Odd - that means the WAN interface is up(!)

Just had a look at my logs .. I see exactly the same reports when the server reboots. I'm guessing that if you look further everything sorts itself out - it does in mine. In retrospect, I don't think there's a problem.

Hi Richard,

The websites on my server can be visited from the internet, that's not the problem. And I can use the Marketplace of COS to load new apps. So the server can reach the internet and vv.
The connection is via a cable modem. And the DHCP also runs on the cable modem. The server and the modem has a static IP address. The address of the modem is used as gateway address.

Joop

That says to me that the reason you can access your server and websites is because you are 'contacting' them via the DNS entries on your own network - you aren't going outside your own network. I'm guessing therefore, that WAN access (internet) to your websites is via port forward on your router, and as the WAN appears to be down, you won't be able to get to them UNLESS you're on your own network. You can check this by using your phone (iPhone?); turn off the phone's WiFi and just connect to the internet via mobile data. If you use the phone's web browser and put in the website address (like www.google.com), you'll probably find that you can't get a response - that will confirm that the WAN is down.

Next question; presumably your router provides local IP addresses(?) - or is the DHCP server held on on the server? - in my case, I have 2 standalone servers, with a router (static local IP address) acting as the gateway to the internet (via cable modem), and the DHCP server hosted on one of the (private) servers, the DHCP server built into the router is turned off, and the IP address I've allocated to the router is defined as the 'gateway' field in the DHCP server settings on the server. That means that PCs on my network know to access (via local DNS) local servers directly, but unknown DNS lookups are sent directly to the router for servicing outside my local network.
If the DHCP server is on the server, make sure the router has a static address so the server knows where/how to get to the WAN (via your router) - which will be the gateway address you've defined in the DHCP server.
Either way, make sure you only have ONE active DHCP server running on your network - either in your COS server or in the router.

Next: is the WAN (internet) via a cable modem or is it an ADSL modem? (ADSL being a glorified dial-up). In either case, from what you've said, it's likely to be physically part of your router.
The difference is that a cable modem connection is there all the time, and will be there assuming the ISP side of things is up and you've paid your bills . If it's ADSL, then the connection can either be 'on demand' or 'permanent' - that's a setting in the ADSL router, and it would need to be set to the 'permanent connection' if you want your webserver to be visible from the web all the time.

Hi Nick and Richard,

Thanks for your answers and explanation.
FYI: networkmode is Standalone, everything is connected by cable, server can be reached from outside via port forwarding on router, but then it's local network, I presume.

Can you say something more now?

Joop

Syswatch was changed a few months ago to use GoogleDNS first then CloudFlare as ping targets to check if ClearOS is on line. It should only use CloudFlare if pings to Google fail. When we changed things, we wondered about using CloudFlare first as they seem to have very slightly lower pings. The ping servers can be overridden in /etc/syswatch.

It is also worth noting that if you have high latency on your WAN, you can change the ping timeout and even the method (ICMP, UDP or TCP) in /etc/syswatch.

When The WAN ping check fails, it should fall back to pinging its Gateway - your external router - and should then report that you may have an ISP problem. That used to work.

8.8.8.8 and 8.8.4.4 are the Google DNS servers. 1.1.1.1 appears to be CloudFlare's Public DNS IP address, and reports seem to indicate they are the source of a lot of spam and DDoS attacks. You'll need to check your settings to see where that's appeared from.

When you say you can reach your server and websites, I assume you mean from inside your local network - in which case that just means that your local connectivity is working as you're not going 'outside' to get access to them. So the question then becomes "how do you connect to the WAN?" - cable?
And you say you've only got one network interface .. how is your server configured? Public server? Private server? And how does the server physically connect to your local and WAN networks?