Opnsense requires reboot after WAN goes down

Started by bipboptiptop, June 07, 2024, 03:06:08 PM

Previous topic - Next topic
Print
Go Down Pages1 2
User actions
June 07, 2024, 03:06:08 PM
Afternoon everybody,

Occasionally my ISP will have a problem and the WAN will drop out. When it comes back online, opnsense doesn't seem to automatically pick it back up and requires a reboot.

I've seen similar questions suggesting to set certain DHCP setttings on the WAN interface, but I am using a static IP so am in a different situation.

Is there a setting to allow it to try and re-establish connection, or is a reboot the only way to solve this?

---

Version: OPNsense 24.1.7_4-amd64
June 10, 2024, 12:07:25 PM #1
Am I allowed to bump this post after a few days?

Appreciate any help.
June 10, 2024, 12:29:45 PM #2
Please check for messages in dmesg.
OPN has a service that you'll find on the dashboard: "dpinger" and that is the Gateway monitor (WAN_DHCP).

Interfaces > WAN: what settings do you have there?
The only problem I can imagine you have is a not well supported NIC for WAN interface, like realtek ones.
Also it would be good to know your setup, do you have a modem in front of the firewall for instance.
June 10, 2024, 03:10:55 PM #3
Thanks for the reply, cookiemonster.

> Please check for messages in dmesg.

I checked the `Audit`, `Backend`, `Boot`, and `General` log sections and the only thing that I could see that seemed related was this log (there are a lot of them around the time the internet dropped):

```
action rfc2136.reload.wan not found for user root
```

> OPN has a service that you'll find on the dashboard: "dpinger" and that is the Gateway monitor (WAN_DHCP).

I searched and looked for "dpinger" on the dashboard, but it doesn't show. I don't even see it as a plugin or a service. Not sure what I'm missing.

> Interfaces > WAN: what settings do you have there?

Enable: checked
Lock: checked
Identifier: wan
Device: em4
Description WAN

Block private networks: checked
Block bogon networks: checked
IPv4 Configuration Type: Static IPv4
IPv6 Configuration Type: None
MAC address: blank
Promiscuous mode: unchecked
MTU: blank
MSS: blank
Speed and duplex: Default (no preference, typically autoselect)
Dynamic gateway policy: unchecked

Overwrite global settings: unchecked

IPv4 address: <my static IP>
IPv4 gateway rules: <my WAN gateway>


Thank you again for your time
June 10, 2024, 03:12:44 PM #4
Ah I just checked the WAN Gateway settings:

Disabled: unchecked
Name: WAN_Gateway
Description: blank
Interface: WAN
Address Family: IPv4
IP Address: <my gateway IP>
Upstream Gateway: checked
Far Gateway: unchecked
Disable Gateway Monitoring: checked
Disable Host Route: unchecked
Monitor IP: blank
Mark Gateway as Down: unchecked
Priority: 255


Is it because Gateway Monitoring is disabled?
June 10, 2024, 03:14:20 PM #5
> Also it would be good to know your setup, do you have a modem in front of the firewall for instance.

I also forgot to answer this,

Yeah, unfortunately I have to have the ISP router in front of opnsense. The ISP router is in modem mode, though.

> The only problem I can imagine you have is a not well supported NIC for WAN interface, like realtek ones.

It is a intel NIC :)
June 10, 2024, 03:15:57 PM #6
gateway monitoring will not cover a link event loss...

Does it come back when you unplug and plug the cable?

Does it come back when you set

# ifconfig igbX down
# ifconfig igbX up

(given igbX is your WAN device)


Cheers,
Franco
June 10, 2024, 03:29:58 PM #7
Hey franco, thanks for helping!

QuoteDoes it come back when you unplug and plug the cable?

The cable of the opnsense router? Yes - once the WAN comes back up, rebooting opnsense fixes the problem. I am hoping there's a way to fix it without needing to reboot.

QuoteDoes it come back when you set

I can definitely try this the next time the WAN goes down. Thankfully it doesn't happen _that_ often.
June 10, 2024, 04:17:11 PM #8
> The cable of the opnsense router? Yes - once the WAN comes back up, rebooting opnsense fixes the problem. I am hoping there's a way to fix it without needing to reboot.

Not rebooting, just removing the WAN port cable and plugging it back. If that works the ifconfig down/up likely works too but I want to be sure about all cases first.


Cheers,
Franco
June 10, 2024, 08:30:33 PM #9
Ah I see ok. Do you mean do that when the WAN connection goes down, or try it when it isn't a problem to see if it comes back up?
June 11, 2024, 12:10:05 PM #10
When it's down and you would normally reboot.


Cheers,
Franco
June 14, 2024, 02:38:49 PM #11
Got it, thank you for the time.

I'll have to wait until it goes down again, unless there's any merit to fabricating the scenario by switching the ISP router off/on?
June 15, 2024, 03:51:03 PM #12 Last Edit: June 15, 2024, 03:53:52 PM by canadidan
For a few months I've also been chasing this issue. These two posts are probably in the same vein, and suggests scripts that will reload the interface when the WAN drops:

https://forum.opnsense.org/index.php?topic=18300.0
https://forum.opnsense.org/index.php?topic=11928.0


This problem started for me when I switched ISPs. Been using pfSense then OPNsense for years, and switched from a fiber ISP (with modem/router combo unit) to a cable ISP (modem only). I know you said you have a modem/router in modem-mode, so perhaps that is equivalent to my setup.

Since switching to cable, every 1 to 3 days the WAN goes down, but the interface shows UP and has a valid IP. I tried both a TC4400 and a Hitron CODA56 modem, but the issue exists with both.

I run OPNsense as a virtual machine under Proxmox. Because the VM is connected to a bridge interface, OPNsense cannot tell if the physical link goes down between the modem and the server NIC. You didn't mention if you use a VM or not, but this is my hypothesis about why this happens to me. I suspect the physical link must drop briefly, and the modem refuses to provide WAN access until the router requests a new lease over DHCP.

[Edit] Of course, you said you have a static IP, but perhaps the reload is the common thread?

If I go into Interfaces>Overview>WAN and click Reload, the WAN link comes back every time. This is more or less what Franco said to try below. A reboot will also accomplishes this.

While using a script to check the link and trigger a reload every minute would work (see forum posts linked above), I've been hoping for a more elegant solution  ::)
June 15, 2024, 05:51:10 PM #13
Quote from: canadidan on June 15, 2024, 03:51:03 PM
I've been hoping for a more elegant solution  ::)
Use PCIe pass through for the WAN interface so OPNsense can notice the link dropping.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
June 17, 2024, 12:35:07 PM #14
Thanks for the links @canadidan

QuoteI run OPNsense as a virtual machine under Proxmox. Because the VM is connected to a bridge interface, OPNsense cannot tell if the physical link goes down between the modem and the server NIC. You didn't mention if you use a VM or not, but this is my hypothesis about why this happens to me. I suspect the physical link must drop briefly, and the modem refuses to provide WAN access until the router requests a new lease over DHCP.

For me, opnsense is running on bare metal - I could have done it on a VM, but seeing as it the one thing giving me internet access I wanted it to be as simple as possible.

QuoteIf I go into Interfaces>Overview>WAN and click Reload, the WAN link comes back every time. This is more or less what Franco said to try below. A reboot will also accomplishes this.

I will try this next time for sure. If it works, perhaps I'll have to look at using one of the scripts!
Print
Go Up Pages1 2
User actions