Routes seems to be dropped on dhcp rebind
-
Hello,
I use pfsense 2.2.1 amd64.
Let's detail a bit my conf :
-
a WAN interface associated to WANGW gateway, marked as default gateway
-
a WAN_FREE interface associated to WAN_FREE_DHCP gateway.
-
my LAN interface.
Although there is two WAN here, I do not use a multi wan setup for now, WAN_FREE is just used only for establishing some ipsec vpns, all other external traffic is supposed to go through WAN.
My problem is that whenever WAN_FREE goes up and down, as it comes about every week, the default route of the firewall disappears. the WANGW gateway is still marked as up, but displaying routes show no "default" route.
I attempted the use of the option "Disable Gateway Monitoring" on WANGW, but the problem still occurs.
Does someone have an idea how to prevent that ?
See below the logs during the incident.
Apr 9 03:48:54 check_reload_status: Linkup starting igb3 Apr 9 03:48:54 kernel: igb3: link state changed to DOWN Apr 9 03:48:55 php-fpm: /rc.linkup: DEVD Ethernet detached event for opt2 Apr 9 03:48:55 php-fpm: /rc.linkup: DEVD Ethernet detached event for opt2 Apr 9 03:48:55 check_reload_status: Linkup starting igb3 Apr 9 03:48:55 kernel: igb3: link state changed to UP Apr 9 03:48:56 php-fpm[74992]: /rc.linkup: DEVD Ethernet attached event for opt2 Apr 9 03:48:56 php-fpm[74992]: /rc.linkup: HOTPLUG: Configuring interface opt2 Apr 9 03:49:13 check_reload_status: updating dyndns WAN_FREE_DHCP Apr 9 03:49:13 check_reload_status: Restarting ipsec tunnels Apr 9 03:49:13 check_reload_status: Restarting OpenVPN tunnels/interfaces Apr 9 03:49:13 check_reload_status: Reloading filter Apr 9 03:49:14 php-fpm[394]: /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use WAN_FREE_DHCP. Apr 9 03:49:14 php-fpm[394]: /rc.filter_configure_sync: Could not find IPv4 gateway for interface (opt2). Apr 9 03:49:29 php-fpm[77557]: /rc.newipsecdns: IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing. Apr 9 03:49:29 php-fpm[77557]: /rc.newipsecdns: IPsec ERROR: Could not find phase 1 source for connection XXX. Omitting from configuration file. Apr 9 03:50:03 kernel: igb3: link state changed to DOWN Apr 9 03:50:03 check_reload_status: Linkup starting igb3 Apr 9 03:50:05 kernel: igb3: link state changed to UP Apr 9 03:50:05 check_reload_status: Linkup starting igb3 Apr 9 03:50:05 check_reload_status: rc.newwanip starting igb3 Apr 9 03:50:05 check_reload_status: Restarting ipsec tunnels Apr 9 03:50:05 check_reload_status: updating dyndns opt2 Apr 9 03:50:05 php-fpm[394]: /rc.linkup: DEVD Ethernet detached event for opt2 Apr 9 03:50:06 php-fpm[24159]: /rc.linkup: DEVD Ethernet attached event for opt2 Apr 9 03:50:06 php-fpm[24159]: /rc.linkup: HOTPLUG: Configuring interface opt2 Apr 9 03:50:06 php-fpm[394]: /rc.newwanip: rc.newwanip: Info: starting on igb3. Apr 9 03:50:06 php-fpm[394]: /rc.newwanip: rc.newwanip: on (IP address: ) (interface: WAN_FREE[opt2]) (real interface: igb3). Apr 9 03:50:06 php-fpm[394]: /rc.newwanip: rc.newwanip: Failed to update opt2 IP, restarting... Apr 9 03:50:06 check_reload_status: Configuring interface opt2 Apr 9 03:50:06 check_reload_status: rc.newwanip starting igb3 Apr 9 03:50:06 check_reload_status: Restarting ipsec tunnels Apr 9 03:50:06 check_reload_status: updating dyndns opt2 Apr 9 03:50:08 php-fpm[36537]: /rc.newwanip: rc.newwanip: Info: starting on igb3. Apr 9 03:50:08 php-fpm[36537]: /rc.newwanip: rc.newwanip: on (IP address: ) (interface: WAN_FREE[opt2]) (real interface: igb3). Apr 9 03:50:08 php-fpm[36537]: /rc.newwanip: rc.newwanip: Failed to update opt2 IP, restarting... Apr 9 03:50:08 check_reload_status: Configuring interface opt2 Apr 9 03:50:08 check_reload_status: rc.newwanip starting igb3 Apr 9 03:50:10 php-fpm[44501]: /rc.newwanip: rc.newwanip: Info: starting on igb3. Apr 9 03:50:10 php-fpm[44501]: /rc.newwanip: rc.newwanip: on (IP address: ) (interface: WAN_FREE[opt2]) (real interface: igb3). Apr 9 03:50:10 php-fpm[44501]: /rc.newwanip: rc.newwanip: Failed to update opt2 IP, restarting... Apr 9 03:50:10 check_reload_status: Configuring interface opt2 Apr 9 03:50:10 check_reload_status: rc.newwanip starting igb3 Apr 9 03:50:11 php-fpm[44501]: /rc.newwanip: rc.newwanip: Info: starting on igb3. Apr 9 03:50:11 php-fpm[44501]: /rc.newwanip: rc.newwanip: on (IP address: 0.0.0.0) (interface: WAN_FREE[opt2]) (real interface: igb3). Apr 9 03:50:11 php-fpm[44501]: /rc.newwanip: rc.newwanip: Failed to update opt2 IP, restarting... Apr 9 03:50:11 check_reload_status: Configuring interface opt2 Apr 9 03:50:13 check_reload_status: rc.newwanip starting igb3 Apr 9 03:50:14 php-fpm[48969]: /rc.newwanip: rc.newwanip: Info: starting on igb3. Apr 9 03:50:14 php-fpm[48969]: /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN_FREE[opt2]) (real interface: igb3). Apr 9 03:50:16 php-fpm[48969]: /rc.newwanip: Forcefully reloading IPsec Apr 9 03:50:16 php-fpm[48969]: /rc.newwanip: Forcefully reloading IPsec Apr 9 03:50:16 check_reload_status: Reloading filter Apr 9 03:50:16 php-fpm[48969]: /rc.newwanip: Resyncing OpenVPN instances for interface WAN_FREE. Apr 9 03:50:16 php-fpm[48969]: /rc.newwanip: Creating rrd update script Apr 9 03:50:18 php-fpm[48969]: /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - aa.bb.cc.dd -> aa.bb.cc.dd - Restarting packages. Apr 9 03:50:18 check_reload_status: Starting packages Apr 9 03:50:19 php-fpm[63813]: /rc.start_packages: Restarting/Starting all packages. Apr 9 03:50:19 php-fpm[63813]: /rc.start_packages: Reloading Squid for configuration sync Apr 9 03:50:19 check_reload_status: Reloading filter Apr 9 03:50:20 php-fpm[63813]: /rc.start_packages: Not calling package sync code for dependency squid of squid because some include files are missing. Apr 9 03:50:21 php-fpm[394]: /rc.newipsecdns: IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing. Apr 9 03:50:23 check_reload_status: Syncing firewall Apr 9 03:50:23 php-fpm[36537]: /rc.newipsecdns: IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing. Apr 9 03:50:23 check_reload_status: Reloading filter Apr 9 03:50:24 check_reload_status: updating dyndns WAN_FREE_DHCP Apr 9 03:50:24 check_reload_status: Restarting ipsec tunnels Apr 9 03:50:24 check_reload_status: Restarting OpenVPN tunnels/interfaces Apr 9 03:50:24 check_reload_status: Reloading filter Apr 9 03:50:25 php-fpm[4154]: /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use WAN_FREE_DHCP. ... same logs in loop Apr 9 06:12:22 check_reload_status: Reloading filter Apr 9 06:12:54 check_reload_status: updating dyndns WAN_FREE_DHCP Apr 9 06:12:54 check_reload_status: Restarting ipsec tunnels Apr 9 06:12:54 check_reload_status: Restarting OpenVPN tunnels/interfaces Apr 9 06:12:54 check_reload_status: Reloading filter Apr 9 06:12:55 php-fpm[91563]: /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use WAN_FREE_DHCP. Apr 9 06:13:10 php-fpm[79021]: /rc.newipsecdns: IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing. ... here i logged in and disable/reenabled WANGW and all started to work again: Apr 9 07:41:53 check_reload_status: Syncing firewall Apr 9 07:41:56 php-fpm[3042]: /system_gateways.php: ROUTING: setting default route to xx.xx.xx.xx -