OPNsense Forum
Archive => 22.1 Legacy Series => Topic started by: PackerFan on February 01, 2022, 05:32:49 am
-
I apologize for the long post up front, I don't have logs to post so outlined were steps I took to troubleshoot but ultimately had to downgrade back to 21.7.
I upgraded to 22.1 Tuesday last week (I think that's when it was released) and everything went off without a hitch. However after a couple hours I started running into problems.
A quick hardware overview. I run Opnsense as a home firewall running on a Dell 790 PC, not ideal, but powerful enough to run what I have. I run Zenarmor (Sensei) but have no other plugins installed (minus the dark theme). I currently run 24G of memory on a 2600k chip, running an Intel x520-DA2 card and and Intel PCIE standard gigabit NIC. My WAN goes to the gigabit NIC, x520 goes to my switch running 10Gb fiber.
Onto the problem. After the upgrade from 27.1 to 22.1 everything started off fine, but as the day went on, started running into problems. I work from home and was on a WebEx meeting and started having drop outs in my connection. Being on a work provided VPN, not overly unheard of, but when I was presenting my network completely dropped out. My work computer is on its own VLAN at home, and when my network dropped out, I went to my main PC and noticed I had no Internet connectivity as well. After about 30 seconds it came back and everything, both home and work computer reconnected. A couple minutes later everything dropped out for about 30 seconds again. Being that I didn't want to fight this, I rebooted the cable modem, switches, and firewall to start fresh in case there was some update that was causing problems.
Fast forward, this issue continued to happen, around 6-8 times a day. The network would just appear to lock up. No internet, no local network connectivity, it was like I pulled the network cable from my computer. I noticed that after the upgrade, I had a steady increase on LAN IN errors (Admittedly I don't know how to track those down) and would increase by one approximately every automatic page refresh. At times it would jump up by hundreds per refresh, so this started my troubleshooting. The network would ultimately recover on its own without me having to reboot\restart anything.
I replaced literally everything I could. I replaced my switches thinking that I was hitting a bad port, swapped in a Procurve 2910 but the problem still was happening. I am running an older cable modem, so purchased a new one, and that worked for about 8 hours and then I completely lost the Internet at home. Swapped the old modem back in, and Internet came back but was still generating LAN IN errors. I made a new RG6 cable from the entrance point into my house to my cable modem thinking the cable could have gone bad, no change. I swapped out all the cables and interface cards, no change. I tested, and swapped the Ethernet and fiber cables (including transceivers) from the cable modem to the firewall and I'd still get random drop outs where routing would just stop, and then it would start back up again. LAN errors continued to increase during this time as well.
At this point the only piece of the puzzle pointed back to the firewall, which originally I didn't think of because the day I did the upgrade, others in my neighborhood were reporting ISP problems as well. After wrestling with this problem throughout the weekend, I ended up restoring my 21.7 image I took prior to the upgrade and happy to report that i've had zero connectivity issues, and zero LAN errors.
Unfortunately I don't have logs as I needed a reliable network more than anything. I saw others may be having similar issues post upgrade based on the forums, but hopefully this can be looked into, or an explanation as to why this is happening and hopefully this bug can be figured out.
Love the software and that's why i'm reaching out to the forum, to provide as much detail as possible around the problem I experienced with the latest release.
-
suricata maybe? this Zen-thingy also uses nmap iirc...
https://forum.opnsense.org/index.php?topic=25750.0
-
Can you give us a layout of your assigned interfaces? There were changes regarding MAC spoofing, hardware features and media settings for VLANs and parents as noted in the release notes.
For most the problem was spoofing a MAC address on a VLAN but not the parent interface itself so the parent now discards the traffic. Another issue revolved around not assigning the parent of the VLAN as an interface so that hardware offload settings are no longer disabled and traffic flow therefore doesn't work as expected (for the ironic reason that hardware offloading settings are flaky on FreeBSD to this day).
Cheers,
Franco