Old, stable pfSense install - LAN port goes offline
-
I have a stable pfSense install, active and dependable for years. I recently started hosting a Nextcloud AIO server (v.30.0.2). Now, when I start the nextcloud client, the firewall LAN port stops responding. I have to reboot (not just reroot) the firewall before the LAN port starts responding again. I'm fairly experienced and skilled, but haven't seen something like this. I'm seeking advice on how to troubleshoot.
pfSense 2.7.2
Running on an older sff pc (ECS Computing Liva Z / celeron N3350 2 core / 8 GB RAM / dual realtek RTL8168 Gigabit LANStarting the Nextcloud client reliably disrupts communications within ~10s. After comms are disrupted, only a full reboot restores comms (vs. connecting a lone Ubuntu machine directly to the LAN port, reroot). The MAC properly reports LINK UP, but no traffic flows - no DHCP address assignment.
-
@NickyDoes Sounds a bit like Flooding / Broadcast storm... I have read about the Realtek NIC being known to have some problems and can lock up... Are you saying that there are no problems just running the NC server, it's when the client connects that you get these problems?
Can you throttle the client, in the switch that it attaches to? And do some packet capture to see what happens?Also check IP and MAC just to make sure there is no conflict...
Check the logs in pfsense of course.. state table overflow? -
Yes is this only happening when a client connects to the server and starts moving files?
Is that traffic going through pfSense?
Is anything logged in pfSense when that happens?
-
@Gblenn Correct - the NC server is running at all times. It locks when the client connects.
The IP and MAC are unique on the network.
As for checking logs, capturing packets, and analyzing the results, I have not yet explored those rooms of the pfSense mansion.
@stephenw10, I believe the traffic is traversing the firewall because I'm using the public URL - the server is reverse proxied.
-
@NickyDoes Ok yes in that case you do in fact route the traffic via pfsense, and e.g. Nginx in fact.
You could try split DNS to see if that makes any difference. I just tested it myself and it seems to work with NextCloud...
Go into Services / DNS Resolver (or forwarder if that's what you use) and almost at the bottom you add a new Host override. Enter the fqdn you use to access NextCloud (e.g. nextcloud.dns.org) split up into nextcloud and dns.org on rows 1 and 2. And then the IP for NextCloud without the port (which apparently isn't needed when doing it this way).
[EDIT] I guess since in the NC setup you have specified that it should listen to port 80/443 and it expects e.g. nextcloud.dns.org as host header or whatever it's called.
You will also get a certificate warning that you have to accept since it's no longer going through your proxy.But you also need to test with an external client so that it doesn't lock up if you are accessing from the internet. You could run a VPN client on the PC that you are testing from to simulate that..
-
Which proxy are you using? Is anything logged there?
Importantly with Realtek NICs check for watchdog timeout errors in the system log.
-
@stephenw10 said in Old, stable pfSense install - LAN port goes offline:
Which proxy are you using? Is anything logged there?
I'm guessing Nginx Proxy Manager in which case logs are under /some mountpoint/data/logs/. And there are logs per Proxy Host numbered in the order they appear in the UI.
Perhaps the error log cold uncover something, if there is anything misconfigured on the NC server for example. -
Hmm, I'd assumed HAProxy or Reverse Squid if it's hitting that on the firewall. But I could be wrong.
-
@stephenw10 I'm using pfsense's package haproxy.
-
OK then check in the package and system logs for any errors when it goes offline.
But still with Realtek NICs in the system they are my prime suspect!
