Busy line



  • Hi all!

    I have 20/20 FTTH line and when I fully hog it with different traffic I get this in log file:

    Sep 16 14:27:23 	php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use WAN_PPPOE.
    Sep 16 14:27:18 	check_reload_status: Reloading filter
    Sep 16 14:27:18 	check_reload_status: Restarting OpenVPN tunnels/interfaces
    Sep 16 14:27:18 	check_reload_status: Restarting ipsec tunnels
    Sep 16 14:27:18 	check_reload_status: updating dyndns WAN_PPPOE
    Sep 16 14:25:05 	php: rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use WAN_PPPOE.
    Sep 16 14:25:01 	check_reload_status: Reloading filter
    Sep 16 14:25:01 	check_reload_status: Restarting OpenVPN tunnels/interfaces
    Sep 16 14:25:01 	check_reload_status: Restarting ipsec tunnels
    Sep 16 14:25:01 	check_reload_status: updating dyndns WAN_PPPOE
    

    I have of course packet loss but PPPoE never goes down.
    This causes OpenVPN to cut off my clients and SNORT looses blocked hosts.
    Everything else works OK…

    Any idea?

    Regards,
    M



  • System->Routing->Gateways->Edit the WAN gateway, click on the Advanced options. Put some bigger numbers for latency and packet loss limits. That way the system won't think the WAN is down just because someone is saturating it with a download.



  • I was thinking the same thing…
    Will try to alter the settings and report back :)

    Thanks!



  • How high of limits do you recommend setting under System > Routing > Gateway?  I currently have Probe = 10 seconds and Down = 30 seconds but pfsense 2.1 constantly resetting OpenVPN.  Despite there not being any active OpenVPN connections.

    What should be the:
    Latency Threshold? x and y
    Packet Threshold? x and y
    Probe internal?
    Down?



  • Just check "Disable Gateway Monitoring". It's not in your use anyway.



  • @nothing:

    Just check "Disable Gateway Monitoring". It's not in your use anyway.

    Unfortunately it appears that I cannot saturate my upstream completely or these OpenVPN endpoint messages accumulate in the system log, CPU usage peaks and I get a series of check reload status msgs regardless of whether I disable gateway monitoring or disable OpenVPN altogether.  I've even tried to delete and recreate my WAN gateway in case it was a corrupt config. Perhaps a bug as no other significant changes made to my pfsense 2.1 release.


Log in to reply