Routes seems to be dropped on dhcp rebind

Starch

Hello,

I use pfsense 2.2.1 amd64.

Let's detail a bit my conf :

• a WAN interface associated to WANGW gateway, marked as default gateway

• a WAN_FREE interface associated to WAN_FREE_DHCP gateway.

• my LAN interface.

Although there is two WAN here, I do not use a multi wan setup for now, WAN_FREE is just used only for establishing some ipsec vpns, all other external traffic is supposed to go through WAN.

My problem is that whenever WAN_FREE goes up and down, as it comes about every week, the default route of the firewall disappears. the WANGW gateway is still marked as up, but displaying routes show no "default" route.

I attempted the use of the option "Disable Gateway Monitoring" on WANGW, but the problem still occurs.

Does someone have an idea how to prevent that ?

See below the logs during the incident.

Apr 9 03:48:54 	check_reload_status: Linkup starting igb3
Apr 9 03:48:54 	kernel: igb3: link state changed to DOWN
Apr 9 03:48:55 	php-fpm: /rc.linkup: DEVD Ethernet detached event for opt2
Apr 9 03:48:55 	php-fpm: /rc.linkup: DEVD Ethernet detached event for opt2
Apr 9 03:48:55 	check_reload_status: Linkup starting igb3
Apr 9 03:48:55 	kernel: igb3: link state changed to UP
Apr 9 03:48:56 	php-fpm[74992]: /rc.linkup: DEVD Ethernet attached event for opt2
Apr 9 03:48:56 	php-fpm[74992]: /rc.linkup: HOTPLUG: Configuring interface opt2
Apr 9 03:49:13 	check_reload_status: updating dyndns WAN_FREE_DHCP
Apr 9 03:49:13 	check_reload_status: Restarting ipsec tunnels
Apr 9 03:49:13 	check_reload_status: Restarting OpenVPN tunnels/interfaces
Apr 9 03:49:13 	check_reload_status: Reloading filter
Apr 9 03:49:14 	php-fpm[394]: /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use WAN_FREE_DHCP.
Apr 9 03:49:14 	php-fpm[394]: /rc.filter_configure_sync: Could not find IPv4 gateway for interface (opt2).
Apr 9 03:49:29 	php-fpm[77557]: /rc.newipsecdns: IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.
Apr 9 03:49:29 	php-fpm[77557]: /rc.newipsecdns: IPsec ERROR: Could not find phase 1 source for connection XXX. Omitting from configuration file.
Apr 9 03:50:03 	kernel: igb3: link state changed to DOWN
Apr 9 03:50:03 	check_reload_status: Linkup starting igb3
Apr 9 03:50:05 	kernel: igb3: link state changed to UP
Apr 9 03:50:05 	check_reload_status: Linkup starting igb3
Apr 9 03:50:05 	check_reload_status: rc.newwanip starting igb3
Apr 9 03:50:05 	check_reload_status: Restarting ipsec tunnels
Apr 9 03:50:05 	check_reload_status: updating dyndns opt2
Apr 9 03:50:05 	php-fpm[394]: /rc.linkup: DEVD Ethernet detached event for opt2
Apr 9 03:50:06 	php-fpm[24159]: /rc.linkup: DEVD Ethernet attached event for opt2
Apr 9 03:50:06 	php-fpm[24159]: /rc.linkup: HOTPLUG: Configuring interface opt2
Apr 9 03:50:06 	php-fpm[394]: /rc.newwanip: rc.newwanip: Info: starting on igb3.
Apr 9 03:50:06 	php-fpm[394]: /rc.newwanip: rc.newwanip: on (IP address: ) (interface: WAN_FREE[opt2]) (real interface: igb3).
Apr 9 03:50:06 	php-fpm[394]: /rc.newwanip: rc.newwanip: Failed to update opt2 IP, restarting...
Apr 9 03:50:06 	check_reload_status: Configuring interface opt2
Apr 9 03:50:06 	check_reload_status: rc.newwanip starting igb3
Apr 9 03:50:06 	check_reload_status: Restarting ipsec tunnels
Apr 9 03:50:06 	check_reload_status: updating dyndns opt2
Apr 9 03:50:08 	php-fpm[36537]: /rc.newwanip: rc.newwanip: Info: starting on igb3.
Apr 9 03:50:08 	php-fpm[36537]: /rc.newwanip: rc.newwanip: on (IP address: ) (interface: WAN_FREE[opt2]) (real interface: igb3).
Apr 9 03:50:08 	php-fpm[36537]: /rc.newwanip: rc.newwanip: Failed to update opt2 IP, restarting...
Apr 9 03:50:08 	check_reload_status: Configuring interface opt2
Apr 9 03:50:08 	check_reload_status: rc.newwanip starting igb3
Apr 9 03:50:10 	php-fpm[44501]: /rc.newwanip: rc.newwanip: Info: starting on igb3.
Apr 9 03:50:10 	php-fpm[44501]: /rc.newwanip: rc.newwanip: on (IP address: ) (interface: WAN_FREE[opt2]) (real interface: igb3).
Apr 9 03:50:10 	php-fpm[44501]: /rc.newwanip: rc.newwanip: Failed to update opt2 IP, restarting...
Apr 9 03:50:10 	check_reload_status: Configuring interface opt2
Apr 9 03:50:10 	check_reload_status: rc.newwanip starting igb3
Apr 9 03:50:11 	php-fpm[44501]: /rc.newwanip: rc.newwanip: Info: starting on igb3.
Apr 9 03:50:11 	php-fpm[44501]: /rc.newwanip: rc.newwanip: on (IP address: 0.0.0.0) (interface: WAN_FREE[opt2]) (real interface: igb3).
Apr 9 03:50:11 	php-fpm[44501]: /rc.newwanip: rc.newwanip: Failed to update opt2 IP, restarting...
Apr 9 03:50:11 	check_reload_status: Configuring interface opt2
Apr 9 03:50:13 	check_reload_status: rc.newwanip starting igb3
Apr 9 03:50:14 	php-fpm[48969]: /rc.newwanip: rc.newwanip: Info: starting on igb3.
Apr 9 03:50:14 	php-fpm[48969]: /rc.newwanip: rc.newwanip: on (IP address: xxx.xxx.xxx.xxx) (interface: WAN_FREE[opt2]) (real interface: igb3).
Apr 9 03:50:16 	php-fpm[48969]: /rc.newwanip: Forcefully reloading IPsec
Apr 9 03:50:16 	php-fpm[48969]: /rc.newwanip: Forcefully reloading IPsec
Apr 9 03:50:16 	check_reload_status: Reloading filter
Apr 9 03:50:16 	php-fpm[48969]: /rc.newwanip: Resyncing OpenVPN instances for interface WAN_FREE.
Apr 9 03:50:16 	php-fpm[48969]: /rc.newwanip: Creating rrd update script
Apr 9 03:50:18 	php-fpm[48969]: /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - aa.bb.cc.dd -> aa.bb.cc.dd - Restarting packages.
Apr 9 03:50:18 	check_reload_status: Starting packages
Apr 9 03:50:19 	php-fpm[63813]: /rc.start_packages: Restarting/Starting all packages.
Apr 9 03:50:19 	php-fpm[63813]: /rc.start_packages: Reloading Squid for configuration sync
Apr 9 03:50:19 	check_reload_status: Reloading filter
Apr 9 03:50:20 	php-fpm[63813]: /rc.start_packages: Not calling package sync code for dependency squid of squid because some include files are missing.
Apr 9 03:50:21 	php-fpm[394]: /rc.newipsecdns: IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.
Apr 9 03:50:23 	check_reload_status: Syncing firewall
Apr 9 03:50:23 	php-fpm[36537]: /rc.newipsecdns: IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.
Apr 9 03:50:23 	check_reload_status: Reloading filter
Apr 9 03:50:24 	check_reload_status: updating dyndns WAN_FREE_DHCP
Apr 9 03:50:24 	check_reload_status: Restarting ipsec tunnels
Apr 9 03:50:24 	check_reload_status: Restarting OpenVPN tunnels/interfaces
Apr 9 03:50:24 	check_reload_status: Reloading filter
Apr 9 03:50:25 	php-fpm[4154]: /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use WAN_FREE_DHCP.

... same logs in loop

Apr 9 06:12:22 	check_reload_status: Reloading filter
Apr 9 06:12:54 	check_reload_status: updating dyndns WAN_FREE_DHCP
Apr 9 06:12:54 	check_reload_status: Restarting ipsec tunnels
Apr 9 06:12:54 	check_reload_status: Restarting OpenVPN tunnels/interfaces
Apr 9 06:12:54 	check_reload_status: Reloading filter
Apr 9 06:12:55 	php-fpm[91563]: /rc.openvpn: OpenVPN: One or more OpenVPN tunnel endpoints may have changed its IP. Reloading endpoints that may use WAN_FREE_DHCP.
Apr 9 06:13:10 	php-fpm[79021]: /rc.newipsecdns: IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.

... here i logged in and disable/reenabled WANGW and all started to work again:

Apr 9 07:41:53 	check_reload_status: Syncing firewall
Apr 9 07:41:56 	php-fpm[3042]: /system_gateways.php: ROUTING: setting default route to xx.xx.xx.xx