Untimely disconnection from the Internet since the last update

Since the last update (core 146 to core 147) we have had untimely disconnections of our fiber connection.

Does anyone have the same problem ?

I haven’t found anything in the logs so far that can help me find the problem :frowning:

Thanks

Here are the infos I found weird in the “message” log:



Aug 25 11:02:16 myfirewall ntpd[4192]: Listen normally on 156 red0 85.195.239.248:123
Aug 25 11:02:16 myfirewall ntpd[4192]: new interface(s) found: waking up resolver
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 10001 is big. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 10101 is big. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 10102 is big. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 10103 is big. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 10104 is big. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 10110 is small. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 10120 is small. Consider r2q change.
Aug 25 11:02:16 myfirewall unbound: [18446:0] info: validation failure <RAX40. AAAA IN>: no DNSSEC records from 103.247.37.9 for DS RAX40. while building chain of trust
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 20001 is big. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 20200 is big. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 20203 is big. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 20204 is big. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 20210 is small. Consider r2q change.
Aug 25 11:02:16 myfirewall kernel: HTB: quantum of class 20220 is small. Consider r2q change.
Aug 25 11:02:16 myfirewall root: Could not find a bridged zone for imq0
Aug 25 11:02:16 myfirewall codel: Codel AQM could not be enabled on ‘imq0’. Error code: 2


Can these messages be the cause of my worries about disconnecting from the Internet ?

After some research, some leads lead to Ipfire’s QOS service.

And in Unbound logs:

|1:32:08|unbound: [18446:0]|error: SERVFAIL <_nos._tcp.nos-avg.cz. SRV IN>: all the configured stub or forw ard servers failed, at zone .|
|---|---|---|
|11:32:08|unbound: [18446:0]|error: SERVFAIL <wifiprotectcheck.mcafee.com.wifi.xxx.ch. A IN>: all the configured stub or forward servers failed, at zone .|
|11:32:08|unbound: [18446:0]|error: SERVFAIL <wifiprotectcheck.mcafee.com.wifi.xxx.ch. A IN>: all the configured stub or forward servers failed, at zone .|
|11:32:08|unbound: [18446:0]|error: SERVFAIL <kube-nimbus-1314339100.eu-central-1.elb.amazonaws.com. A IN>: all the configured stub or forward servers failed, at zone .|
|11:32:08|unbound: [18446:0]|error: SERVFAIL <peernotification-ncal-1870286819.us-west-1.elb.amazonaws.com. A IN>: all the configured stub or forward servers failed, at zone .|
|11:32:08|unbound: [18446:0]|error: SERVFAIL <peernotification-prod.netgear.com. A IN>: all the configured s tub or forward servers failed, at zone .|
|11:32:08|unbound: [18446:0]|error: SERVFAIL <peernotification-ncal-1870286819.us-west-1.elb.amazonaws.com. A IN>: all the configured stub or forward servers failed, at zone .|
|11:32:08|unbound: [18446:0]|error: SERVFAIL <ipv6.msftconnecttest.com. A IN>: all the configured stub or fo rward servers failed, at zone .|
|11:32:08|unbound: [18446:0]|error: SERVFAIL <ipv6.msftconnecttest.com. A IN>: all the configured stub or fo rward servers failed, at zone .|
|11:32:08|unbound: [18446:0]|error: SERVFAIL <elb-fra-amz.nimbus.bitdefender.net. A IN>: all the configured stub or forward servers failed, at zone .|

…but I think these errors are due to the internet disconnection problem.

I disabled the QOS service but the problem is still present :frowning:

After several observations, the problem seems to occur every 15min…I looked at “fcontab -l” but found nothing that runs every 15min that could be a problem.

I contacted my Internet provider who told me that the problem did not originate with them.

Could someone help me debugging ?

Thanks

Hi @tikok974

I have a few computers with IPFire on different Clients and I have had no problems.

You have Unbound errors, How do the DNS appear?.

I have the following configuration and they work perfectly on all IPFires.

If you want, you can check Safe Search box.

Say Us something.

Regards.

Hi Roberto,

Thanks for your reply.
I think I’ve found the solution. It seems that the problem is related to an Addon with the last update core 147.
Here is the list of s addons I have on my installation:

  • Htop
  • Netsnmpd
  • Nmap
  • Perl-Net-Ip
  • Perl-common-sense
  • Perl-inotify2
  • Sarg
  • SendEmail
  • tcpdump
  • wio

I’ve now uninstalled all the addons and I’m reinstalling them 1 by 1…I’ve already reinstalled Htop,SendEmail and Nmap and no Internet shutdown…I continue (it takes time because I can’t afford too much shutdown…the firewall is in production)

I keep you informed here
Thanks

1 Like