Tunables for FreeBSD will generally apply in pfSense but may not improve performance. On the page the default values should be fine for igc.

Well it would have to be a value that can be set in mpd5 since that's what the PPPoE server uses.

As a test you could try adding values to the conf file for the server in, for example, /var/etc/pppoe1-vpn/mpd.conf. You would need to manually kill the process and restart it like:
/usr/local/sbin/mpd5 -b -d /var/etc/pppoe1-vpn -p /var/run/pppoe1-vpn.pid -s poes poes

If you are able to find a value that works there most of that is created in /etc/inc/vpn.inc

Steve

@Patch yes, seeing the link for the earlier FR, I went to comment on that but couldn't as it was closed, hence the new FR with a link to the previous one. Not sure if that's the "right" way of doing it, but just wanted to bring it to their attention.
I'm hoping that if the new FreeBSD has it built-in, it requires minimal development on the pfSense side to include it as a feature - just a few Web UI tweaks?

Nice! Yeah we've seen ASPM cause all sorts of issues.

I found this post and this is exactly what I want to do. https://serverfault.com/questions/1034535/pfsense-dns-port-forwarding Instead of setting NAT reflection to Enable (Pure NAT) I tried setting Enable (NAT + Proxy) and I'm able to see result when I dig with my domain x.x.com. Unfortunately, I'm still unable to connect to DoT from my Android phone.

@stephenw10 Thank you @viragomann 's solution worked directly connecting to the firewall hardware console using video cable, keyboard and mouse.

Thank you again!

Ordering the Rackmount version shortly and I'll test restoring one component at a time to see if the interrupts persist, or at what point they may increase.

@stephenw10 unless they work for the ISP of the Feds.. Anyhow..

My fasting recipe
1/8 cup honey
1 banana
1/2 pint fresh blue berries
1/2 pint fresh red grapes with seeds
1 skinned Golden delicious apple no seeds
1/2 pint great value frozen fruit blend.
1/2 pint great value frozen tropical blend
top off with Eureka spring water,,
blend into a smoothie..

and get your crown on.. :)

Yes by default the server set in general settings don't do anything. pfSense resolves directly (Unbound in resolving mode) and clients are passed the local interfaces address to query against that.

Do you see blocked traffic in the firewall logs? Your rule probably isn't matching as you intended it to.

@JonathanLee - nope ... 2.7.2 CE from Dec of last year.

Hmm, as you say the llinfo arp messages have obscured anything that might give us a clue.

Really not much to go on there. The backtrace shows a general memory error but that could be hardware or software.

Is that the first time it has happened? Did it happen after upgrading to 23.09.1?

Yup use a static mapping: https://docs.netgate.com/pfsense/en/latest/services/dhcp/ipv4.html#static-mappings

@stephenw10 Not too sure but when I would reboot while in CE, I'd get stuck on the message OP posted but after a couple of reboots I was able to load and update to pfSense Plus. Which in turn, looking at the upgrade process, downloaded amd64 files and prevent the hang up on that screen.

I'll see if I can replicate when 24.03 releases. I like to do a clean install from CE to pfSense Plus when a major release comes out.

Since OP said that he was able to boot after a few reboots, what can cause the issue? At first I thought it was due to running pfSense in Proxmox but it even happened on bare metal.

@mtis This issue might also be caused by the ISP requiring DHCP renew requests to be QOS marked or VLAN Priority tagged. I have a french ISP that requires all DHCP frames to Priority 6 vlan tagged - otherwise they just don’t reply to the frames.
Do you have any chance of doing a packet capture of the ISP’s CPE doing DHCP discover and renew? Then you could see what they might be doing (if not just requiring renews to be broadcasted).

That's not a wireless problem. It sounds like you have misconfiguration in the VLANs somewhere. Probably in the switch.

Steve

Sorry typo'd that; it shouldn't be under TNSR!

Also IIMB is already present in 23.09. You can just enable it.

Great. Yes there are a bunch of improvements there coming in 24.03.

Edit the entry then you will see that.

@stephenw10 Thanks for those suggestions. I will give it a shot.