Netgate SG-1000 microFirewall

Author Topic: SG-1000 flagging and/or not working Internet  (Read 286 times)

0 Members and 1 Guest are viewing this topic.

Offline TauCeti

  • Jr. Member
  • **
  • Posts: 29
  • Karma: +0/-0
    • View Profile
SG-1000 flagging and/or not working Internet
« on: August 22, 2017, 06:13:59 pm »
This is an interesting one which occurred last night after an update morning on the same day.

Hardware: SG-1000
Build: 2.4.0.b.20170817.2358

These symptoms were reported to me by a remote site:

1) Large chunks of the Internet were not accessible. For example, YouTube worked fine, Imgur would not load. Steam and various games requiring logon did not work.

2) The little "You have Network but no Internet" icon in Windows would appear for a few seconds and then disappear.

3) UI was accessible and a reboot was initiated from there

4) This problem appeared a couple of times in a short space of time.

Looking through the logs the thing that jumps out is lots of lines looking like this:
kernel: arpresolve: can't allocate llinfo for ##ISP GATEWAY IP## on cpsw0

The closest thing I have found to what maybe the problem is this:

The WAN is a HFC cable modem but dhcp.log does not have any evidence of a local IP being given out by the cable modem.

I've not seen this at all before. Anyone else having this problem?

Attached is a copy of system.log for the whole 24 hour period. Weird behaviour starts at around 21:00.

Offline Gertjan

  • Hero Member
  • *****
  • Posts: 2533
  • Karma: +202/-9
    • View Profile
Re: SG-1000 flagging and/or not working Internet
« Reply #1 on: August 23, 2017, 02:59:42 am »
Even when says that some message aren't important, I advise you to check if unbound  (the pfSense DNS server) is doing its job.

Aug 22 22:00:29 SG-1000 php-fpm[95716]: /rc.newwanip: The command '/usr/local/sbin/unbound -c /var/unbound/unbound.conf' returned exit code '1', the output was '[1503403229] unbound[8257:0] error: bind: address already in use [1503403229] unbound[8257:0] fatal error: could not open ports'
seen twice means to me that unbound isn't starting - so you will have DNS outage which explains very well that some sites 'work' (URL is resolved) and some don't.

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 10016
  • Karma: +1136/-312
    • View Profile
Re: SG-1000 flagging and/or not working Internet
« Reply #2 on: August 23, 2017, 03:14:00 am »
Sounds like a transient ISP issue to me.
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!

Offline deadmalc

  • Jr. Member
  • **
  • Posts: 41
  • Karma: +3/-0
    • View Profile
Re: SG-1000 flagging and/or not working Internet
« Reply #3 on: September 19, 2017, 03:03:31 pm »
I would personally recommend not touching unbound, i.e. the "DNS Resolver" at the moment with a barge pole - if you have a dynamic IP address on your WAN.
On my SG-1000 it borked frequently whenever the IP address changed.
High load average and strange behaviour, it looks like it can't handle the WAN IP changing.
I've switched to using the forwarder and it's rock solid - for awhile I thought it was the ISP.
It wasn't in my case
« Last Edit: September 19, 2017, 03:07:32 pm by deadmalc »