Sorry for not joining this discussion earlier. I can confirm I am still every so often having the same issue as tortoise.
[ifconfig down; ifconfig up] > >That restores the connection. (I initially did it on the LAN, but > >reconnected the LAN and did the same with the WAN, as soon as > >"ifconfig XXX up" was run it was up again.) > > > >What does that tell us? Damn good question! > the NIC's don't like each other. replace one or both of the NICs for > your pfsense box or your cable modem. i'd vote to replace the cable > modem. Hold it. Packets from the ISP to the pfsense WAN interface may stop, however during these "lockups" LAN machines can browse the modem's web pages perfectly. If the pfsense WAN and modem Ethernet interfaces don't like each other somewhere close to the hardware level, how come pfsense can communicate with the modem both ways, but not beyond the modem? I have observed random deadlock problems (packets stop in one direction) between cheap Ethernet cards (think RTL8039 etc) and a lousy Nokia MW1122 adsl modem Ethernet implementation. However, then *all* traffic over that particular cable was dead in one direction, not just some of it. Other points: Replacing the modem is out of the question. It's owned by the ISP and user-supplied anything isn't supported. The ISP upgraded my older surfboard to a newer model (I'd need to dig out the exact model numbers to be specific). This had no influence on the problem at hand, i.e. problem persists with both models. The ISP is running some kind of NAT scheme between its routers and the cable modem. The Internet global static IP is then on the pfsense WAN interface. Another layer of NAT is done by pfsense. I talked to someone much more knowledgable about BSD than me. He suggested the WAN interface down/up approach too, and suggested as cause of the problem outages in the modem/ISP area which are short enough for some interface state to go down, but not long enough for the interface to cause a full re-initialisation. That would be a BSD kernel driver problem to me - bad incoming data shouldn't mean going belly-up. I can't say this with certainty, but sometimes the problem seems to fix itself again after some minutes, or some hours. That statement is based on LAN hosts having no Internet connection and an assumption that the ISP did not take me offline. Who else would find a cron script useful which checks the connection regularly and takes remedial action (e.g. ifconfig down/up) when necessary? Volker -- Volker Kuhlmann is list0570 with the domain in header http://volker.dnsalias.net/ Please do not CC list postings to me. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
