1
18.1 Legacy Series / New machines on network can't get traffic out for ~5 mins
« on: June 10, 2018, 07:41:23 pm »
Hello,
I've got a very strange issue on my hands that I could use some help debugging.
My setup:
- OPNsense 18.1.6-amd64
- PC Engines apu2c4: AMD GX-412TC SOC (4 cores) + 4 GB RAM
Any time a new device connects to the network, or reconnects after being off, that device sees the following:
- DHCP address is assigned and network appears configured correctly.
- Can ping router and get responses, but web GUI immediately fails with "connection refused". Same behavior for both IPv4 and IPv6 addresses.
- Can communicate with other devices on the LAN normally.
- The majority of HTTPS webpages will not load - they stall at "connecting..." in the browser. Some pages do work though - e.g. google.com is accessible and slashdot.org is not. Unencrypted HTTP traffic also works for some pages but not others.
- DNS does not work.
- Strangely I _can_ ping google.com, as well as use the website.
- I cannot connect to an outside server via ssh directly by IP address, either IPv4 or IPv6 addresses. Connection eventually times out.
In all the above cases where the computer could not connect, another computer right next to it which had been on the network for longer was able to make the connection without issue. After about five minutes everything goes back to normal and all the tests above work on both computers.
I was watching the firewall traffic on the working computer and saw connections being passed from the newly connected computer when trying to load pages that stalled, suggesting to me that it's not an issue with firewall rules. (Using the web GUI here at the same time that the GUI is not accessible on the other machine.)
I experience the issue on macOS, iOS, and Ubuntu devices, both with DHCP and with static IP addresses configured, over both the wireless AP and via ethernet. All devices connect to the LAN interface on the apu2 via an unmanaged gigabit switch.
The issue was not present until I moved to the OPNsense router - had been using a consumer box previously. Thought it might be something IPv6 related, since I don't think my old router was set to use it, but I'm seeing issues with both IPv4 and IPv6 traffic, and the issue of not being able to get to the OPNsense GUI is especially bizarre. No indications that it's an upstream problem either, as other machines on the network that have been connected for longer can get traffic out just fine.
In some cases, some magic combination of disabling and re-enabling network interfaces repeatedly and spamming the "Renew DHCP Lease" button will reestablish connectivity, but in other cases it doesn't.
¯\_(ツ)_/¯
Thanks, any ideas would be much appreciated!
I've got a very strange issue on my hands that I could use some help debugging.
My setup:
- OPNsense 18.1.6-amd64
- PC Engines apu2c4: AMD GX-412TC SOC (4 cores) + 4 GB RAM
Any time a new device connects to the network, or reconnects after being off, that device sees the following:
- DHCP address is assigned and network appears configured correctly.
- Can ping router and get responses, but web GUI immediately fails with "connection refused". Same behavior for both IPv4 and IPv6 addresses.
- Can communicate with other devices on the LAN normally.
- The majority of HTTPS webpages will not load - they stall at "connecting..." in the browser. Some pages do work though - e.g. google.com is accessible and slashdot.org is not. Unencrypted HTTP traffic also works for some pages but not others.
- DNS does not work.
- Strangely I _can_ ping google.com, as well as use the website.
- I cannot connect to an outside server via ssh directly by IP address, either IPv4 or IPv6 addresses. Connection eventually times out.
In all the above cases where the computer could not connect, another computer right next to it which had been on the network for longer was able to make the connection without issue. After about five minutes everything goes back to normal and all the tests above work on both computers.
I was watching the firewall traffic on the working computer and saw connections being passed from the newly connected computer when trying to load pages that stalled, suggesting to me that it's not an issue with firewall rules. (Using the web GUI here at the same time that the GUI is not accessible on the other machine.)
I experience the issue on macOS, iOS, and Ubuntu devices, both with DHCP and with static IP addresses configured, over both the wireless AP and via ethernet. All devices connect to the LAN interface on the apu2 via an unmanaged gigabit switch.
The issue was not present until I moved to the OPNsense router - had been using a consumer box previously. Thought it might be something IPv6 related, since I don't think my old router was set to use it, but I'm seeing issues with both IPv4 and IPv6 traffic, and the issue of not being able to get to the OPNsense GUI is especially bizarre. No indications that it's an upstream problem either, as other machines on the network that have been connected for longer can get traffic out just fine.
In some cases, some magic combination of disabling and re-enabling network interfaces repeatedly and spamming the "Renew DHCP Lease" button will reestablish connectivity, but in other cases it doesn't.
¯\_(ツ)_/¯
Thanks, any ideas would be much appreciated!