Options

Virtual interface carrier error

rv@kaufmann.dkrv@kaufmann.dk
in Firebox - Networking, Multi-Wan, VLAN, NAT, SD-WAN
Hi

What do carrier errors mean on a virtual interface in the Watchguard kernel world?

Regards
Robert

Comments

  • Options
    james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @rv@kaufmann.dk
    Depending on what interfaces are bridged on the virtual one, it generally means that the firewall is having trouble sending traffic down that next device.

    For example, a tun interface (like used with SSLVPN) might show errors like that when the user(s) are not reliably connected and the system is dropping traffic because it can't be sent.

    -James Carson
    WatchGuard Customer Support

  • Options
    rv@kaufmann.dkrv@kaufmann.dk

    @james.carson

    Thank you for the clarification.

    I have a remote location where my ike tunnels started to have extremly high packet lose, but everything else is working normal - that is non encrypted traffic. And only my virtual interfaces has errors, both TX and carrier and all physical interfaces is running smooth.

    It looks as all traffic with gre, udp500, udp4500, esp ip 50 has huge packet drops and i do not have any QoS/shaping configured anywhere.
    And it started over the easter holidays so i have opened a case with my ISP as i have a managed router (acting as a bridge also doing VoIP) in front of my firebox. For me it looks as somewhere in my ISP network are shaping the above traffic to a very low value.

    (I have seen before my ISP pushes out wrong QoS rules to their managed routers where instead of setting a minimum and maximum value for the VoIP traffic, it QoS rules is shaping other traffic).

    /Robert

Sign In to comment.