Internet Keeps going down
-
Ok– will wait to read your progress later.
:)
-
thanks so much man, about 8 hours :)
-
I have a few questions:
1. Why are you using the DNS Resolver settings, does your ISP not offer DNS? Just let it pull the DNS information via DHCP
2. Can you reset your modem back to gateway mode? For testing purposes. It would seem to me you have a layer 1 issue since you are using link on your firewalls WAN
3. Once your gateway is reset can you log into it and post the information under the ISPs network info? I'm looking for Receive signal levels, SNR, Transmit Signal levels …..At Comcast we have a similar Bridge mode and the only way to take it out is to reset the gateway by holding down the reset button for 15 seconds.
You can run PfSense from behind a NAT just make sure you uncheck the box on the WAN setup that say, "Block private networks and loopback addresses"
When your PfSense Firewall goes down see if you can connect directly to the gateway and get out that way either wireless or wired. This will let us know if the problem is happening upstream of the PfSense Firewall. Also make sure you don't have any switching loops on your network.
How if the PfSense Firewall connected to your LAN, are you using a switch, if are you using any vlans? A simple network diagram here would really be helpful. https://www.gliffy.com/
-
Mostly I use DNS forwarder because i subscribe to AirVPN and they have a PFsense setup guide and DNS forwarder is how he sets it up, but I haven't even got that far yet. The resolver is just the default setting for the PFsense install, I literally didn't touch anything after install. Pretty sure my ISP offers DNS but I just default installed and waited for it to go down.
I could reset it back to gateway mode for sure to test, at this point I will do anything. For number 3, yes I could do that as well.
when the firewall goes down, sometimes I can ping the firewall from my computer, sometimes I cannot. Sometimes there is a yellow exclamation mark by the network connection, sometimes not. All the time I can SSH into the console and mostly I cannot ping from there..
I posted a pic of my network above but here it is again… It is a little more complex than this but for right now, this is how it is, just keeping it basic to get this thing working..
https://drive.google.com/open?id=0B4IAV3fk9yIYT3VUQ3pzeFFEbWM
Really would like to narrow it down to a hardware or software problem, my wife thinks I'm an idiot but I have much invested into Pfsense and don't want to give up.
-
Sloooow down a bit… One step at a time.
Try the switch and lets see which interface is actually dropping when you lose connection.
-
@chpalmer for sure, i want to be methodical in doing this.
how did you want me to wire up the switch to test? just cable modem wan to switch, then one port of switch to wan of pfsense and another port directly to another Pc?
-
I will standby in read only mode. If/when you determine its your modem it looks like when you put it back in gateway mode, at the login you should get the numbers I requested.
-
thanks Mike, appreciate your help very much.
-
Put it in series. Modem - Switch - Router. If the connection goes down again then you will see which interface drops independently of the other.
Mike- you saying you can't reach your modems GUI in bridge mode either? Really makes no sense to me as cable is not a "tunneled" connection like a PPP or VPN connection would be. Notice that modem in the video I linked to is in bridge mode already as the user is showing the options…
The firewall does not by default block connections outbound to 192.168.0.1 unless you are using 192.168.0.0/ as your LAN as well.
-
like this? sorry for the crude drawing..
https://drive.google.com/open?id=0B4IAV3fk9yIYSDEyMl84SDQ3UzA
-
You dont need the PC on the switch.
-
i would just be able to tell because the lights on the switch?
-
Yep- thats the idea. Otherwise you could try putting 192.168.0.(2-254) in your laptop as a static IP and see if you can reach the modem while plugged into the switch.
But since you reported that the interface lights also go out during these occasions this should tell you which device is doing it.
-
Quick update. Got home, internet was down again after a day of nobody being home. Old computer has been in since yesterday, trying to eliminate my new computer being the problem. I could ping Pfsense and it would respond, i SSH into the box and couldn't ping out. No yellow exclamation on networking icon and no indication that the internet wasn't working except I couldn't surf anything.
Here is a pic of desktop
https://drive.google.com/open?id=0B4IAV3fk9yIYb0laYmxhY3ctcW8
what I did was take the crappy $20 switch out which connects all my lan and replaced it with my Cisco. I also added another Cisco switch in series like chpalmer said. I pulled the Intel dual NIC card and replaced it with my original one. My wife reminded me that all these problems started when i got the new router and newer network card, so now I have the old dual Intel PCIe NIC back in my old computer.
$700 router and all Cisco equipment, kind of frustrating. I am hoping that maybe it is that dual NIC. I also had to reinstall PFsense because when i replace the NIC and try to reboot PFsense, it just endlessly rebooted, would not load.
I also tried disabling DNS forwarder and DNS resolver but it didn't work, so I put them back on.
:)
-
Seems you have ruled out your new motherboard at least.
Good luck! ;)
-
I also tried disabling DNS forwarder and DNS resolver but it didn't work, so I put them back on.
Both of them?
-
one at a time. I am beginning to think it is partly a dns setting problem. . I have always used forwarder in the past.
-
DNS won't cause a link to go down but broken DNS makes the whole internet look broken.
If it is your ISPs DNS servers, using the resolver should completely bypass that, assuming those are the servers you're forwarding to.
-
at this point I have no idea, i am just reading up on the right setup of DNS on my PFsense box. Do you have any suggestions? ever since I have used resolver I seem to have these problems unless it is a coincedence.. I checked use DNS forwarder, put nothing in the DNS settings on the general page and Allow DNS servers to be over written by DHCP. On the dashboard it says 127.0.0.1 and then what appears to be my isp DNS numbers.
-
Honestly, I don't know. You're sort of all over the place.
I think you need to slow down and take a step back, simplify your setup, and see what's really going on.
Is the WAN link physically going down or not? If so, it's not DNS.
If you cannot browse but can ping 8.8.8.8, it might be DNS. If you can't ping 8.8.8.8 it's likely not DNS.
If your ISP DNS servers are unreliable, you should be using the DNS Resolver or pointing your DNS Forwarder to more reliable servers like google or OpenDNS using System > General Setup.
