WAN IP renew failed - DSL DHCP (Swisscom)

funky

hi

we're using pfsense for small companies for years. got a problem and can't resolve it :(

All few hours, the internet is down. the log shows that the fw tries to get a new ip for WAN, but it fails.

rebooting the FW or releasing and renewing the WAN IP works. after that, a few hours later, its down.

Aug 5 09:14:08 php: : rc.newwanip working with (IP address: 85.4.41.xxx) (interface: wan) (interface real: vr2).
Aug 5 09:14:08 php: : Informational: rc.newwanip is starting vr2.
Aug 5 09:14:06 check_reload_status: rc.newwanip starting

1.2.3-RELEASE
built on Mon Dec 7 18:11:25 EST 2009

tried everything, router is in bridge mode, changed the crappy netopia router with a zyxel router in bridge mode ("official" router of swisscom), updated pfsense (was 1.22), changed pc engine hardware, changed network cables, splitter of ISDN modem and so on…

-> same problem.

there is a firewall rule for UDP source port 67, destination 68, for dhcprequest

-> doesnt work

the big problem is: the customer is in a new flat, built a few weeks ago. a technician of the dsl provider was there, an electrician -> no problems at all, DSL signal is fine, tested by provider, again and again. the problem is during for over one week now, it sux really hard :(

our next step is to remove pfsense and try it without any firewall, only with the crappy original dsl modem provided by swisscom (and only by the way: yes it's dhcp and not a PPPOE login, as many ppl will think)

any opinions? anyone got the same problem?

perhaps its only a problem by the provider, or something bullshit done by the electrician. but i need some opinions, if the original modem works...

thanks

greetings

funky

wallabybob

@funky:

there is a firewall rule for UDP source port 67, destination 68, for dhcprequest

-> doesnt work

Which interface? WAN? What IP addresses are in the rule? Have you checked the firewall log to see if DHCP on WAN is getting blocked?

Have you checked that the dhcp client program is running (shell command # ps ax | grep dhclient) when the link goes down? (I have seen reports of dhclient dieing.) Have you run a packet trace on the WAN interface to see if there is any activity when its "down"?

Is there any pattern to the WAN link going down? Does the telco equipment log anything when pfSense detects the link down?

Does your modem have any event logging facility? What does it report?

A few weeks ago my ADSL link was quite unstable. After a few days I noticed the phone circuit was sometimes quite noisy. I reported the noisy phone circuit to the phone company and next day my ADSL was much more stable. There was some sort of intermittent fault producing a lot of noise on the line "from time to time".

funky

Which interface? WAN? What IP addresses are in the rule? Have you checked the firewall log to see if DHCP on WAN is getting blocked?

wan, isnt blocked on wan, IP adresses -> any (please no comment to security, this is only for testing purposes, thanks)

Proto Source Port Destination Port Gateway Schedule Description
UDP  *  *  *  68  *     DHCP Request

Have you checked that the dhcp client program is running (shell command # ps ax | grep dhclient) when the link goes down? (I have seen reports of dhclient dieing.) Have you run a packet trace on the WAN interface to see if there is any activity when its "down"?

sorry for the missunderstanding or my bad english: it isnt going down exactly, there is a IP, but pfsense tries all 2-3 min with a dhcp request to get a new ip -> fail, i dont have any logs, lost by restart, but yes: the dhcp client program is running

i was only ONE time there when the link was down and i could check the logs then. its really odd the whole thing :(

Is there any pattern to the WAN link going down? Does the telco equipment log anything when pfSense detects the link down?

no the link is not going down. its only the wan interface which trys to get a new IP, during this, on the interface status site (sry i dont use shell right now) the DHCP link is DOWN (normally UP). its really odd, because there IS a ip adress, while the dhcp shows link DOWN.

no there is no pattern, it happens randomly, not interval or time or something else.

Does your modem have any event logging facility? What does it report?

i didnt check the logs of the router and cannot it by here. have to go to the customer. not possible right now. with the new zyxel modem, im sure there are logs, provider router im not sure… dont think so that i can access them, never used :/

A few weeks ago my ADSL link was quite unstable. After a few days I noticed the phone circuit was sometimes quite noisy. I reported the noisy phone circuit to the phone company and next day my ADSL was much more stable. There was some sort of intermittent fault producing a lot of noise on the line "from time to time".

what do you mean with unstable? my problem is: the dsl link is stable! (so far the provider says…)

if possible, im going to try to post the error log when trying to get a new IP by provider, there is always a dhcp request to an IP, and sometimes to 255.255.255.255, broadcast of course. another time, the dhcp works fine! (as below, i saw it all 6 hours got a new DHCP lease, with same ip, but sometimes it doesnt work)

Aug 5 09:14:08   php: : rc.newwanip working with (IP address: 85.4.41.xxx) (interface: wan) (interface real: vr2).
Aug 5 09:14:08   php: : Informational: rc.newwanip is starting vr2.
Aug 5 09:14:06   check_reload_status: rc.newwanip starting

i think its not a problem by pfsense ... gonna check it out next week, cannot go to the customer this week :(

something else: don't think im an expert in using shell with pfsense. my technical boss is using this firewall for years, but always with GUI. perhaps we're dumb ;) no please, dont think that. we have about 30 pfsense firewalls in productive environment ... and they work like a charm, btw: great product...

this customer, IM DYING ... :(

wallabybob

@funky:

if possible, im going to try to post the error log when trying to get a new IP by provider, there is always a dhcp request to an IP, and sometimes to 255.255.255.255, broadcast of course. another time, the dhcp works fine! (as below, i saw it all 6 hours got a new DHCP lease, with same ip, but sometimes it doesnt work)

That sounds pretty normal (aprt from the not working!).

Suggestion:
On a ssh session to the pfSense get to the shell prompt ad type the command:```

tcpdump -i zzz udp port 67

where you have to replace zzz by the system name of your WAN interface (e.g. vr1, em0, fxp2, …) which will display a text representation of UDP traffic coming from or going to port 67 (that is, DHCP traffic). From what you have written so far, that is likely to show DHCP requests mostly getting answered but sometime not being answered. The trace is time stamped so you might be able to then use it to ask your telco is they say DHCP requests at ... and why wasn't there a response? But lets see what the trace shows up first.

funky

thanks wallabybob!

great help, BUT ;)

we changed plans, gonna take a static ip by the provider and im not able to go to the customer within 2 weeks, hes fine with resetting firewall every 6 hour :/ (1-man company ;))

but, when im there to change the ip, i'll try to tcpdump the dhcp requests. would be nice to know if the provider has a problem or not…

thank you very much. for me its done. topic can be closed, or perhaps someone else has this problems ;)

greetings

funky

wallabybob

If you have static IP address then you probably won't use DHCP, though I have read of some ISPs who require DHCP but always assign the same IP address in DHCP.