I recently migrated to new (temporary) hardware for OPNsense. My trusty Protectli FW4A died and, while I wait for a proper replacement to arrive, I set up an older Zotac CI327NANO as a temporary replacement and imported a backup of the configuration into it.
Currently on OPNsense 22.1.6-amd64 (as was the previous box) and having issues I had never seen before from the start.
Several times throughout the day OPNsense looses the WAN IP. I cannot see anything in the logs in that regard (or I don't know which logs to look into -- please advise), but when I issue a "configctl interface reconfigure wan", I see the following in the system log, yet the WAN IP on the OPNsense dashboard still remains blank and I have no connectivity (note: IP addresses removed from log, as I don't want to put the firewall to the test :)))
<27>1 2022-04-29T07:50:32-04:00 OPNsense.lan dhclient 21270 - [meta sequenceId="1"] My address (<WAN IP ADDRESS HIDDEN>) was deleted, dhclient exiting
<27>1 2022-04-29T07:50:32-04:00 OPNsense.lan dhclient 21270 - [meta sequenceId="2"] connection closed
<26>1 2022-04-29T07:50:32-04:00 OPNsense.lan dhclient 21270 - [meta sequenceId="3"] exiting.
<13>1 2022-04-29T07:51:49-04:00 OPNsense.lan dhclient 5679 - [meta sequenceId="1"] New IP Address (re1): <WAN IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:51:49-04:00 OPNsense.lan dhclient 7207 - [meta sequenceId="2"] New Subnet Mask (re1): 255.255.255.0
<13>1 2022-04-29T07:51:49-04:00 OPNsense.lan dhclient 8233 - [meta sequenceId="3"] New Broadcast Address (re1): <BROADCAST IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:51:49-04:00 OPNsense.lan dhclient 10280 - [meta sequenceId="4"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:51:50-04:00 OPNsense.lan dhclient 15937 - [meta sequenceId="5"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<11>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="6"] /usr/local/etc/rc.configure_interface: ROUTING: entering configure using 'wan'
<11>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="7"] /usr/local/etc/rc.configure_interface: ROUTING: IPv4 default gateway set to lan
<11>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="8"] /usr/local/etc/rc.configure_interface: ROUTING: skipping IPv4 default route
<13>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="9"] plugins_configure ipsec (1,wan)
<13>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="10"] plugins_configure ipsec (execute task : ipsec_configure_do(1,wan))
<13>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="11"] plugins_configure dhcp (1)
<13>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="12"] plugins_configure dhcp (execute task : dhcpd_dhcp_configure(1))
<13>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="13"] plugins_configure dns (1)
<13>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="14"] plugins_configure dns (execute task : dnsmasq_configure_do(1))
<13>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="15"] plugins_configure dns (execute task : unbound_configure_do(1))
<11>1 2022-04-29T07:51:51-04:00 OPNsense.lan opnsense 17850 - [meta sequenceId="16"] /usr/local/etc/rc.configure_interface: warning: ignoring missing default tunable request: debug.pfftpproxy
<13>1 2022-04-29T07:53:05-04:00 OPNsense.lan dhclient 7185 - [meta sequenceId="1"] New IP Address (re1): <WAN IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:53:05-04:00 OPNsense.lan dhclient 8160 - [meta sequenceId="2"] New Subnet Mask (re1): 255.255.255.0
<13>1 2022-04-29T07:53:05-04:00 OPNsense.lan dhclient 10734 - [meta sequenceId="3"] New Broadcast Address (re1): <BROADCAST IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:53:05-04:00 OPNsense.lan dhclient 11674 - [meta sequenceId="4"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:53:06-04:00 OPNsense.lan dhclient 19459 - [meta sequenceId="5"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:54:21-04:00 OPNsense.lan dhclient 16893 - [meta sequenceId="1"] New IP Address (re1): <WAN IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:54:21-04:00 OPNsense.lan dhclient 19249 - [meta sequenceId="2"] New Subnet Mask (re1): 255.255.255.0
<13>1 2022-04-29T07:54:21-04:00 OPNsense.lan dhclient 20987 - [meta sequenceId="3"] New Broadcast Address (re1): <BROADCAST IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:54:21-04:00 OPNsense.lan dhclient 24053 - [meta sequenceId="4"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:54:22-04:00 OPNsense.lan dhclient 62892 - [meta sequenceId="5"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:55:37-04:00 OPNsense.lan dhclient 94653 - [meta sequenceId="1"] New IP Address (re1): <WAN IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:55:37-04:00 OPNsense.lan dhclient 96993 - [meta sequenceId="2"] New Subnet Mask (re1): 255.255.255.0
<13>1 2022-04-29T07:55:37-04:00 OPNsense.lan dhclient 98324 - [meta sequenceId="3"] New Broadcast Address (re1): <BROADCAST IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:55:37-04:00 OPNsense.lan dhclient 23 - [meta sequenceId="4"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:55:38-04:00 OPNsense.lan dhclient 6841 - [meta sequenceId="5"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<11>1 2022-04-29T07:56:05-04:00 OPNsense.lan opnsense 18941 - [meta sequenceId="6"] /usr/local/etc/rc.linkup: DEVD: Ethernet detached event for static opt1(ue0)
<11>1 2022-04-29T07:56:05-04:00 OPNsense.lan opnsense 52651 - [meta sequenceId="7"] /usr/local/etc/rc.linkup: DEVD: Ethernet attached event for static opt1(ue0)
<11>1 2022-04-29T07:56:06-04:00 OPNsense.lan opnsense 55658 - [meta sequenceId="8"] /usr/local/etc/rc.newwanip: IPv4 renewal is starting on 'ue0'
<11>1 2022-04-29T07:56:06-04:00 OPNsense.lan opnsense 55658 - [meta sequenceId="9"] /usr/local/etc/rc.newwanip: On (IP address: 192.168.9.1) (interface: OPT1[opt1]) (real interface: ue0).
<13>1 2022-04-29T07:56:06-04:00 OPNsense.lan opnsense 55658 - [meta sequenceId="10"] plugins_configure hosts ()
<13>1 2022-04-29T07:56:06-04:00 OPNsense.lan opnsense 55658 - [meta sequenceId="11"] plugins_configure hosts (execute task : dnsmasq_hosts_generate())
<13>1 2022-04-29T07:56:06-04:00 OPNsense.lan opnsense 55658 - [meta sequenceId="12"] plugins_configure hosts (execute task : unbound_hosts_generate())
<13>1 2022-04-29T07:56:53-04:00 OPNsense.lan dhclient 65054 - [meta sequenceId="13"] New IP Address (re1): <WAN IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:56:53-04:00 OPNsense.lan dhclient 66791 - [meta sequenceId="14"] New Subnet Mask (re1): 255.255.255.0
<13>1 2022-04-29T07:56:53-04:00 OPNsense.lan dhclient 68241 - [meta sequenceId="15"] New Broadcast Address (re1): <BROADCAST IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:56:53-04:00 OPNsense.lan dhclient 68897 - [meta sequenceId="16"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:56:54-04:00 OPNsense.lan dhclient 84346 - [meta sequenceId="17"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:58:09-04:00 OPNsense.lan dhclient 85990 - [meta sequenceId="1"] New IP Address (re1): <WAN IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:58:09-04:00 OPNsense.lan dhclient 87761 - [meta sequenceId="2"] New Subnet Mask (re1): 255.255.255.0
<13>1 2022-04-29T07:58:09-04:00 OPNsense.lan dhclient 90029 - [meta sequenceId="3"] New Broadcast Address (re1): <BROADCAST IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:58:09-04:00 OPNsense.lan dhclient 93627 - [meta sequenceId="4"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:58:10-04:00 OPNsense.lan dhclient 429 - [meta sequenceId="5"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:59:25-04:00 OPNsense.lan dhclient 79483 - [meta sequenceId="1"] New IP Address (re1): <WAN IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:59:25-04:00 OPNsense.lan dhclient 81517 - [meta sequenceId="2"] New Subnet Mask (re1): 255.255.255.0
<13>1 2022-04-29T07:59:25-04:00 OPNsense.lan dhclient 83744 - [meta sequenceId="3"] New Broadcast Address (re1): <BROADCAST IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:59:25-04:00 OPNsense.lan dhclient 87511 - [meta sequenceId="4"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
<13>1 2022-04-29T07:59:26-04:00 OPNsense.lan dhclient 26165 - [meta sequenceId="5"] New Routers (re1): <ROUTER IP ADDRESS HIDDEN>
I even tried to reconfigure twice, without any difference. This may be related to https://forum.opnsense.org/index.php?topic=26652.0 (https://forum.opnsense.org/index.php?topic=26652.0). In my case, OPNsense is directly connected (via an Ethernet cable) to my Verizon FiOS ONT (in North America). I read elsewhere that putting a network switch between the OPNsense box and the ONT may help in such cases, but I haven't tried that yet and it seems rather crude.
At the moment, the only fix is to reboot the router when this happens.
I should note that I also have IPS enabled on the WAN interface. Although this was the same with my previous OPNsense box, and did not result in an issue in the past.
If I can provide any additional information regarding my issue, or if there is anything else I should try out, I am happy to roll up my sleeves. OPNsense has been good to me for many years now, and I want to be good to it in return :)
Same config but different hardware so interactions between hardware, drivers and config might be at play.
I would disable IPS to begin with and see if that makes it more stable, especially with re interfaces.
We saw a somewhat similar issue and when we disabled System \ Settings \ General \ Allow default gateway switching, it stopped. Might be worth a shot if you only have one WAN connection.
Quote from: cookiemonster on April 29, 2022, 03:14:06 PM
Same config but different hardware so interactions between hardware, drivers and config might be at play.
I would disable IPS to begin with and see if that makes it more stable, especially with re interfaces.
Thank you for that -- yes, I was also contemplated turning off IPS. It's unclear to me anyway whether it should be configured on WAN or LAN (and have seen other people hotly debate that topic). But let's assume I turn it off and the problem goes away -- what then to enable it again? :)
Quote from: anicoletti on April 29, 2022, 03:19:06 PM
We saw a somewhat similar issue and when we disabled System \ Settings \ General \ Allow default gateway switching, it stopped. Might be worth a shot if you only have one WAN connection.
Thank you -- I just checked and it's already disabled on my end.
Take a look at this thread... https://forum.opnsense.org/index.php?topic=27299.60
Yeah, I read through it and it may be related. I also realize that disabling the Intrusion Detection service altogether seems to allow the OPNsense box to obtain a WAN IP address. As was suggested further above (thanks!).
Quote from: cookiemonster on April 29, 2022, 03:14:06 PM
Same config but different hardware so interactions between hardware, drivers and config might be at play.
I would disable IPS to begin with and see if that makes it more stable, especially with re interfaces.
Disabling IPS completely indeed mitigated my WAN disconnect issue completely. Not really a good long term solution, as I'd like to turn IPS on again, but you were right, it's clearly related. Where to go from here? :)