Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Subscribers 4 subscribers
  • Views 23813 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAN Interface flapping

ChrisBKA

Hi,

 

i discovered that one of my WAN Interfaces keeps flapping.

 

I set it to static 1000MBits FULL to avoid negotiation errors. but this doesn't help out either. 

 

The Question is:

 

In which log can i see why the Interface is in error state and why it is marked as disabled ?

 

Thanks in Advance,

 

Chris



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to BAlfson

    Hi Balfson,

    BAlfson said:

    did you use the process outlined in #7.7 in Rulz?

    Thanks for your reply

    Yeeee, did that. But not by cold booting the devices... I switched the Interface to OFF an ON again.

    ... aaand ... ist there a way to set a FritzBox (ISP HW) to fixed Speed/Duplex?!

    Couldn't remember one...

    The point is, that middleware log says the following:

    2017:07:31-00:08:18 fw middleware[3988]: T main::top-level:213() => starting cycle 6185, caught 1 signals
2017:07:31-00:08:18 fw middleware[3988]: T core::Config::Changed:198() => configversion=8078
2017:07:31-00:08:18 fw middleware[3988]: T core::Config::Changed:208() => nodes=0 objects=4 triggers=0
2017:07:31-00:08:18 fw middleware[3988]: T core::Config::load:351() => modules=30,52
2017:07:31-00:08:45 fw middleware[3988]: T utils::IPRoute::ip_route_cmd:869() => /sbin/ip -f inet route add proto kernel table 220 0.0.0.0/0 via 217.5.xx.xx dev ppp0 onlink
2017:07:31-00:08:45 fw middleware[3988]: T utils::IPRoute::ip_route_cmd:869() => /sbin/ip -f inet route add proto kernel table 253 metric 20 0.0.0.0/0 nexthop via 217.5.xx.xx dev ppp0 onlink
2017:07:31-00:08:45 fw middleware[3988]: T modules::up2date::load:106() => iaas_deployment=
2017:07:31-00:08:47 fw middleware[3988]: T modules::ipset::deleteUnused:320() => auto#=9/682 confd#=1/341
2017:07:31-00:08:47 fw middleware[3988]: T main::top-level:264() => ending cycle 6185, caught 1 signals, 1 children still running
2017:07:31-00:08:47 fw middleware[3988]: T main::top-level:213() => starting cycle 6186, caught 1 signals
2017:07:31-00:08:47 fw middleware[3988]: T core::Config::Changed:198() => configversion=8080
2017:07:31-00:08:47 fw middleware[3988]: T core::Config::Changed:208() => nodes=0 objects=5 triggers=0
2017:07:31-00:08:47 fw middleware[3988]: T core::Config::load:351() => modules=30,52
2017:07:31-00:09:13 fw middleware[3988]: T utils::IPRoute::ip_route_cmd:869() => /sbin/ip -f inet route add proto kernel table 220 0.0.0.0/0 via 46.237.xxx.xx dev eth3 onlink
2017:07:31-00:09:13 fw middleware[3988]: T utils::IPRoute::ip_route_cmd:869() => /sbin/ip -f inet route add proto kernel table 253 metric 20 0.0.0.0/0 nexthop via 46.237.xxx.xx dev eth3 onlink nexthop via 217.5.xx.xx dev ppp0 onlink
2017:07:31-00:09:14 fw middleware[3988]: T modules::up2date::load:106() => iaas_deployment=
2017:07:31-00:09:14 fw middleware[3988]: [WARN-032] Internet uplink is down
2017:07:31-00:09:15 fw middleware[3988]: T modules::ipset::deleteUnused:320() => auto#=9/682 confd#=1/341
2017:07:31-00:09:15 fw middleware[3988]: T main::top-level:275() => cycle 6186 waiting for 1 children
2017:07:31-00:09:17 fw middleware[3988]: T main::top-level:264() => ending cycle 6186, caught 1 signals, 1 children still running
2017:07:31-00:09:17 fw middleware[3988]: T main::top-level:213() => starting cycle 6187, caught 1 signals
2017:07:31-00:09:17 fw middleware[3988]: T core::Config::Changed:198() => configversion=8081
2017:07:31-00:09:17 fw middleware[3988]: T core::Config::Changed:208() => nodes=0 objects=1 triggers=0
2017:07:31-00:09:17 fw middleware[3988]: T core::Config::load:351() => modules=15,50
2017:07:31-00:09:18 fw middleware[3988]: T modules::up2date::load:106() => iaas_deployment=
2017:07:31-00:09:18 fw middleware[3988]: [WARN-033] Internet uplink is up again
2017:07:31-00:09:20 fw middleware[3988]: T modules::ipset::deleteUnused:320() => auto#=9/682 confd#=1/341
2017:07:31-00:09:20 fw middleware[3988]: T main::top-level:275() => cycle 6187 waiting for 1 children
2017:07:31-00:09:31 fw middleware[3988]: T main::top-level:264() => ending cycle 6187, caught 1 signals, 1 children still running
2017:07:31-00:09:31 fw middleware[3988]: T main::top-level:213() => starting cycle 6188, caught 1 signals
2017:07:31-00:09:31 fw middleware[3988]: T core::Config::Changed:198() => configversion=8082
2017:07:31-00:09:31 fw middleware[3988]: T core::Config::Changed:208() => nodes=0 objects=4 triggers=0
2017:07:31-00:09:31 fw middleware[3988]: T core::Config::load:351() => modules=30,52
2017:07:31-00:09:58 fw middleware[3988]: T utils::IPRoute::ip_route_cmd:869() => /sbin/ip -f inet route add proto kernel table 220 0.0.0.0/0 via 217.5.xx.xx dev ppp0 onlink
2017:07:31-00:09:58 fw middleware[3988]: T utils::IPRoute::ip_route_cmd:869() => /sbin/ip -f inet route add proto kernel table 253 metric 20 0.0.0.0/0 nexthop via 217.5.xx.xx dev ppp0 onlink
2017:07:31-00:09:58 fw middleware[3988]: T modules::up2date::load:106() => iaas_deployment=
2017:07:31-00:10:00 fw middleware[3988]: T modules::ipset::deleteUnused:320() => auto#=9/682 confd#=1/341
2017:07:31-00:10:00 fw middleware[3988]: T main::top-level:264() => ending cycle 6188, caught 2 signals, 1 children still running
2017:07:31-00:10:00 fw middleware[3988]: T main::top-level:213() => starting cycle 6189, caught 2 signals
2017:07:31-00:10:00 fw middleware[3988]: T core::Config::Changed:198() => configversion=8084
2017:07:31-00:10:00 fw middleware[3988]: T core::Config::Changed:208() => nodes=0 objects=5 triggers=0
2017:07:31-00:10:00 fw middleware[3988]: T core::Config::load:351() => modules=30,52
2017:07:31-00:10:26 fw middleware[3988]: T utils::IPRoute::ip_route_cmd:869() => /sbin/ip -f inet route add proto kernel table 220 0.0.0.0/0 via 46.237.xxx.xx dev eth3 onlink
2017:07:31-00:10:26 fw middleware[3988]: T utils::IPRoute::ip_route_cmd:869() => /sbin/ip -f inet route add proto kernel table 253 metric 20 0.0.0.0/0 nexthop via 46.237.xxx.xx dev eth3 onlink nexthop via 217.5.xx.xx dev ppp0 onlink
2017:07:31-00:10:27 fw middleware[3988]: T modules::up2date::load:106() => iaas_deployment=
2017:07:31-00:10:27 fw middleware[3988]: [WARN-032] Internet uplink is down
2017:07:31-00:10:28 fw middleware[3988]: T modules::ipset::deleteUnused:320() => auto#=9/682 confd#=1/341
2017:07:31-00:10:28 fw middleware[3988]: T main::top-level:275() => cycle 6189 waiting for 1 children
2017:07:31-00:10:30 fw middleware[3988]: T main::top-level:264() => ending cycle 6189, caught 1 signals, 1 children still running

    ... strange behaviour.. 

    Cheers 
    Chris
  • +1 in reply to ChrisBKA

    Hi,

    How about placing an unmanageable switch between the UTM and the Fritzbox? 

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Hi,

     

    will give it a try in the next few days...

     

    Thanks in Advance,

     

    Cheers,

    Chris

  • 0 in reply to sachingurung

    Hi,

    that did the trick... but... why ? Have 2 other isntallations with the same GW Hardware in front of the utm and no problems at all ?

    Cheers,
    Chris

  • 0 in reply to ChrisBKA

    Chris, the procedure outlined in #7.7 should have resolved this issue.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    well, no.

    I tried to set the Speed/Duplex fixed to 1000/full but the other device (AVM Fritzbox) wouldn't let me config this.

    As i am trying to understand what caused the problem i was confronted with the NUTM that the MTU value option that comes with DHCP was faulty for customers of that specific ISP.

    My guess is, that it was a combination of those to issues. So one the one hand a mismatch in speed/duplex and on the other hand the MTU issue.

    Finally, sophos resolved the NUTM and the switch in between the two devices solved the mismatch error.

    Or did i get sth. wrong here ?

    Cheers,
    Chris

  • 0 in reply to ChrisBKA

    Hi Chris,

    I suggested a switch to negotiate the speed duplex value between the ISP modem and the UTM.  Generally, such issues should be resolved from Bob's Rulz #7.7 but sometimes a switch does the magic. We used to suggest this since back in the Cyberoam days. :)

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to ChrisBKA

    You got the right solution, Chris - I could be wrong, but I think the MTU issue is a symptom, not a problem/solution.  The free fix in #7.7 didn't work because of the limitations of the FritzBox.  Sachin's solution is quick and easy if you have a small, spare switch around, or a managed switch that can accomplish the same thing.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML