"
Hi all,
I am new here, so please bare with me if this is a stupid question, but I could not find any answer.
We have recently switched from a ZyWall to an OPNsense (running on a Thomas Krenn LES4). We have one WAN port, LAN1, LAN2 and DMZ. Almost everything works like a charm (including IPS, ...), with a much higher throughput. Several virtualised servers are running in the DMZ, providing different services (mostly web servers). On two of these servers (both running Debian 10, kernel 4.19), we now observe a strange behaviour:
The systems run perfectly fine, web pages are accessible. Suddently (once or twice per hour, for typically ~60 seconds), the server is not accessible (connection timeout). If we run a continuous ping, we can see the same pattern (ping times out once or twice per hour, each time ~60 seconds), then runs again without interaction.
To try and resolve it, we found that from the server, the network is accessible. Pinging another machine from the affected server resolves the issue. Also, running ifdown ens3 && ifup ens3 on the affected server will instantly resolve the issue, but it occurs again in the usual pattern. We have switched the Ethnernet card of the server from virtio to e1000, this had no effect. Interestingly, this does not affect all servers (this might be coincidence, but the nginx-servers are not affected, but apache2 servers are; running on the same hardware).
Any points/hints are highly welcome!
I am new here, so please bare with me if this is a stupid question, but I could not find any answer.
We have recently switched from a ZyWall to an OPNsense (running on a Thomas Krenn LES4). We have one WAN port, LAN1, LAN2 and DMZ. Almost everything works like a charm (including IPS, ...), with a much higher throughput. Several virtualised servers are running in the DMZ, providing different services (mostly web servers). On two of these servers (both running Debian 10, kernel 4.19), we now observe a strange behaviour:
The systems run perfectly fine, web pages are accessible. Suddently (once or twice per hour, for typically ~60 seconds), the server is not accessible (connection timeout). If we run a continuous ping, we can see the same pattern (ping times out once or twice per hour, each time ~60 seconds), then runs again without interaction.
To try and resolve it, we found that from the server, the network is accessible. Pinging another machine from the affected server resolves the issue. Also, running ifdown ens3 && ifup ens3 on the affected server will instantly resolve the issue, but it occurs again in the usual pattern. We have switched the Ethnernet card of the server from virtio to e1000, this had no effect. Interestingly, this does not affect all servers (this might be coincidence, but the nginx-servers are not affected, but apache2 servers are; running on the same hardware).
Any points/hints are highly welcome!
