We have two clients running 24.7.6 at this time and having random issues where the firewall will just stop responding to either internal or external traffic. I'm not seeing any interface disconnects in the logs, and a restart resolves the issues. These also different hardware (one is a Protectli FW4C and the other is a ThinkServer). This issue occurs every 5-7 days. The Protectli dropped less than an hour ago and I was able to see these items in the logs.
BACKEND:
2024-11-13T10:43:16-05:00 Notice configd.py [47db4b21-ab0e-4689-884b-9697ea0ec799] reconfiguring routing due to gateway alarm
2024-11-13T10:43:16-05:00 Notice configd.py ALERT: WAN_NeFrontier_GWv4 (Addr: 8.8.8.8 Alarm: loss -> down RTT: 6.2 ms RTTd: 0.4 ms Loss: 47.0 %)
2024-11-13T10:43:06-05:00 Error configd.py Timeout (120) executing : interface routes alarm
2024-11-13T10:41:06-05:00 Notice configd.py [9b964afb-2380-405a-8cf4-f2526810cd3d] list gateways
2024-11-13T10:41:05-05:00 Notice configd.py [a2547427-57b7-4d83-aa0d-4e09ca813a9a] show system routing table
2024-11-13T10:41:05-05:00 Notice configd.py [050c04c9-ff9d-497d-aabc-bb3164cc2736] reconfiguring routing due to gateway alarm
GENERAL:
2024-11-13T10:41:06-05:00 Notice opnsense /usr/local/etc/rc.routing_configure: plugins_configure monitor (execute task : dpinger_configure_do(1,[]))
2024-11-13T10:41:06-05:00 Notice opnsense /usr/local/etc/rc.routing_configure: plugins_configure monitor (1,[])
2024-11-13T10:41:06-05:00 Notice opnsense /usr/local/etc/rc.routing_configure: ROUTING: keeping inet default route to 47.207.54.1
2024-11-13T10:41:06-05:00 Notice opnsense /usr/local/etc/rc.routing_configure: ROUTING: configuring inet default gateway on wan
2024-11-13T10:41:05-05:00 Notice opnsense /usr/local/etc/rc.routing_configure: ROUTING: entering configure using defaults
AUDIT:
2024-11-13T10:43:16-05:00 Informational configd.py action allowed interface.routes.alarm for user root
2024-11-13T10:41:06-05:00 Informational configd.py action allowed interface.gateways.list for user root
2024-11-13T10:41:05-05:00 Informational configd.py action allowed interface.routes.list for user root
2024-11-13T10:41:05-05:00 Informational configd.py action allowed interface.routes.alarm for user root
I can schedule time to upgrade the firewalls to 24.7.8, but wanted to see if anyone else has seen this issue.
The only thing that comes to mind is an IP address conflict, but the chances of it co-occuring on multiple interfaces seems remote. Are you able to look at the console while the network interfaces stop responding? It might be interesting to watch top or tcpdump during an outage.
Sadly it is not happening to my local unit and since I'm losing full connectivity on all WANs and LANs I cannot access the unit to pull any additional information. I was able to have a user look at the console and I did not see any alerts of interface loss or connectivity issues.