[SOLVED] Intermittent WAN Drops w/ Intel i226-V

Started by Kenjutso, October 18, 2025, 11:13:21 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
October 22, 2025, 10:20:03 AM #15
Quote from: Kenjutso on October 22, 2025, 03:57:05 AMIt looks like ntopng was definitely the root cause of my issues. I haven't had any problems since uninstalling ntopng. @letsief thanks for providing that github link, it seems to be the behavior I was experiencing. I'll look at adding it back again down the road, I don't think I was utilizing it at all since installing it so I'm fine without it for now.

Well, I don't think ntopng itself is really the root cause. Ntopng triggers the problem by putting the interface in promiscuous mode, but that shouldn't kill the ipv4 stack.

It is probably a driver issue, but it also seems like opnsense should be more resilient of whatever failure is going on. It appears that something is tripping up dhclient. And whatever that is, it is probably screwing up other stuff, too.
October 23, 2025, 01:02:44 AM #16 Last Edit: October 23, 2025, 01:21:58 AM by BrandyWine
Is os-redis also installed and being used?
Do you need to have ntopng in promisc mode? You watching a span port?
Is it OPNsense VM on Proxmox
If the VM asks for promisc mode and the host is not setup for that, is there an issue?


"Proxmox can have issues with virtual machine interfaces in promiscuous mode, often requiring specific configurations to ensure traffic is properly passed to the VM. Adjusting bridge settings, such as setting bridge_ageing to 0, can help resolve these issues and allow the VM to receive all network traffic."

And then is Promox promisc set correctly?

Steps to Enable Promiscuous Mode

    Configure Network Bridge: Ensure that the network bridge used by your OPNsense VM is set to promiscuous mode. This can be done in the Proxmox web interface or via command line.

    Command Line Configuration:
        Access your Proxmox host terminal.
        Use the following command to enable promiscuous mode on the bridge interface (replace vmbrX with your actual bridge name):

Code

ip link set vmbrX promisc on
Mini-pc N150 i226v x520, FREEDOM
October 23, 2025, 02:56:49 AM #17
Quote from: BrandyWine on October 23, 2025, 01:02:44 AMIs os-redis also installed and being used?
Do you need to have ntopng in promisc mode? You watching a span port?
Is it OPNsense VM on Proxmox
If the VM asks for promisc mode and the host is not setup for that, is there an issue?


"Proxmox can have issues with virtual machine interfaces in promiscuous mode, often requiring specific configurations to ensure traffic is properly passed to the VM. Adjusting bridge settings, such as setting bridge_ageing to 0, can help resolve these issues and allow the VM to receive all network traffic."

And then is Promox promisc set correctly?

Steps to Enable Promiscuous Mode

    Configure Network Bridge: Ensure that the network bridge used by your OPNsense VM is set to promiscuous mode. This can be done in the Proxmox web interface or via command line.

    Command Line Configuration:
        Access your Proxmox host terminal.
        Use the following command to enable promiscuous mode on the bridge interface (replace vmbrX with your actual bridge name):

Code

ip link set vmbrX promisc on

In my case, I am using os-redis, although that doesn't seem to put the interface in promiscuous mode. The WAN interface only went into promiscuous mode when I turned on ntopng.

In my case, I'm not doing virtualization.

I did the firmware updates on my NICs to 2.32, as well.
October 23, 2025, 03:49:32 AM #18
Mini-pc N150 i226v x520, FREEDOM
October 23, 2025, 03:31:06 PM #19
Quote from: BrandyWine on October 23, 2025, 03:49:32 AMThen use the conf file to force no promisc.
https://www.ntop.org/guides/ntopng/how_to_start/configuration_file.html

That's a little like going to a doctor saying your arm hurts when you lift it, and the doctor telling you not to lift it. At this point, my bigger concern is what other bugs might be going on. Although, I'm not seeing anything obvious.

If I do want to run ntopng, I've been looking for a persistent way to modify the plugin's generation of ntopng.conf.  But, so far, it seems like everything is likely to be overwritten when the plugin updates. I imagine the main answer then would be to remove the plugin and install/manage ntopng separately.
October 23, 2025, 05:48:24 PM #20
Quote from: letsief on October 23, 2025, 03:31:06 PMThat's a little like going to a doctor saying your arm hurts when you lift it, and the doctor telling you not to lift it. At this point, my bigger concern is what other bugs might be going on. Although, I'm not seeing anything obvious.
No it's not,.... like that.
1) Why would promisc be needed here? It's not needed, fw is not a dedicated IDS, although I guess you could use it for that, but an OPNsense VM for fw, running promisc iface? Why?
2) If the suspected cause is promisc, then turn it off and run the wanted service, see if that cures the hurt arm.
3) Mixing promisc settings between a VM and it's host can be problematic, but why the iface faults like that is odd, perhaps the driver being used don't like the settings that way, so it faults without spitting out good log data?

Or am I missing something that says promisc is needed?
Mini-pc N150 i226v x520, FREEDOM
Print
Go Up Pages 1 2
User actions