Excellent overview and tutorial Tom. Learned a tonne from this and am now TOTALLY addicted to the Monitoring page! In all seriousness, this really helped me diagnose issue with my Cable ISP provider and I was amazed to see the telemetry over the last year and more. Thanks for sharing!
I had issues with monitoring the default gateway with Spectrum...that tended to case issues. I believe the solution was to disable it. This was 2 years ago and it was a known issue and I haven't tired it since. When it was working I was able to prove to Spectrum that their service issues was not isolated to my home. They sent a supervisor and I did pingger to show him the drop packets from the first hop across their network going to another state....they never seen a customer do that so they had nothing to say leading to a solution. I was able to replicate the latency on a hotspot. They ended up telling me it's a neighborhood issue so I went to att uverse and experienced the same issue. I ended up using a wired hotspot and jumped on t-mobile 5G when that came out. The only issue with t-mobile was their latency, but I lived with it for nearly a year until att rolled out fiber and had zero issues all with the same hardware after. The att (DSLish) and spectrum issue were all related to everyone working and going to school at home.
Guy here that made the initial Gateway configuration, groups and also the RRD graphs of 1.2 and 2.0. Initially I picked up apinger, which was kind of a relic, sort of unmaintained. But it did work, if you capped the FreeBSD PID table to 32 bits, because it would wrap and then stop matching up ping replies. Glad they replaced this with dpinger over time. Functionality stayed more or less the same though (loss, RTT). Reason to make gateways a configurable item was for Gateway groups and tiered failover groups. It also greatly helped cleaning up static routes, and made it far more readable because the gateway could have a description. It's gotten more knobs since then, good. It also turned out to be a handy thing for things like track interfaces for DHCPv6 and DHCP-PD. Common caveat: People would use one of their DNS servers (see example comment below ;) ) and then have no proper working DNS when a connection died. Perform a traceroute on that WAN connection, and pick the next hop out. :) Also glad they replaced the RRD graphs I started, that was one hot mess of a PHP script with a huge command line to generate the graph. Manual code intervention to prevent generating at intervals shorter then 30 seconds to prevent a DoS on the firewall. And for RRD files that added new datasets like the queues for the shaper was a frequent source of issues. Coupled with RRD being tied to the 32 bit or 64 bit format also a frequent issue. So much better now.
I set the monitor IP on my WAN gateway to my DNS server (OpenDNS). I know it introduces some additional variables and potential points for failure but it seems like a good independent reference. If I can't get to my DNS server then there is a problem that needs fixing. It also provides a common reference when I switch service providers.
I have recently run into a situation where I installed pfsense as a vm on my unraid machine and passed through the network card hardware. It dropped packets and it would only resolve about 50% of the dns requests. Thinking it was something wrong with pfsense being run as a VM, I built a pc with i5-6400, 8gb of ram, dual intel nic, 128gb nvme. I installed pfsense and ran into the exact same issue. I have the exact same build at work so I swapped them and it works perfectly. I brought the work pfsense box home and it drops packets and same dns issue. The only think I can think of is the cgnat my home ISP (GVTC) uses. My tplink wireless router works with the home internet without issue. I have tried using cloudflare and google dns as well as changing the mtu. I just went back to tplink because I could not figure out what the issue is.
This is great. Just what I was looking for. Is there a way I can have my isp connection issues emailed to me as they happen rather than digging thru the logs? Thanks for the great content.
So for some reason my ISP does this thing with VLAN and PPPOE. Then I have to request the IPv6 though the IPv4 link. If I set a monitor IP for IPv6 the monitoring thing stays blue. No idea how to fix that.
You might not be able to use the ISP gateway on IPv6. Often a link local address is used, which will not work with the pfSense monitor. What I did was run a traceroute to Google and selected the first Global Unique Address that appeared. This address appears to be within my ISPs network, as the first 64 bits are the same as with my WAN address.
Nice video tutorial. As someone who is currently considering but doesn't have a pfsense appliance, should I have a target amount of disk space if I'd like to keep logs around for awhile?
Good video, Thanks. I recently tried this on my pfSense+ v.23.01. I have Comcast/Xfinity Modem. Comcast gateways do not respond to PINGs, so I substituted 3rd party sites (Google, Cloudflare & Quad9). I experienced significant packet loss on all 3. When I disable Bridge Mode and am in a Double NAT configuration, no packet loss. Not sure why this is. Also, with Bridge Mode disabled, my Dynamic DNS configuration with Cloudflare does not work. I tried Port Forwarding 53/853 on the Comcast modem and opening these ports on pfSense WAN with not success. Dynamic DNS works fine in the Bridge Mode. Any thoughts? Thanks
Thanks Tom always very informative. Would you recommend using pfsense installed on old firewall hardware ? i.e. discontinued Sophos xg 135 or 105w etc. Have some laying around and pfsense works nicely on them just worried what could go wrong on the long run. Regards
Hi Tom, just wanted to ask you a question. Maybe I should use another social media channel of yours, but anyway: I was looking for a way in pfsense to detect that I have no internet connection even though the WAN gateway is online. I want to restart the WAN gateway or the whole router if the internet is not reachable for 30 mins on end. This is to always ensure connectivity is restored after an ISP outage or maitenance. I had a case this morning where I had no internet. In Pfsense everything was green. I restarted pfsense and internet was back. I cannot find a built in service that uses ping to check connection to e.g. a google server and then conditionally on that does a specified action. I dont like to spend the time to figure out how to write an run scripts and cron jobs. Or is that the only way???
I have a problem with Wi-Fi, wired connections work all the time without problem (as far as I can tell) but my Wi-Fi devices phones laptop and iPads randomly stop working… even if the device is connected to wi-fi the content I’m trying to watch just stop loading. It happens with RU-vid, Disney+ Netflix etc etc. To make it work again on the device side I have tu turn wi-fi off and back on and reload the webpage or the video…. This doesn’t happen with cabled device (tv are connected via cable and never get any problem)… Heo do I do to understand what’s wrong?
@@mattiaippolito1625 gotcha, reason I ask is because I have multiple AP’s and it would do as you described and ending up being a dhcp issue with pfsense so installed windows server in vm and used as dhcp and completely fixed the problem.
I just install pfsense in VMware everything is setup properly, I successfully connected an Ubuntu machine to pfsense and I had internet connection, after a while I don't have internet connection and I'm experiencing a big delay on pfsense GUI and no internet connection from the Ubuntu machine without changing anything. I reset to factory mode and put the config but no luck. Any hint regarding this issue? Thank you
Hello, I have a problem, the router is from the provider, Pfsense is connected to it on Pfsense in the Interfaces/Wan tab in the Speed and Duplex section, default is configured and I have a speed of 100MB/S, and if I change to 1000Bbase T full-duplex, the speed will be 1GB/s, but when loading on the routing WAN interface freezes for a minute 20-30. How to solve the problem?
