Opnsense requires reboot after WAN goes down

Started by bipboptiptop, June 07, 2024, 03:06:08 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
June 18, 2024, 08:09:19 AM #15
My internet is down right now, but I don't see a reload button under Interfaces > Overview. I know there are some UI issues on mobile, so may be because of that?
June 18, 2024, 09:24:30 AM #16
Update - my WAN went down again this morning.

I tried disconnecting and reconnecting the ethernet cable - the internet did not come back up.

I don't have a reload button on Interfaces>Overview>WAN - so I couldn't try this method.

Lastly, I tried running `ifconfig em4 down` and `ifconfig em4 up` and that did bring it back up, thankfully without a reboot.

@franco - does that help to identify what's going wrong at all? Is my only option to run a script that will run  `ifconfig em4 down` and `ifconfig em4 up` when it notices a problem?

Thanks in advance!
January 22, 2025, 03:18:40 PM #17
Bring up a slightly old thread because this one nearly perfectly matches my situation. There are lots of threads about this issue but no real good solution.

I've been using opnsense on a protectli firewall vault device behind a cable modem for almost 2 years. Any time the internet goes down, which on average is once a week but sometimes many nights in a row (maintenance?), opnsense fails to restore a WAN connection. It will show up and an IP address but no traffic will flow.

The very quick fix is to restart the Gateway Monitor (WAN DHCP) service. I used to restart the firewall, physically reconnect the ethernet cable, which all worked, but required a relatively lengthy or physical process. Restarting the Gateway Monitor (WAN DHCP) service restores connection instantly.

I really wish opnsense could handle this automatically. With all the reports of this issue I've see the last couple years, this should have been dealt with a long time ago. Until a couple months ago this was a remote, un-manned location that required sending someone out to every time there was an outage. That's unacceptable.
January 24, 2025, 08:57:32 PM #18
A previous thread provided a script that could be called by cron at short intervals (e.g. every minute) to check the WAN interface and toggle it down then up to renew WAN DHCP.
Code it suggests (thanks @ooker):
Quote from: ooker link=msg=83143
Code Select
#!/bin/sh
gatewayIP=$(netstat -4rn | grep default | awk '{print $2}')
wanInterface="em0"

echo "Gateway: $gatewayIP"
echo "WAN Interface: $wanInterface"
if [ -z $gatewayIP ]
then
  echo "NO Gateway"
  #Bring the interface down then up to renew the WAN DHCP
  ifconfig $wanInterface down
  ifconfig $wanInterface up
else
  # if return = 0 then host is reachable
  ping -c 1 $gatewayIP > /dev/null
  if [ $? -eq 0 ]
  then
    echo "Gateway Reachable"
  else
    echo "Gateway Unreachable"
    #Bring the interface down then up to renew the WAN DHCP
    ifconfig $wanInterface down
    ifconfig $wanInterface up
  fi
fi

Could something like this be used by those of us home-users who have less-than-stable ISP connections?

Ari
January 24, 2025, 09:01:52 PM #19 Last Edit: January 24, 2025, 11:59:41 PM by doucettea
For monitoring WAN connection, there's another option of a script to call by cron offered here:
https://gist.github.com/mdeweerd/035129a6f90979ba39ec8377e99922f5

In case not familiar with how to accomplish the above:
  • Open an SSH connection to your OPNSense.
  • Choose the option to open the Shell (should be 8, IIRC)
  • Create the file: at the shell prompt enter the following commands:
        sudo mkdir /usr/local/bin/scripts
        sudo touch /usr/local/bin/scripts/opnsense_ping_check.sh
        sudo vi /usr/local/bin/scripts/opnsense_ping_check.sh
        [edit the script text to IP addresses you choose (I used 1.0.0.1 and 8.8.8.8) and the interface for your WAN (mine is igb0)]
        [copy the script text, paste the text of the script into the Putty window (this might be a mouse-right-click)]
        [save the file and exit vi by typing :wq and pressing Enter]
  • Now back to the shell prompt, enter the following commands:
        sudo chmod +x /usr/local/bin/scripts/opnsense_ping_check.sh
        sudo /usr/local/bin/scripts/opnsense_ping_check.sh
  • [exit the shell by typing exit and press enter]
  • [exit the SSH window by typing exit and press enter]
  • Back in the OPNSense web UI, go to System --> Settings --> Cron
        Click the + to add a Cron job
        Set Minutes to */5 and set the other time intervals to * --- this will cause the Cron to execute every five minutes
        On the Command drop-down, select the "ping_check" option
        Give it a description
        Click Save

Done. Hope that helps someone (and hope it works for me!)
Print
Go Up Pages 1 2
User actions