Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Unstable PfSense

    General pfSense Questions
    4
    8
    4776
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      gga last edited by

      Version 2.0.1-RELEASE (i386)
      built on Mon Dec 12 17:53:52 EST 2011
      FreeBSD 8.1-RELEASE-p6
      Platform pfSense
      CPU Type Pentium(R) Dual-Core CPU E5700 @ 3.00GHz, only two NICs, LAN and WAN (Static IP).
      I've just about looked everywhere for a solution and changed NICs countless times. I keep losing connexion.
      When I surf the web I constantly need to reload the page because the browser just seems to hang there, not going anywhere.
      When I'm perusing the logs in the PfSense, via SSH, all of the sudden it freezes, then after about 5 min I get a Broken pipe message.
      In lighttpd.error.log there are lots of (connections.c.1711) SSL (error): 5 -1 54 Connection reset by peer, (connections.c.1711) SSL (error): 5 -1 1 Operation not permitted, (connections.c.1711) SSL (error): 5 -1 32 Broken pipe.
      In system.log I get a few: sshd[46098]: fatal: Write failed: Operation not permitted
      I'm running squid and squidguard, and I'm serving about 300 clients.
      With this very same machine I used to run IPCop, then IPFire with no problem at all. Wanted to give PfSense a try because it has so much more to offer but I'm so frustrated 'cos I can't find the cause of the problem.
      When my session "hangs", tcpdump, in pfsense, start displaying "arp who-has" messages. Any help will be greatly appreciated.

      1 Reply Last reply Reply Quote 0
      • chpalmer
        chpalmer last edited by

        Sounds like some hardware going south somewhere…

        Have you tried new patch cords between your modem and router box?

        Triggering snowflakes one by one..

        1 Reply Last reply Reply Quote 0
        • jimp
          jimp Rebel Alliance Developer Netgate last edited by

          If you only have one WAN, or you have a gateway entry with an invalid/unpingable monitor IP, try disabling state killing (System > Advanced, Misc tab).

          Or you can check your gateways under Status > Gateways, if you have one that is always down, edit it under System > Routing and fix the monitor IP or disable monitoring for that gateway.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • G
            gga last edited by

            Chpalmer: Can't be the patch cords. Because If I switch the machine and put on an "IPFire" everything works.
            Jimp: I've ticked "States", in System:Advanced:Miscellaneous and disabled monitoring on all my gateways except the one that points to the Internet. May be I should have mentioned that I have over 20 subnets connected. Anyway, things have greatly IMPROVED..It's only been a couple of hours, but everything seems to be running smoothly…thank you so much.

            1 Reply Last reply Reply Quote 0
            • stephenw10
              stephenw10 Netgate Administrator last edited by

              @gga:

              disabled monitoring on all my gateways except the one that points to the Internet.

              That sounds possibly bad.
              How many interfaces are you running?
              You would 'usually' only have a gateway on WAN interfaces. The only time you would have a gateway on other interfaces is if you have internal subnets reachable via some other internal router or tunnel, which you may well have.

              Steve

              1 Reply Last reply Reply Quote 0
              • G
                gga last edited by

                I have two interfaces. WAN with a static public IP. LAN private IP and several subnets connected via other routers.
                Steve, what could be the consequences of disabling gateway monitoring?.

                1 Reply Last reply Reply Quote 0
                • stephenw10
                  stephenw10 Netgate Administrator last edited by

                  Not much as far as I know. The gateway would not be removed if it goes down so pfSense would continue to try sending traffic instead of returning a no route error. You get no gateway quality data.
                  The only reason I commented is that some people add gateways to all their interfaces regardless and that causes trouble. You said "all my gateways" and "20 subnets", at sounded like you may have fallen into that trap but it seems as though you're better than that.  ;)

                  Steve

                  1 Reply Last reply Reply Quote 0
                  • jimp
                    jimp Rebel Alliance Developer Netgate last edited by

                    Disabling gateway monitoring is fine for local gateways. There is no benefit to monitoring them.

                    You really only need to monitor WAN-facing gateways.

                    Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                    Need help fast? Netgate Global Support!

                    Do not Chat/PM for help!

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post