pfSense 2.5.2 periodic HUGE lag spikes
-
@abtekk Thanks, I will try and test for a couple of days then let you know
-
@abtekk Quick question: I did not select any of my interfaces in the firewall rule. Do I have to select all interfaces that I use in my load-balancer gateway group or keep them all unselected?
-
@muenchris said in pfSense 2.5.2 periodic HUGE lag spikes:
If I reboot the 6100 I do not see any lag for a day or so
A day seems fast for my suggestion but check to see if it's running out of memory. pcscd has a memory leak.
OTOH if the Internet pipe is full then that will back up everything and traffic shaping can help that a lot.
-
@steveits My network setup is quite complicated. Behind the pfSense/6100 there is a Unifi UDM Pro that manages my main network that has 5 sub-networks (IoT, Cameras, Media, Gaming and Business). All firewall rules are managed by the UDM Pro - the pfSense is "only" load balancing. This results in my triple-NAT setup.
Also my WLANs are all LTE router with non-consistent internet speeds (very different for time of day and day of week).
Especially the (isolated) IoT network creates a lot of "mini-Connections" to their respective clouds.
If there is a memory leak in one of the pfSense services it might be caused by the IoT network (over 150 devices).Is there something (like a specific service) I can "flush/restart" periodically? I would have to restart the complete Netgate every night
-
According to this thread:
https://forum.netgate.com/topic/112527/playing-with-fq_codel-in-2-4
Codel has a bug. Use "taildrop" instead. You'll get same result
-
@magikmark Thanks, I will check it out.
-
@muenchris said in pfSense 2.5.2 periodic HUGE lag spikes:
something (like a specific service) I can "flush/restart" periodically
The pcscd service, as mentioned :) If you aren't using IPSec you can just stop it, though it will start when pfSense boots. Otherwise if you follow into that bug report there is a patch to disable it properly. Not saying this is your issue, but it's generally an issue on all installs eventually.
-
@magikmark said in pfSense 2.5.2 periodic HUGE lag spikes:
Codel has a bug. Use "taildrop" instead. You'll get same result
First I've heard of that. I don't see anything recent in that thread detailing it. A lot of people are running that.
Is there a bug report?Steve
-
The thread is quite long. Here is the exact post. I think it's not Codel itself but pfsense:
https://forum.netgate.com/topic/112527/playing-with-fq_codel-in-2-4/770
You get this error:
"config_aqm Unable to configure flowset, flowset busy!" error.
-
@magikmark said in pfSense 2.5.2 periodic HUGE lag spikes:
https://forum.netgate.com/topic/112527/playing-with-fq_codel-in-2-4/770
Ah, OK. That's not a bug it's a feature.
I've never hit that but it looks like you would only ever hit it if trying to re-configure an existing pipe that is actively in use.
Steve