OPNsense Forum

Archive => 18.1 Legacy Series => Topic started by: DaveA67 on May 08, 2018, 10:06:11 am

Title: Losing default route
Post by: DaveA67 on May 08, 2018, 10:06:11 am

Hi

I have a virtual deployment of Opnsense 18.1 in a data centre and all works wee apart from the face that the default route keeps vanishing.
The WAN interface is set statically via the console, but this drops off seemingly randomly

Any ideas??

I have another similar deployment which is fine

Cheers

Title: Re: Losing default route
Post by: franco on May 08, 2018, 10:10:03 am

Which exact version, which WAN types (IPv4 and IPv6), and what's in the system logs when this happens?

18.1.2 and 18.1.4 both had fixes in this general area. 18.1.8 will have another and improved logging.

There are usually two suspects:

No gateways have been defined and set to defaults under System: Gateways: Single.

You can try to see if enabling default gateway switching helps this or not under Firewall: Settings: Advanced.


Cheers,
Franco

Title: Re: Losing default route
Post by: DaveA67 on May 08, 2018, 11:08:29 am

Hi Franco

It is on 18.1.4
The WAN is just IPv4

There is a gateway defined bit I think it's only there after I add via the console with
ROUTE ADD DEFAULT X.X.X.X

I do not have browser access to the LAN side as it's in a datacentre and there are no other machines with browser capability inside the LAN

I have enabled gateway switching as suggested.

Many thanks for the reply!

Title: Re: Losing default route
Post by: franco on May 08, 2018, 11:31:41 am

Ok WAN IPv4, but which type? DHCP, Static, etc.? Any secondary WANs?

Title: Re: Losing default route
Post by: DaveA67 on May 08, 2018, 12:07:54 pm

Hi

It's static and there is just a single WAN interface.
I must have configured something incorrectly somewhere, but can't find it for the life of me :)

Cheers

Title: Re: Losing default route
Post by: franco on May 08, 2018, 01:13:13 pm

Hmm, I suppose the gateway is explicitly added under System: Gateways: Single? If yes, it should never disappear. A final batch for default route setting follows in 18.1.8, but not sure if this is related to OPNsense or possibly a hypervisor-related hiccup?


Cheers,
Franco

Title: Re: Losing default route
Post by: DaveA67 on May 08, 2018, 02:22:03 pm

I found the below in the log if it helps diagnose

May 4 17:17:25   apinger: Exiting on signal 15.
May 4 16:58:48   apinger: ALARM: GW_WAN(62.164.145.129) *** down ***
May 4 16:58:38   apinger: Starting Alarm Pinger, apinger(25687)
May 4 16:58:38   apinger: Exiting on signal 15.
May 4 16:58:37   apinger: Starting Alarm Pinger, apinger(1117)
May 4 16:58:37   apinger: Exiting on signal 15.
May 4 16:58:36   apinger: Starting Alarm Pinger, apinger(31381)
May 4 16:57:17   apinger: ALARM: GW_WAN(62.164.145.129) *** down ***
May 4 16:57:07   apinger: Starting Alarm Pinger, apinger(52530)
May 4 16:57:07   apinger: Exiting on signal 15.
May 4 16:57:05   apinger: Starting Alarm Pinger, apinger(61742)
May 4 16:57:05   apinger: Exiting on signal 15.
May 4 16:56:37   apinger: rrdtool respawning too fast, waiting 300s.
May 4 16:55:37   apinger: Error while feeding rrdtool: Broken pipe
May 4 16:51:37   apinger: rrdtool respawning too fast, waiting 300s.
May 4 16:50:37   apinger: Error while feeding rrdtool: Broken pipe
May 4 16:46:37   apinger: rrdtool respawning too fast, waiting 300s.

Title: Re: Losing default route
Post by: franco on May 08, 2018, 04:01:24 pm

You should definitely disable gateway monitoring for static gateways.


Cheers,
Franco

Title: Re: Losing default route
Post by: DaveA67 on May 08, 2018, 04:10:21 pm

That's the wierd thing - monitoring IS disabled...

Title: Re: Losing default route
Post by: franco on May 08, 2018, 04:14:10 pm

Does not seem so, at least for as far back as May 4? It did not happen again afterwards.

Go to System: Gateways: Single, select that IPv4 gateway, check "Disable Gateway Monitoring" if not already checked and apply the gateway settings to be sure.


Cheers,
Franco

Title: Re: Losing default route
Post by: DaveA67 on May 10, 2018, 02:18:43 pm

Seems stable now, thanks!

I do have a different issue though - I noticed that the IP address of the gateway was incorrect and there were 2 identical entries. I have no idea how this could possibly have worked as the IP address was outside of the subnet!

I added a correct gateway and deleted the wrong ones and added the new proper gateway to the WAN and all seems OK apart from my VPNs will no longer connect.
A mobile user one connects but will not route traffic and a LAN to LAN from the office will not connect at all.

Not sure why the gateway should make a difference unless the VPN config somehow 'remembers' the old gateway??

I have rebooted etc....

Title: Re: Losing default route
Post by: DaveA67 on May 10, 2018, 02:56:29 pm

Hi

Ignore that last comment!

I took a backup, deleted the IPSEc config, re-added from the backup, rebooted and we're back up!

Title: Re: Losing default route
Post by: DaveA67 on May 10, 2018, 03:09:25 pm

No, I was wrong
The LAN- LAN is working the Mobile worker is not.
I connects OK and brigns up the tunnel but cannot connect to anything....