Hi guys, everything is fine on IPFIRE until something happens; like internet down or power failure, or a flood, or a God wrath. Why is so hard for Red interface to normally deal with ISP? Why after every restart or something else(see calamities above) I have to “shake” those DNS settings? If I’m out of my house the internet will remain down until I come home. I have cameras, I have machine to feed pets, and many things that depend on internet. This is the main and first feature of every firewall; to restore internet after it was down. In the past I use DDwrt and OpenWRT on anchient routers and that wasn;t any problems. What can I do to not worry of my internet connection when I’m away from home? THANK YOU!
Hi @swordfish77.
Have you thought about putting the ISP router in bridge mode and that the PPPoE dialing be done by IPFire. Maybe with that configuration you solve everything.
Another option that occurs to me is to create a task that will Ping google and when connectivity is lost, restart the interfaces.
It’s an idea. Maybe someone else will come up with something better.
Bye.
3 Likes
My ISP give me DHCP. Straight and simple connection. The ONT is in bridge mode, like you see in the picture from IP class. When I put my own router, it’s no problems. I have this problem on IPfire ONLY! I tested pfsense, clearos, smoothwall and many, many others. No problems at ISP connection.
I might think that probably Ipfire act in some way that the ISP feel that should block it. For the moment I will use other OS for firewall and maybe in the future I will return to IPfire. I like it the most but I sit without internet until I bypass IPfire.
Hello again.
The solution (I think it’s Unbound’s fault that it doesn’t recover), is this:
Copy UnboundWD to /etc/fcron(whatever you want) and check permissions.
NEW: Copy in fcrom/cyclic
To test that it works:
Know the PID of the Unbound process:
ps-A
Kill Unbound process:
kill(PID)
Once the process is killed, without doing anything, after a few minutes, it should recover.
UnboundWD.zip (293 Bytes)
Tell us if it works for you.
Regards
I have an ethernet connection to my ISP and the couple of times that the connection failed then when it cam back up again IPFire was connected again without me having to do anything.
When I used to be on a cable connection then when the service failed if I rebooted IPFire then the red connection would time out waiting for a response so in that case I had to reboot when the connection came back up.
As long as IPFire stays up then it would keep a record of the dhcp lease that it was given.
The only thing I can think of is if your ISP has a very short lease lifetime that is less than the typical time for a network outage.
You should be able to see what happened if you look in the RED logs accessible from the drop down box in the menu Logs - System Logs. You should be able to see what happened between the network going down and coming back up again. That might give some clue about the problem.
1 Like
Perhaps un check ISP DNS.
Your Domain Name System is in status broken.
May have nothing to do with your problem. But looks like a problem to me.
1 Like
It’s not a normal behaviour. IPfire has a big problem in this area. I use it in the past, same issue, even on Ppoe. They must work at this.
I eliminated IPfire from chain and I switch to my router. It works like a charm!
Providing your RED logs would help in understanding what is causing this and where to look for fixing it.
As I said I don’t see the behaviour you are describing when I have an internet outage.
1 Like
Check if the DNS server use DNSSEC.
Ipfire dont like DNS-server without DNSSEC.
Remove “Use ISP-assigned DNS server”
If you dont remove that IPfire use them.
Remove them then you se a line over them.
2 Likes
I still have NO INTERNET!
I disabled the ISP DNS. Come on guys! For real??
I tried 1.1.1.1 and 8.8.8.8. But frankly I don’t want to use an outside DNS. Why you cannot insert a setup to bypass a DNSSEC? Maybe some provider’s doesn’t have this…
I setup TLS and it worked somehow. Now, I rebooted and I want to see if it connects without any intervention. I keep you posted.
Nope. It doesn’t work. Guys please solve this IPFIRE ONLY problem!! I donated for this…
For the answer to this question please see this blog post.
https://blog.ipfire.org/post/dns-configuration-recommendations-for-ipfire-users
1 Like
I’m having trouble understanding what your trying to accomplish (but that’s normal for me!)
If you use 1.1.1.1 (or 9.9.9.9) does everything work?
And you are trying to DNS to something else?
From the first post it looks like you are trying to DNS to
109.166.202.230
109.166.202.220
1.1.1.1
8.8.8.8
but you don’t want 1.1.1.1 or 8.8.8.8. That correct?
I don’t want to use public DNS. But I try everything to force IPFIRE to work. Now, from last night, it working with ISP only DNS. But, God forbidden to somethings happen and to be forced to restart IPFIRE! I live with fear that after restart IPFIRE it will not connect anymore. It’s not a normal behaviour to force me to “pray” 
everytime I restart the device. Like I said before, if I’m away from my home and the IPFIRE take a restart, from every reason, the connection will remain dead until someone come in the location and “play” with public DNS-es. God how I miss the days with Smoothwall, with which forget his existence from the day you setting him up.
It is the concept of DNS, that you must use “external” DNS servers. Where should the information come from otherwise. 
ISP DNS servers are also external servers. And yes, they often do not support DNSSEC.
If I setup a new system, I use first 8.8.8.8. This isn’t a server I really want to use, but it is functioning.
Having established internet connection using this DNS server, I configure the DNS relay unbound in IPFire with some servers from the list in the wiki. I hadn’t problems with this procedure.
If your system has problems with restart/reboot I suspect there are some other problems besides DNS.
3 Likes
“ If your system has problems with restart/reboot I suspect there are some other problems besides DNS.”. I thought that could be other problems. New install, fresh machine, Internet stable. What problems could be?