4. What could be causing my pfSense Instability?

What could be causing my pfSense Instability?

  • M

    Hey all,

    So I've been running pfSense inside a VM server for a while, and I have been very happy with it.  It's been sturdy as a rock, and performs well.

    Then the other day, I decided to change two settings, and ever since the pfSense box has been losing its DHCP server roughly once a day, and eventually becoming unresponsive.

    The problem starts out with the DHCP server not working on the LAN, but devices already assigned an IP continue to use the WAN.  Devices trying to get a new IP - however - don't get one and fail.  Eventually - however - even the WAN portion stops working for devices with existing IP's.

    The settings I changed are as follows:

    • I checked the "enable IPV6" box, thinking I might experiment with IPV6 a bit, as I am still rather unfamiliar with it.

    • I increased the firewall state side to about 1 million entries.  (I figured since I use a VERY LARGE amount of NAT states, I probably should increase the firewall states to match).

    The box is not running out of ram (It sits at about 6% use)

    Last night I started trouble shooting what was causing this and disabled IPV6 functionality.  The pfSense box has not had the issue since, but it is too soon to tell for sure.

    Are there any known issues here I should be aware of, or anything else you guys might think is causing my issue?

    Thanks,
    Matt

    0
  • Netgate Administrator

    Do you mean 'Allow IPV6'?

    Which version of pfSense are you running?

    Steve

    0
  • M

    @stephenw10:

    Do you mean 'Allow IPV6'?

    Which version of pfSense are you running?

    Steve

    Yep, that would be it, under Advanced -> Networking.

    Version is 2.0.1-RELEASE (amd64)
    built on Mon Dec 12 18:16:13 EST 2011
    FreeBSD 8.1-RELEASE-p6

    Running under ESXi 5.0 on an AMD E350 system with 8GB of ram.

    Since I have turned it off, it has now been 4.5 days without a DHCP server crash, so I'd say this is it.

    0
  • Netgate Administrator

    IPv6 is not supported in any real way in 2.0.1. That box simply allows traffic to pass through pfSense.

    If you want to experiment with IPv6 you probably want to try one of the test images for pfSense 2.1 (or wait until it is released)
    http://forum.pfsense.org/index.php/topic,46459.msg243571.html#msg243571

    Steve

    0
  • C

    IPv6 has no relation to the DHCP server. All that checkbox does is either add rules blocking all IPv6 or not add them. Neither way has any impact on anything with IPv4.

    Is the DHCP server running when it stops giving leases? Check Status>Services, and the system logs. The only time I've seen the DHCP server stop handing out leases is when it doesn't have any to hand out. It may be possible there is some missing input validation somewhere that lets you generate an invalid config file that stops dhcpd, which would be in the logs, but that would have to be something atypical you're doing.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy