On 2010-01-03, Jeff Simmons <jsimm...@goblin.punk.net> wrote: > Probably a bit premature to be asking this since I won't be able to > physically > access the machine until Monday, but here goes ... > > I have a machine that I admin remotely running 4.6 with all the patches. It's > a firewall only machine with 6 ethernet interfaces, 4 of which are active, > and has been running fine since I upgraded it. It's got a fairly complex > pf.conf. Last week I set up a VPN on it to a Sonic Wall appliance. The VPN > comes up and works fine, and then somewhere between 4 and 24 hours later the > box loses all network connectivity. You can still login via console, and I've > been able to get the local people to run some basic commands (ifconfig, > netstat, ps, pfctl -s) and everything seems normal (from what I can get from > non-technical people over the phone), but none of the interfaces are passing > packets. Rebooting solves the problem for the next 4-24 hrs. It's happened > several times now. System logs show nothing. > > Any ideas as to what is going on would be greatly appreciated. And > especially, > what should I be looking for (i.e. what commands should I run) if I can > manage to get on the box when the network is hosed?
When you're on the machine and experiencing the problem, it would be useful to collect the output from 'netstat -rn'. (i.e. redirect to a file, copy it off when the network's working again). You could try 'ipsecctl -F' rather than rebooting.
