Monitor Gateway

ghkrauss

I am monitoring non-gateway IP's. It seems that the gateway IP's are not always that reliable. Any input on this.

Gertjan

Like : they do not always reply on 'ping' …. ? ;)

ghkrauss

Yes…your exactly correct.

dennypage

Yes. It's a good idea.

@ghkrauss:

I am monitoring non-gateway IP's. It seems that the gateway IP's are not always that reliable. Any input on this.

ghkrauss

Thanks Denny

phil.davis

You want to monitor something that:
a) responds reliably to ping (at the rate you are going to ping - some things will throttle the rate they respond)
b) is far enough out on the real internet to be a fair indication that the general internet is reachable

If you just monitor the direct first-hop gateway, then it can be up but your ISP has other routing/connectivity issues through to the general internet. If you choose some other address further along the network hops, but still in your ISP network, then there is the same problem - it might be reachable but the general internet is not reachable.

ghkrauss

Phil:

Thanks for the analysis. I will follow your suggestions and choose an alternative IP location in the network.

Howard

sinanc

Is that solve the problem?

ghkrauss

Yes the issue was solved by moving away from the ISP Gasteway.

sinanc

@ghkrauss:

Yes the issue was solved by moving away from the ISP Gasteway.

I have moved it too but still phaving the problem.
After restarting pfsense, at first 10 second it shows online but after that stays offlince and sends emails about it is offline all the time.

dennypage

What is shown on the gateway status page? (Status / Gateways)

What is the command line for dpinger? (ps -axuww | grep dpinger)

sinanc

@dennypage:

What is shown on the gateway status page? (Status / Gateways)

What is the command line for dpinger? (ps -axuww | grep dpinger)

Hi,

ps -axuww | grep dpinger status


[2.3-RELEASE][root@pfsense.XXXXXl]/root: ps -axuww | grep dpinger
root   72026   0.0  0.0 14724  1924  -  Ss    5:34PM    0:10.50 /usr/local/bin/dpinger -S -r 0 -i WANGW -B XXX.XXX.XXX.XXX -p /var/run/dpinger_WANGW_XXX.XXX.XXX.XXX_XXX.XXX.XXX.XXX.pid -u /var/run/dpinger_WANGW_XXX.XXX.XXX.XXX_XXX.XXX.XXX.XXX.sock -C /etc/rc.gateway_alarm -d 0 -s 500 -l 2000 -t 60000 -A 1000 -D 500 -L 20 XXX.XXX.XXX.XXX
root   72501   0.0  0.0 14724  1920  -  Ss    5:34PM    0:11.47 /usr/local/bin/dpinger -S -r 0 -i KABLONET_DHCP -B XXX.XXX.XXX.XXXX -p /var/run/dpinger_KABLONET_DHCP_XXX.XXX.XXX.XXX_XXX.XXX.XXX.XXX.pid -u /var/run/dpinger_KABLONET_DHCP_XXX.XXX.XXX.XXX_XXX.XXX.XXX.XXX.sock -C /etc/rc.gateway_alarm -d 0 -s 500 -l 2000 -t 60000 -A 1000 -D 500 -L 20 XXX.XXX.XXX.XXX
root   31070   0.0  0.0 10260  1900  0  S+   10:20AM    0:00.00 grep dpinger

update and Restart pfsense after 10 second it shows gateway status online screenshot name gatewaystatus online. After gateway status offline screenshot name gatewaystatus offline.

Gateway monitoring ip adress clear last status screenshot name gatewaystatus last and restart pfsense.

Status/Gateways logs

May 12 17:34:40	dpinger		KABLONET_DHCP XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 17:34:39	dpinger		WANGW XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 17:34:36	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX0 identifier "KABLONET_DHCP "
May 12 17:34:36	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 17:34:09	dpinger		WANGW XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 17:34:06	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 17:34:04	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 17:28:13	dpinger		WANGW XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 17:28:10	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 17:23:05	dpinger		WANGW XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 17:23:05	dpinger		KABLONET_DHCP XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 17:23:02	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX0 identifier "KABLONET_DHCP "
May 12 17:23:02	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 17:22:25	dpinger		KABLONET_DHCP XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 17:22:25	dpinger		WANGW XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 17:22:22	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX0 identifier "KABLONET_DHCP "
May 12 17:22:22	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 12:51:39	dpinger		KABLONET_DHCP XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 12:51:39	dpinger		WANGW 8.8.8.8: Alarm latency 0us stddev 0us loss 100%
May 12 12:51:36	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX0 identifier "KABLONET_DHCP "
May 12 12:51:36	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 8.8.8.8 bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 12:51:35	dpinger		KABLONET_DHCP XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 12:51:35	dpinger		WANGW 8.8.8.8: Alarm latency 0us stddev 0us loss 100%
May 12 12:51:32	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX0 identifier "KABLONET_DHCP "
May 12 12:51:32	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 8.8.8.8 bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 12:46:08	dpinger		WANGW 8.8.8.8: Alarm latency 0us stddev 0us loss 100%
May 12 12:46:05	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 8.8.8.8 bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 11:05:24	dpinger		KABLONET_DHCP XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 11:05:24	dpinger		WANGW 8.8.8.8: Alarm latency 0us stddev 0us loss 100%
May 12 11:05:21	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX0 identifier "KABLONET_DHCP "
May 12 11:05:21	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 8.8.8.8 bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 11:05:19	dpinger		WANGW 8.8.8.8: Alarm latency 0us stddev 0us loss 100%
May 12 11:05:19	dpinger		KABLONET_DHCP XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 11:05:16	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX0 identifier "KABLONET_DHCP "
May 12 11:05:16	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 8.8.8.8 bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 09:01:08	dpinger		WANGW 8.8.8.8: Alarm latency 0us stddev 0us loss 100%
May 12 09:01:05	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 8.8.8.8 bind_addr XXX.XXX.XXX.XXX identifier "WANGW "
May 12 01:49:48	dpinger		WANGW 8.8.8.8: Alarm latency 0us stddev 0us loss 100%
May 12 01:49:48	dpinger		KABLONET_DHCP XXX.XXX.XXX.XXX: Alarm latency 0us stddev 0us loss 100%
May 12 01:49:45	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr XXX.XXX.XXX.XXX bind_addr XXX.XXX.XXX.XXX0 identifier "KABLONET_DHCP "
May 12 01:49:45	dpinger		send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 8.8.8.8 bind_addr XXX.XXX.XXX.XXX identifier "WANGW "

What should I do to solve the problem?

![gatewaystatus online.JPG](/public/imported_attachments/1/gatewaystatus online.JPG)
![gatewaystatus online.JPG_thumb](/public/imported_attachments/1/gatewaystatus online.JPG_thumb)
![gatewaystatus offline.JPG](/public/imported_attachments/1/gatewaystatus offline.JPG)
![gatewaystatus offline.JPG_thumb](/public/imported_attachments/1/gatewaystatus offline.JPG_thumb)
![gatewaystatus last.JPG](/public/imported_attachments/1/gatewaystatus last.JPG)
![gatewaystatus last.JPG_thumb](/public/imported_attachments/1/gatewaystatus last.JPG_thumb)

dennypage

Looking at the dpinger log, it is clear that there are no probes responses actually being received. The reason that it shows as "up" initially is because dpinger cannot declare any packets lost until the initial expiration of the loss interval (2 seconds). Beyond that, it's just how soon the page is refreshed.

So as to the source of the problem, something is dropping either the ICMP echo request or the ICMP echo reply. The first thing I would recommend is to try setting the dpinger Data Payload to 1 in the Advanced section of the Edit Gateway page (System / Routing / Gateways / Edit). If this fixes it, it means that some network element in the path simply has a defect in the handling of ICMP packets. It's not a problem to continue running with a small data payload.

If setting a Data Payload doesn't fix it, it likely means that some element along the path is actively suppressing ICMP echo packets. To determine where, you would need to start exploring with ping and traceroute. An example for ping would be:

ping -S src_addr 8.8.8.8

For src_addr use the IP address of your firewall (same as the -B parameter to dpinger). If you want to mimic the behavior of dpinger, you can add a size parameter:

ping -S src_addr -s 0 8.8.8.8

An example for traceroute would be:

traceroute -s src_addr 8.8.8.8

By default traceroute uses UDP packets. To use ICMP packets instead, you would use:

traceroute -s src_addr -I 8.8.8.8

Traceroute allows you to specify a packet size, but does not allow a zero size payload.

Additional options for ping and traceroute can be found in the FreeBSD man pages:

https://www.freebsd.org/cgi/man.cgi