Monit script to reboot firewall - WAN drops and repeated newwanip runs

Started by Sirius1, May 26, 2019, 11:56:48 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
May 26, 2019, 11:56:48 PM
Currently running 19.1.8. I have had continued issues with WAN failing as noted in numerous other posts ever since the 19.1 version train. Same setup with an ASIX-based USB ethernet on WAN that had no issues previously.  As others have noted, I am also unfortunately behind a cable gateway (Xfinity X1) that is set in bridge mode, rather than a simple cable modem. So lots of variables I have done my best to step through over the past 2-3 months.

Sometimes the WAN is clean for days, other times UP/DOWN in less than 15-30 minutes, and can't get connection again until the firewall is restarted.

Logging (System > Logging > General) indicates same content as in other posts:
WAN interface link state changed UP/DOWN messages, repeated running of rc.newwanip setting and keeping the same default gateway, and requesting and being assigned the same provider host WAN IP address repeatedly.

I have tried every recommended 'fix', inlcuding disabling all the NIC offload options, changing the default tunable net.inet.tcp.tso to '0' from the default, trying to hard-set the WAN as 1000TX-full instead of auto-negotiate, and even a complete new 19.1 install scratch-configured on a different laptop (rather than 18.x to 19.x configuration migration).

The issue persists. As an alternative to the recommended cron scripts to ping IPs and restart the firewall, I have tried to use the Monit plugin, and am really close: I have a 'Service Setting' that successfully restarts my WAN interface after public IP ping failures, but I can't get a 2nd Service Setting that will restart/reboot the firewall after a 2nd ping cycle failure. Once I have this working, I'll post up if it helps anyone else out. >>> The issue that I'm having is that I can't get the firewall to reboot. For the Monit Service Setting script, I've tried these combinations with no luck: /etc/rc.reboot -r, etc/rc.reboot -r now, and /sbin/shutdown -r. It will not let me enter just /etc/rc.reboot as gives an error about needing the 'absolute path' or other arguments.

If anyone can help with the Monit script syntax I need, that would be great. Then I'll post those up. Otherwise, I'm in the same boat with the WAN flapping since the BSD 11.2/OPNSense 19.1 versions.

Thanks
June 25, 2019, 10:59:09 AM #1
Code Select
/sbin/shutdown -r now should work.
Print
Go Up Pages1
User actions