OPNsense 26.1.8_5 Freezes Randomly

Started by xenon2008, Today at 03:06:16 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 03:06:16 AM Last Edit: Today at 03:07:49 AM by xenon2008
Hello everyone,
For several days now I've been having the issue that my OPNsense (OPNsense 26.1.8_5-amd64) completely freezes.
When it freezes, it is no longer pingable, and even if I manually assign an IP address to my client, I still cannot reach the firewall at all
So i couldnt reach the web interface, no ping, no Internet, nothing.
At first I thought it was due to my old hardware, so I bought a brand new CWWK mini Firewall, reinstalled OPNsense, and restored the backup file.
It ran fine for a few days, but today the exact same problem happened again, just like on the old hardware.

Does anyone have an idea what could be causing this? I can rule out a hardware issue since this is completely new hardware.
At this point I'm honestly starting to get really frustrated because I can't figure out what's causing it.

After a reboot everything works normally again, but the freeze keeps coming back after some time (Days).
Could somebody help me please?

Thanks & Kindly Regards
Today at 06:46:02 AM #1
What does the console say?
Mini-pc N150 i226v x520, FREEDOM
Today at 08:01:43 AM #2
I'm experiencing something very similar, every 2 weeks or so, it just dies. Manually assigned ip, and tried ping, no response.

I have worked through logs (with claude) and found nothing.

cpu temps look good, and memory seems stable. A reboot clears it right up.

Any advice on what to look for would be greatly appreciated. added some screenshot of WAN/LAN traffic
Today at 08:59:49 AM #3
Disable ASPM, maybe?
Intel N100, 4* I226-V, 2* 82559, 16 GByte, 500 GByte NVME, ZTE F6005

1100 down / 450 up, Bufferbloat A+
Today at 10:25:51 AM #4
I seem to have similar issues. The firewall seems to be still up & running, but it seems to shut out everything. The issue reminds me of the "new" startup behavior with divert-to rules: all traffic is dropped until the Suricata service is up & running. But this is happening after a day of uptime and the service (probably) up. In the suricata logs I found these errors:

Error
suricata
[100216] <Error> -- thread W-8000 failed

Warning
suricata
[101690] <Warning> -- Write to ipfw divert socket failed: No buffer space available


I'm not sure what buffer space ran out. mbufs seemed to be fine when checking the health graph in reporting. I'm running with kern.ipc.nmbclusters = 1000000

Unfortunately I just upgraded the system on the weekend from the rock solid 25.7.11. I also did the rules migration and migrated Suricata to the new divert-to functionality. So many moving parts changed in just a few days.
To me the problem "feels" to be firewall related so my first mitigation attempt is to revert the divert-to changes back to netmap for now.

I'm using a Protectli FW2B on CoreBoot with an Intel Celeron J3060
Print
Go Up Pages1
User actions