"Unread notice: ... Let out anything from firewall itself" ?

[chemlud]

As I did a reboot at 10 am this morning without warning afterwards the timestamp hypothesis is not plausible to me ;-)

16:01 would be more sensible?

[chemlud]

OK you were right, but it's in UTC, so the reboot was at 09:54 and at 09:59 the problem was logged:

Code: [Select]

2020-10-01T09:59:51 kernel ovpnc2: link state changed to DOWN
2020-10-01T09:59:51 opnsense[65119]
2020-10-01T09:59:51 opnsense[65119] /usr/local/etc/rc.filter_configure: There were error(s) loading the rules: /tmp/rules.debug:186: no routing address with matching address family found. - The line in question reads [186]: pass out route-to ( em2 xxx.yyy.zzz.aaa ) from {em2} to {!(em2:network)} keep state allow-opts label "470b24148e83cbf020300f9a54691951" # let out anything from firewall host itself (force gw)
2020-10-01T09:59:50 opnsense[17765] /usr/local/etc/rc.linkup: Clearing states for stale wan route on em2
2020-10-01T09:59:50 opnsense[17765] /usr/local/etc/rc.linkup: DEVD Ethernet detached event for wan
2020-10-01T09:59:50 opnsense[33522] /usr/local/etc/rc.newwanip: OpenVPN client 1 instance started on PID 53905.
2020-10-01T09:59:49 opnsense[24279] plugins_configure newwanip (execute task : webgui_configure_do(,lan))
2020-10-01T09:59:49 opnsense[24279] plugins_configure newwanip (execute task : vxlan_configure_interface())
2020-10-01T09:59:49 kernel pflog0: promiscuous mode enabled
2020-10-01T09:59:49 kernel pflog0: promiscuous mode disabled
2020-10-01T09:59:48 opnsense[24279] plugins_configure newwanip (execute task : unbound_configure_do(,lan))
2020-10-01T09:59:48 opnsense[24279] plugins_configure newwanip (execute task : openssh_configure_do(,lan))
2020-10-01T09:59:48 opnsense[24279] plugins_configure newwanip (execute task : opendns_configure_do())
2020-10-01T09:59:48 opnsense[24279] plugins_configure newwanip (execute task : ntpd_configure_defer())
2020-10-01T09:59:48 opnsense[24279] plugins_configure newwanip (execute task : dyndns_configure_do(,lan))
2020-10-01T09:59:48 opnsense[24279] plugins_configure newwanip (,lan)
No idea why the WAN interface detached. Please not that the WAN IP DID NOT CHANGE (it didn't change the last years, although it's DHCP)...

[Fright]

OK you were right, but it's in UTC

yes. and i selected GMT for you )

No idea why the WAN interface detached. Please not that the WAN IP DID NOT CHANGE (it didn't change the last years, although it's DHCP)...

but OS thinks that cable was unplugged (DEVD Ethernet detached event for wan)
if you can share bigger part of log - may be it Cycling up\down some time?
can try to change speed\duplex and check results

[chemlud]

As I wrote, I saw this first time with 20.7.1, before doing fine for more than a year.

Speed/duplex set to default, auto...

Nothing remarkable in the log, but I don't want to redact the whole boot log now to make it available publicly...

[chemlud]

PS: this promiscous mode stuff is popping up repeatedly...

https://forum.opnsense.org/index.php?topic=19342.msg89148#msg89148

[Fright]

this promiscous mode stuff is popping up repeatedly..

Code: [Select]

kernel pflog0: promiscuous mode enabledits just pf logging interface reloads when pf reloads
if you schedule pf reload every 15 min then "pflog0:  " messages every 15 min is good

cycling link up\down - thats not good

[chemlud]

Yepp, this "promiscous" thing at 01, 16, 31, and 46 every hour is somewhat normal, but as you can read in the linked thread, it happens more often and sometimes kills my states

[chemlud]

PS: Have the identical error with identical log entries (DEVD Ethernet detached event for wan) on a second install after rebooting yesterday evening...

[Fright]

you can read in the linked thread, it happens more often and sometimes kills my states

yeah. But i don't think it's about the same. frequent pf reload is probably because of cron jobs. something calls rc.filter_configure too often.
but  Ethernet detached event and pfctl load errors has nothing to do with it
something with driver\cable\duplex\speed\upstream switch possibly

[chemlud]

Yeah, but

Code: [Select]

\cable\duplex\speed\upstream
is not plausible, as the two boxes showing identical "notice" have different cable\duplex\speed\upstream, only thing in common is identical hardware (WAN interface is mounted on mobo of Dell Optiplex), so what is most likely is

Code: [Select]

driver
?

[Fright]

?

I do not know. just guessing. can you try setting the speed and duplex manually to low values?

[chemlud]

On both WAN is

Code: [Select]

Media 100baseTX <full-duplex>
and actually bandwidth is more than 10 Mbit/s and equal or less than 100 Mbit/s, so what?

[Fright]

this is not about the speed of your ISP, but about speed\duplex auto-negotiation between OPNsense and upstream router\switch.
perhaps at some point they start to renegotiate the speed\duplex and the link is down for a short time

[chemlud]

And why should that work for more than a year and then start to make problems after an update of the opnsense?

[Patrick M. Hausen]

Because a large part of the network interface drivers were rewritten for FreeBSD 12 and iflib. I have occasional glitches with speed/duplex settings, too. But that is something hard to fix for the OPNsense project. Needs to be resolved upstream.