site that I can download it from. It would be nice if there was a roll-back option on the upgrade GUI.
Anyway, my interim work round is working fine although double NATing is a pain when I have a significant number of incoming rules.
I have kept the PPP logs if anyone from netgate want to see them.
-
@IanJanus You can find all the older versions of pfSense here: https://atxfiles.netgate.com/mirror/downloads/?_gl=11yqhevr_gaMTQ1MDA1NDk2MC4xNjg4NjkxNzQ4_ga_TM99KBGXCB*MTY4ODc0NjMxNi4yLjEuMTY4ODc0OTYyMy41OC4wLjA.
No sure you need all of that, but they are there. I used this one: https://atxfiles.netgate.com/mirror/downloads/pfSense-CE-memstick-2.6.0-RELEASE-amd64.img.gz
Put it on a usb drive, reboot pc, follow prompts, restore config. All working again.
-
What do the ppp logs show when it disconnects?
I'm using PPPoE on two WANs here in 2.7.
Steve
-
@stephenw10
Nothing that stands out really:ppp_log.txt -
@stephenw10 I have none of those errors. Mine does connect and pulls an IP, but nothing routes to WAN. My modem does tag packets with VLAN 201, but it has been working like that for over a year on 2.6.0. Any yes, I did try to set a VLAN 201 on that WAN port, no difference.
-
@IanJanus Hmm, that seems familiar. A second process is spawned as soon as the link comes up.
Possibly this or related to it: https://redmine.pfsense.org/issues/14434
Do you see rc.newwanip run in the system log when the pppoe link establishes? Do you have a VIP on WAN?
-
@threadhead Do you end up with no default route? Check Diag > Routes. Make sure the dynamic WAN gateway is set as default.
-
@stephenw10 As I moved back to 2.6.0 I did not save any of the logs. But my home is the same as the other. See attached.
And yes, the WAN_PPPOE is the default gateway.
-
So the system that screenshot came from currently has connectivity for clients?
That's what I expect the routing table to look like.
-
@stephenw10 Firstly, I had checked that the WAN_PPPoE gateway was selected as default, so I know it isnt a gateway selection issue (first thing I usually check if there is an issue). With my workaround of using another PPPoE router between pfsense and my modem, I have had to set up another gateway since I am now having to use a Static IP on the ethernet interface to the router.
The Bug report you mentioned does seem relevant to me, in that I also have a routeable block of public IPs (/29) and a /32 PPPoE address (and VIPs configured in pfsense).
In pfsense, I have configured the VIPs as individual /32 IPs rather than a /29 block - I don't know if that makes any difference.
Since this issue has arisen by doing a straight upgrade from a working 2.6.0 and also upgrading another instance removing the packages first and finally a completely new install with nothing other than a single WAN and LAN interface - I am suspecting this is a bug and not associated with the upgrade process.
Also like in the bug report, I see the PPPoE interface come up, get and IP (PPPoE IP) and shutdown and continue repeating endlessly. Also I notice that as far as the Vigor 130 Modem is concerned, it seems happy and appears to be up all the time and does not appear to be dropping the connection. -
If you're able to do so I would try testing the PPPoE link without any VIPs on it. If it then comes up and it stable as expected we can add your data to that ticket. That does seem like a bug and one that may that may not be that difficult to fix.
Steve
-
@stephenw10 Okay, will try that tomorrow afternoon when its quiet, since it will take me a little while to reconfigure everything back to PPPoE and don't want to start late afternoon in case it all goes wrong! Am in UK here and so time difference doesn't help! I'll post the results when done.
-
I'm also in the UK but I tend to be awake on US hours most of the time.
-
I've had this same issue on Plus since 23.01 was released and have been trying to track it down with no luck. I have the exact same scenario; PPPoE on VLAN 201 with a /29 block of IPs, individually defined as /32 VIPs. I just tested removing all VIPs and sure enough, the WAN connection came right up and continued working as expected, including after installing the 23.05.1 update.
-
@stephenw10 I removed all VIPs and associated NAT rules and PPPoE connected and was stable.
So appears to be with handling of VIPs. -
Ok, that's great data. Updated the bug: https://redmine.pfsense.org/issues/14434
-
@stephenw10 Sorry, was out for the weekend.
Yes, both of my pfSense routers are the same. I have no VIPs setup. I have no VLAN tagging for WAN. For the PPP config it is set to the WAN with link type PPPoE.
I was never able to get any traffic to route to the WAN. My internal firewall rules are fairly permissive, and I did try setting all the LAN(s) to WAN to allow all traffic.
Never was able to get it to work. Did I miss something important?
-
Hmm, yeah that's a different bug then unrelated to the VIP issue. Was pfSense itself able to connect out? The gateway showed as up?
-
To be clear this happens when you have a VIP that's in the same subnet as the WAN when it comes up?
Haven't managed to replicate that here yet.