[isolated: see #91] PPPoE reconnect loop

elektroinside · February 16, 2018, 09:59:23 AM

I suppose.. otherwise more reports would have been filed about this.
But if RDS (the ISP) is affected, at least half of Romania is :)

marjohn56 · February 16, 2018, 10:01:13 AM

Also I've just been checking, no pppoe issues across the road have been reported, well not for some time.

marjohn56 · February 16, 2018, 10:04:12 AM

OK, so what are they doing that no-one else appears to be doing, apart from breaking opnsense.

Is it possible to get a wireshark log of opnsense and one of an ISP supplied router?

EDIT:

I can see @schnip posted the differences... even stranger.

elektroinside · February 16, 2018, 01:19:18 PM

It's possible for the OPNsense box, of course, no way for the ISP's GPON device. That piece of crap is only good as a fiber to ethernet interface. Anything else is considered rocket science by the firmware.. and it doesn't understand rocket science. And to make things worse, there's no way you, as an end user, upgrade the firmware of these devices, otherwise (maybe - big maybe) you could have a chance to look at the code...

But.. there's no need to actually do any of that, because with OPnsense 17.7.12 this is working relatively fine (better anyways), so someone with appropriate skills and setup could compare/debug the PPPoE code. I have the setup and willing to give access to my OPNsense box if there's somebody with skills to debug...

schnipp · February 16, 2018, 06:22:28 PM

Quote from: marjohn56 on February 16, 2018, 10:04:12 AM
OK, so what are they doing that no-one else appears to be doing, apart from breaking opnsense.

Is it possible to get a wireshark log of opnsense and one of an ISP supplied router?

EDIT:

I can see @schnip posted the differences... even stranger.

Hi all,

yes, I have some logs. When I am back in my control center :D (beginning of next week) I can post the wireshark logs of both scenarios (reconnect issue and fresh reboot) I have taken so far.

schnipp · February 16, 2018, 06:30:42 PM

Quote from: elektroinside on February 16, 2018, 01:19:18 PM
[...] so someone with appropriate skills and setup could compare/debug the PPPoE code. I have the setup and willing to give access to my OPNsense box if there's somebody with skills to debug...

I hope the issues reside in user space daemon. This would be much easier for debugging. Actually, I am not aware of the whole architecture the PPPoE (stack) relies on. But, we can keep debugging the PPPoE stack in mind for later, maybe after log review or lib call tracing!?

mbosner · February 17, 2018, 09:45:30 PM

Seems that i have the same problem. I have a pppoe session but i do not get an IP address. That problem appeared today after a configuration change of my provider. With my fritz.box everything works well. I will try to debug that tomorrow.

elektroinside · February 17, 2018, 09:57:54 PM

What country are you guys from and who's your ISP?

marjohn56 · February 17, 2018, 11:36:29 PM

Quote from: mbosner on February 17, 2018, 09:45:30 PM
Seems that i have the same problem. I have a pppoe session but i do not get an IP address. That problem appeared today after a configuration change of my provider. With my fritz.box everything works well. I will try to debug that tomorrow.

Can you post your ppps.log, it's in /var/logs -

if you are concerned, check it first and blank out any IP addresses and authname passwords that might be in there before you post it.

mbosner · February 18, 2018, 02:11:27 AM

Germany
https://www.wilhelm-tel.de/privatkunden/

I will debug that tomorrow and paste the logfile.

elektroinside · February 18, 2018, 07:38:47 AM

Here's mine when things are working (after a reboot).

elektroinside · February 18, 2018, 07:59:27 AM

And here's one when I disconnect the PPPoE interface from the GUI and then try to reconnect - which triggers the loop.

marjohn56 · February 18, 2018, 10:51:18 AM

And can we have hardware specs and any other stuff running, IDS etc.

Looking back at the forums across the road similar problems to this WERE reported, but not with FreeBSD 11.1.

This 'caught fatal signal TERM' is weird as everything looks fine - apart from a NAK and a resend - up to that point.

elektroinside · February 18, 2018, 11:17:01 AM

HW specs are in my signature :)

Interfaces: WAN (PPPoE on em0 - 82574), LAN1 (igb0 - I221), LAN2 (em1 - I219-V), VPN (ovpns1)
Unbound -> ON
DNS server: LAN client, advertised by DHCPv4 to DHCP clients or by AD DC
Aliases: URL Table (IPs), Host(s)
IDS+ IPS -> ON
OpenVPN -> 1 server
DHCPv4: LAN1, LAN2
DHCPv6: none
IPv6 conf: https://forum.opnsense.org/index.php?topic=7267.0
No proxies

And a few "utility class" plugins (LE client, monit, stuff like this)

Did I miss something relevant?

marjohn56 · February 18, 2018, 11:51:07 AM

OK, If you've not already done this, then begin the processes of elimination. This is what I would now do.

Back up the config and create a very simple opnsense, no IDS no IPS no VPN etc, simple as you can make it and try that, and see if it has the same issue.Then start building again from there until the problem re-appears

[isolated: see #91] PPPoE reconnect loop

elektroinside

February 16, 2018, 09:59:23 AM #15 Last Edit: February 16, 2018, 10:46:42 AM by elektroinside

marjohn56

February 16, 2018, 10:01:13 AM #16

marjohn56

February 16, 2018, 10:04:12 AM #17 Last Edit: February 16, 2018, 10:19:50 AM by marjohn56

elektroinside

February 16, 2018, 01:19:18 PM #18 Last Edit: February 16, 2018, 01:39:04 PM by elektroinside

schnipp

February 16, 2018, 06:22:28 PM #19

schnipp

February 16, 2018, 06:30:42 PM #20

mbosner

February 17, 2018, 09:45:30 PM #21

elektroinside

February 17, 2018, 09:57:54 PM #22

marjohn56

February 17, 2018, 11:36:29 PM #23

mbosner

February 18, 2018, 02:11:27 AM #24

elektroinside

February 18, 2018, 07:38:47 AM #25

elektroinside

February 18, 2018, 07:59:27 AM #26

marjohn56

February 18, 2018, 10:51:18 AM #27

elektroinside

February 18, 2018, 11:17:01 AM #28 Last Edit: February 18, 2018, 11:38:08 AM by elektroinside

marjohn56

February 18, 2018, 11:51:07 AM #29