Hey guys,
Whilst trying to diagnose a connection issue on PfSense related to my VPN connection seemingly going down, after checking my System Logs>Gateway I am noting the following entries.
Could someone help me translate what these mean?
I can assume that there is obviously some uptime loss on the WAN_DHCP gateway if I understand the error highlighted in Green, but I have no idea what the error is highlighted in Red.
Thanks in advance.
P
Are you using a privacy VPN?
The error message50 is: " ENETDOWN Network is down. A socket operation encountered a dead network."
https://man.freebsd.org/cgi/man.cgi?query=errno&apropos=0&sektion=2&manpath=FreeBSD+12.2-stable&arch=default&format=html
Hey Tom,
Yes I am, I an using PureVPN for routing specific clients through for privacy reasons. However the WAN_DHCP is not my VPN Gateway.
WAN_DHCP Is my ISP Gateway, whereas my VPN Gateway is VPNWAN_VPNV4 (See screenshot below)
The error in my logs is referring to my ISP gateway, so doesn’t that mean it is pointing to a “Dead network” on my ISP side?
Thanks,
P
When there is a lot of traffic on the privacy VPN it can overwhelm the system resulting in the gateway going down.
Thanks Tom.
Is there a way to tweak system settings to avoid this? To be fair I do not have a tonne of traffic over the VPN. The most traffic heavy item I have is Plex and I would not have thought that would bring the gateway down, at most 2x simultaneous streams.
That being said, something is hammering my system.
Is there a way to view a CPU usage history? I would like to see what is/historically is doing this, via the GUI preferably.
Thanks,
P
If you stop the VPN does the CPU usage drop as well?
Ok so I managed to get shell access and looking at the process it looks like bzip2 is thrashing my system, however I cannot see what process is undertaking that. Right now I have to assume it is a PFBlockerNG or ClamAV update. It also looks like the VPN is sucking up a fair few resources.
After disabling VPN this is what the CPU usage looks like.
It is worth noting these are my system specs
16GB of system memory installed.
So I have disabled all the add on package services I use of Pfsense…but this Bzip is still plugging away with high CPU usage. Avoiding rebooting as I would like to pinpoint what service is using bzip.
Logrotate uses it so might be some oversized log got stuck. Also I don’t recommend using Squid.
You hit the nail on the head. I was taking a look and remembered that 24 hours prior I had set the OpenVPN log to debug mode which was creating far heavier logs and then trying to compress them, this is where I was seeing massive CPU spikes for the OpenVPN process, as well as the bzip processes.
Thanks for the headsup on Squid. Is there another way to use ClamAV on Pfsense?
Thanks,
P
I don’t see the usefulness of ClamAV on a firewall here in 2024.
Interesting, not being difficult, but why do you say that? Just interested in the thought process 
First, most web transfers which means ClamAV is blind to those and second signature based AV is less effecting due to the way modern malware works.
Yeah those are fair comments. Anyways, it seems so far the firewall is back stable but will leave it a few days to check to see if that remains the case. Thanks very much for your help.
