WAN Port X1 flapping
I am having the issue described here
and here
This is by far the most annoying issue in 15 years of my time as sonicwall reseller. Some of my customers report freezing calls and connection losses. What I can see is Port X1 going down for a couple of seconds or minutes and then going back up. The modems do not need PPPoE and are not in bridge mode. Cable length is usually 3ft/1m or less. I usually have a private ip (192.168.1.103 or something) at the x1 port
What I have tried so far without success:
- Changing the WAN port to x2
- Setting the link speed manually to 1Gbit/s
- Changing cables
- Changing the Modem port
Swapping the TZ with another does usually resolve the problem. The same device does not have the problem if I install it in my office. Installing a mini switch also solves the problem, but I really can't either install mini switches everywhere and I can't have so many customers with issues and then need to see them again.
The problem started with Gen7 devices and I have had it from the first firmware version until now. Did someone here have had this problem resolved somewhere or any idea what else I could try?
Answers
i feel your pain with Gen7 but i haven't seen this happen with our devices yet,
try temporarily setting the log level to debug when you're actively monitoring ( make sure to set it back to previous setting when you're done, its a lot of overhead logging and fills the buffers up real quick ( also do an export of current logging before starting )
you can also try and see if you can port mirror it to another port and then put a laptop with wireshark on it see whats actually going on.
worst case scenario you're going to have to build your config from scratch ( which is the last thing i would like to hear )
@Teleporter it seems that issue is related to TZ 270 only when attached to some form of Modem for DHCP. On all my other deployments with TZ 470 and up I did not experienced this problem. No TZ 370 in the field as of now. Even TZ 270s connected to a Router not showing this behaviour.
I did not escalated this, because I'am sure the Support is already aware of it and I tried not to waste any time on this.
--Michael@BWC
@BWC "some form of Modem for DHCP"
Do you think a static IP on x1 could solve this? I will try immediately.
@Teleporter IMHO it's not DHCP per se, it looks like if the public (routeable) IP got assigned to the WAN Interface.
Having a private IP assigned from a router in front via DHCP did not caused this.
It's a fuzzy situation, so I would not take any bets on my DHCP theory. It is probably caused by some compatibility issue between the Ethernet Port on the TZ and the connected device. This would explain why putting a mini switch between them resolved any issue, still having DHCP enabled.
--Michael@BWC
I just recently purchased a TZ370, (Jan 2023), and also seen this flapping about once a minute.
I too suspected DHCP requests might be the problem
We tried a putting a netgear router in front, and that did help with the flapping but was not ideal as DDOS would take it out hence having the firewall behind it would not work.
I have a cable modem with 4 ports, and other cheap routers attached to it.
What I found was that when I removed the other routers, the Flapping on X1 (WAN) stopped!
It makes sense to me now, as the IP's being handed out by cable modem, are in the same range. When adding a switch in front of the Firewall as the comment above suggests, it clicked for me. Switch uses MAC address for routing, and Router/firewall would use IP. Not sure what the real fix is, but identifying the problem, helps in a work around! This thread definitely helped resolve my issue.
I'm facing the issue with flapping X1 WAN interface since we have a new TZ 470 is in use.
WAN port is in DHCP mode and connected to a media converter from the ISP. We get a static public ip address from the ISP.
Beside the work around with a switch between the TZ and the router, are there any news?
Thank's, Daniel
+1 for same problem here. TZ370 flapping on X2 with a MOFI cellular router set to IP passthru. I spent many hours trying to fix it, found this thread and put an unmanaged switch in between.. Now it's working fine, except with this setup the interface gets a local IP address in the default lan subnet for the MOFI router. So it's not really doing IP passthru..
Hi, we had the similar issue on our NSA 5600 firewall.
The WAN port flapped and brought down the network, however, the ISP reported no outrage at that time.
Please check your WAN interface probe configuration. Our probe sent tcp packet to SonicWall public ip. After we changed from tcp to icmp, and used 8.8.8.8 and 75.75.75.75., the issue stopped. Hopefully it helps.