Link down/up alternately

firewire · 5 February 2020 07:06

Good morning,

I’d ask for help. Yesterday, during a phone call at home, I’ve had a problem with my iPFire which happened meanwhile the second time.

/var/log/messages

Feb  4 11:06:05 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:06:06 gw ntpd[24970]: Deleting interface #8 red0, 111.222.333.444#123, interface stats: received=0, sent=0, dropped=0, active_time=791430 secs
Feb  4 11:06:09 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:06:10 gw ntpd[24970]: Listen normally on 11 red0 111.222.333.444:123
Feb  4 11:06:10 gw ntpd[24970]: new interface(s) found: waking up resolver
Feb  4 11:06:15 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:06:16 gw ntpd[24970]: Deleting interface #11 red0, 111.222.333.444#123, interface stats: received=0, sent=0, dropped=0, active_time=6 secs
Feb  4 11:06:18 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:06:20 gw kernel: igb 0000:07:00.0: exceed max 2 second
Feb  4 11:06:20 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:06:22 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:06:24 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:06:28 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:06:29 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:06:35 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:06:35 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:06:39 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:06:41 gw kernel: igb 0000:07:00.0: exceed max 2 second
Feb  4 11:06:41 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:06:43 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:06:44 gw ntpd[24970]: Listen normally on 12 red0 111.222.333.444:123
Feb  4 11:06:44 gw ntpd[24970]: new interface(s) found: waking up resolver
Feb  4 11:06:46 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:06:47 gw ntpd[24970]: Deleting interface #12 red0, 111.222.333.444#123, interface stats: received=0, sent=0, dropped=0, active_time=3 secs
Feb  4 11:06:50 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:06:51 gw ntpd[24970]: Listen normally on 13 red0 111.222.333.444:123
Feb  4 11:06:51 gw ntpd[24970]: new interface(s) found: waking up resolver
Feb  4 11:06:52 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:06:53 gw ntpd[24970]: Deleting interface #13 red0, 111.222.333.444#123, interface stats: received=0, sent=0, dropped=0, active_time=2 secs
Feb  4 11:06:56 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:06:57 gw ntpd[24970]: Listen normally on 14 red0 111.222.333.444:123
Feb  4 11:06:57 gw ntpd[24970]: new interface(s) found: waking up resolver
Feb  4 11:06:57 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:06:59 gw ntpd[24970]: Deleting interface #14 red0, 111.222.333.444#123, interface stats: received=0, sent=0, dropped=0, active_time=2 secs
Feb  4 11:07:01 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:07:02 gw ntpd[24970]: Listen normally on 15 red0 111.222.333.444:123
Feb  4 11:07:02 gw ntpd[24970]: new interface(s) found: waking up resolver
Feb  4 11:07:09 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:07:10 gw ntpd[24970]: Deleting interface #15 red0, 111.222.333.444#123, interface stats: received=0, sent=0, dropped=0, active_time=8 secs
Feb  4 11:07:12 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:07:13 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:07:17 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:07:18 gw ntpd[24970]: Listen normally on 16 red0 111.222.333.444:123
Feb  4 11:07:18 gw ntpd[24970]: new interface(s) found: waking up resolver
Feb  4 11:07:23 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Down
Feb  4 11:07:24 gw ntpd[24970]: Deleting interface #16 red0, 111.222.333.444#123, interface stats: received=0, sent=0, dropped=0, active_time=6 secs
Feb  4 11:07:27 gw kernel: igb 0000:07:00.0 eth1: igb: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX/TX
Feb  4 11:07:28 gw ntpd[24970]: Listen normally on 17 red0 111.222.333.444:1234

Having had a look on the firewall logs, the following IP’s were dropped quite while that happened:

113.22.205.164 -
189.174.118.36 dsl-189-174-118-36-dyn.prod-infinitum.com.mx
196.219.167.35 host-196.219.167.35-static.tedata.net
209.17.96.138 209.17.96.138.rdns.cloudsystemnetworks.com
24.220.73.91 -
93.85.92.78 mm-78-92-85-93.eth.static.mgts.by
94.91.166.163 host163-166-static.91-94-b.business.telecomitalia.it
138.201.14.212 chiwui.torproject.org

I have blocked all countries except Austria. In result, the internet connection dropped intermittently. Suricata log is empty.

Could you please advise what may have happened here?

Thank you!

xperimental · 5 February 2020 08:18

This message is just related to a physical link status. So If you get that message without plugging the cord, there is something wrong with it, your network card or the opposite side.

arne_f · 5 February 2020 09:26

also the cable/connectors may be a reason for this.

firewire · 6 February 2020 07:49

Good morning,

thank you for your responses. May I please add that the error appeared on the RED interface only, and, as I’ve recognized on the log files, on ORANGE.

The RED interface hangs with one short cable on an Ubiquiti Edge Router which acts as a gateway.

I copied /var/log/ before reinstalling the machine and was unhappy not to find a message, somewhat saying “firmware is not reliable”, or “invalid firmware” or so, I think it’s been regarding the NIC.

I tried to find that error in /var/log/messages again but I didn’t. After having had reinstalled, the connection is stable again so far.

Apologize for being that unprecisely. However, if that happens again, I’ll be looking more closely in hope to find and provide more a bit more valid information.