Intermittent connection loss on the WAN side, usually once per day
I set up pfSense about two months ago and I have only really been using it as a gateway/router for my home network
and I have not yet configured any firewall rules. About a month into using it, I seemed to start having weird connectoin issues with
my WAN interface keeping connection to the internet. I will have internet access for hours, then randomly, I will notice that I
cannot connect to any webpages. So I then log into pfsense and go to the dashboard only to see that my WAN connection
no longer has a public IP address. Then I'll go to the Status: Interfaces page where I can release/renew. I will release/renew and
then get my public address back and everything works fine again. I usually have this problem at least once a day at random times, sometimes twice a day.
I'm not sure where to start. I'm not sure if maybe there is some possible issue with pfSense blocking traffic that my ISP periodically
sends me, but that wouldn't really make sense since there are times where I have internet all day before getting dropped. What could possibly be getting blocked? Or maybe that's not the problem.
I'm looking over the logs right now, but I am not sure what to look for. I only have novice network admin knowledge.
I do notice a lot of blocked traffic in the firewall logs.. maybe that could indicate something. I see that some of the blocked addresses are private. What's with that? I do have "blocked private networks and bogon networks" checked, so that's why they are blocked, but I am confused why I would be getting traffic from those addresses since they are private networks and aren't supposed to be routed, right? Also, for what it's worth, my internal network is a 10.0.0.0/24 right now.
I have attached a screenshot of my firewall log page.
Here are a few entries from the DHCP log
Dec 20 12:42:24 dhcpd: Dec 20 12:42:24 dhcpd: If you did not get this software from ftp.isc.org, please Dec 20 12:42:24 dhcpd: get the latest from ftp.isc.org and install that before Dec 20 12:42:24 dhcpd: requesting help. Dec 20 12:42:24 dhcpd: Dec 20 12:42:24 dhcpd: If you did get this software from ftp.isc.org and have not Dec 20 12:42:24 dhcpd: yet read the README, please read it before requesting help. Dec 20 12:42:24 dhcpd: If you intend to request help from the dhcp-bugs at isc.org Dec 20 12:42:24 dhcpd: mailing list, please read the section on the README about Dec 20 12:42:24 dhcpd: submitting bug reports and requests for help. Dec 20 12:42:24 dhcpd: Dec 20 12:42:24 dhcpd: Please do not under any circumstances send requests for Dec 20 12:42:24 dhcpd: help directly to the authors of this software - please Dec 20 12:42:24 dhcpd: send them to the appropriate mailing list as described in Dec 20 12:42:24 dhcpd: the README file. Dec 20 12:42:24 dhcpd: Dec 20 12:42:24 dhcpd: exiting. Dec 20 12:42:25 dhclient: dhclient already running, pid: 88406.
![firewall logs.jpg](/public/imported_attachments/1/firewall logs.jpg)
![firewall logs.jpg_thumb](/public/imported_attachments/1/firewall logs.jpg_thumb)
I then log into pfsense and go to the dashboard only to see that my WAN connection no longer has a public IP address.
What address does it have?
Are you using a cable modem?
When I lose my public ip for the WAN it shows that it has no address at all. And yes I am using a cable modem.
I asked because some cable modems will hand out a private IP if they loose upstream connectivity. pfSense will then hang on to that address even after the real wan has been restored. It would explain the firewall hits you're seeing. If that is the case you should see the IP change in the system logs.
Yeah, that makes sense and I kind of figured as much.. however, I don't know why I would be losing my connection at random points during the day, every day.
EDIT: Oh actually I'll bet it's because idle packets were dropped, I temporarily lost connection and then that lull lasted longer than it should because pfsense was blocking private network addresses, so I was basically ending up with no address…
Well if you really are losing connection everyday then you'll have to take that up with your cable company. ;)
Setting 'block private networks' on WAN only blocks unsolicited traffic (like any other firewall rule) so it won't block DHCP requests or gateway pings etc.