Weird behavior with network
-
I've recently had a serious internet outage and I'm trying to find out the reasons.
I have a pfSense server with 2 WAN ports (different ISPs) and 1 LAN. The proxy sets WAN1 as main and WAN2 as failover. I connect the LAN to a Switch and it's pretty much that.
The problems I had involved:
- some PCs having no access at all to the network;
- some initially had no problems, but lost access with time;
- some had access to other servers, but not the proxy;
- some had intermittent connection;
- one had no problems at all;
I rebooted the pfSense server twice, but it didn't help.
It was solved when I unplugged my WAN1 connection and WAN2 took over.It actually happened once before, ~4 months ago. Now that it is recurring I must understand the problem.
Does this network mess make sense?
My first guess is it must be related to some software issue on pfSense. -
You mention that some PCs do not have access to the network at all. Is this is correct?
Do these PCs have physical connection to the network? In other words, do the lights on their LAN ports light up? Or do you use WLAN?
Do they have IP addresses? Could it have to do with DHCP issues?
Or does each PC have it's own VLAN, and it looks a routing/firewalling problem in pfSense?
Does the swutch appear to have locked up? Do you see unexplainable excess traffic going into the LAN (originating perhaps from WAN1) which could cause the switch to fail?
-
You mention that some PCs do not have access to the network at all. Is this is correct?
Do these PCs have physical connection to the network? In other words, do the lights on their LAN ports light up? Or do you use WLAN?
Do they have IP addresses? Could it have to do with DHCP issues?
Or does each PC have it's own VLAN, and it looks a routing/firewalling problem in pfSense?
Does the swutch appear to have locked up? Do you see unexplainable excess traffic going into the LAN (originating perhaps from WAN1) which could cause the switch to fail?
Yes. Most of the PCs had no access/intermittent access to the network. Some were working but lost connection after some time.
I use LAN only. I don't think it's cabling or NIC because I had many PCs with this issue. Although my wifi router (connected LAN port) was working.
Not sure about DHCP, as some PCs were able to communicate with some servers and wifi was working, but could be. I rebooted the pfSense server twice though and nothing changed.
Switch looked normal to me, i.e. lights were switching on/off. Anyway I restarted them.
I could not check traffic, but thinking about it now it might be the problem. Because as time passed, 'ping' started failing more often until it could not reach the destinations anymore. But after re-plugging WAN1 it worked fine. -
A rogue DHCP server can cause hard-to-track-down problems in a network. Rogue DHCP servers are often installed by users who want install their own WiFi AP or server into the network. The users often do not know that they are the cause of the problem.
However, a rogue DHCP sever issue is definietly not solved by unplugging a WAN link. It might have been a coincidence, but I guess that you repeatedly resolved the issue by unplugging WAN1, right? Also, problems caused by a rogue DCHP server do not go away at once once the rogue is removed - the PCs regain connectivity after the rogue DHCP leases time out.
-
A rogue DHCP server can cause hard-to-track-down problems in a network. Rogue DHCP servers are often installed by users who want install their own WiFi AP or server into the network. The users often do not know that they are the cause of the problem.
However, a rogue DHCP sever issue is definietly not solved by unplugging a WAN link. It might have been a coincidence, but I guess that you repeatedly resolved the issue by unplugging WAN1, right? Also, problems caused by a rogue DCHP server do not go away at once once the rogue is removed - the PCs regain connectivity after the rogue DHCP leases time out.
Yes, I once had a rogue DHCP server – it was definitely different. Yesterday's problem was more.. chaotic.
I unplugged WAN1 , WAN2 took over - and everything started working again.
-
Hmmm… sounds like problems with WAN1. How about plugging in WAN1 and taking out WAN2? Does the problem persist?
-
Hmmm… sounds like problems with WAN1. How about plugging in WAN1 and taking out WAN2? Does the problem persist?
Well, I don't know how to replicate the problem .
But it was solved when I unplugged WAN1, so it most certainly is a problem with it
-
This happened to me again today :(
The network simply stopped "seeing" the pfSense server.
I checked the LAN connection and it was fine. Had to reboot twice and it came back to work.
I should have configured a server log.
Will try to update pfSense now.