Gateway WAN keeps on having packet lost
-
-
Hmm, that was whilst you are passing traffic? Like running a speedtest?
I expect to see far more CPU usage than that. Nothing there looks like an issue though.
-
sorry that was it idling here's one while I'm running a speed test. Noticed how I drop to around 500Mbps now
-
Mmm, nothing unusual there either. No CPU core maxed out.
I guess I would be running a packet capture on the WAN at this point to see what's actually happening. Are there a load of retransmissions or packet fragments etc.
Steve
-
@stephenw10
i'll try to do that...how long should I be running the packet capture for?here's a screen capture of the entire speedtest process.
https://vimeo.com/manage/videos/661294436/f74c230e65
-
I would start with 1000 packets showing the beginning of the test. If there's something broken there it should show pretty quickly.
Steve
-
@stephenw10 Here's what it captured. Not sure how to decode this information.
-
You need to look at the actual pcap file in Wireshark to see anything useful really.
-
@stephenw10 attached is the cap file. I can see that there are icmp errors and some extremely long response time in the traffic but is not smart enough to analyze it to identify the exact issue. :(
https://drive.google.com/file/d/1l-6VkFO8zfGs8sUBnX7Spltxgp10trQo/view?usp=sharing
-
Hmm, well the WAN was quite busy at that time. The 1000 packets covered only 2.3s.
Load of random port UDP traffic in there. Clients behind torrenting maybe?The WAN sent 5 pings in that time to what I assume is the gateway IP and no replies came back. Did you set the monitoring back to the gateway IP?
Did you enable promiscuous mode when doing that? That's usually a good idea as some things can be hidden otherwise.
Overall apart from the lack of ping responses it doesn't look too terrible.
Are you able to retry that with the WAN in promisc mode and preferably without the LAN side client spewing UDP traffic?
Steve
-
I'll have to try again in the morning when wife and kids don't need the internet. When they're up every one is online
-
@stephenw10, look at the capture and I am seeing windows update In Execution, in my case this has come to cause a problem
-
@silence But half of this morning no one was online and even when my computer was the only thing connected.
And then it still doesn't explain that I don't get ping timed out when I bypass the offense box
-
Took the Xfiniti router out fo bridge mode and let the whole house run off of it. no time on out ping to any external IP's. it also resolved the issue MyQ not staying online.
So I've factory reset the PFsense box to default no fix, tested all ports for both wan and lan and only would fail when pinging outside so that means my NIC is good and all ports or good or else I would be singing failed pings when I ping the gateway as well and not just external IP's.
really leaves it to being a software issue.
Do you guys think if I completely reinstall the image is any different than doing a factory reset from the device?
-
With a fresh install and zero changed to the default setting, it would first boot up with everything looking good but about 5 minutes it would start dropping packet on IPv4 again.
At this point is it picking up a new NIC to see if the problem is still there?
What would be a good NIC?
I currently have the NIC below
https://www.amazon.com/IBM-39Y6138-1000-Server-Adapter/dp/B016YK2NAY -
I would look for something newer that uses igb based NICs at least. em NICs only use a single queue so don't utilise your CPU as well as igb devices would.
Steve
-
@stephenw10 I spent a good 6 or 7 hours migrating all my static IP devices to the Xfinity gateway. It was a PITA I hate anything provided by the ISP but this time, it is the only thing that works. :(
I've spent enough time on this, going to power down PFsens. everything that I need to work is currently working. Going to go enjoy new years.
I might get a 10gbe NIC if I do decide to spin up the PFsense box again.
BTW wanted to add that I ran part of this morning with the onboard NIC as wan and still experience the symptoms. I doubt a new NIC will fix my issues.
Thanks you for everyone's efforts
-
Hi,
I don't want to hijack your post but I'm having very similar if not identical issues as you. I'd like to add that I have noticed when I run a continuous ping from a pc on my LAN to say 8.8.8.8, I get about perfect 50% packet loss, about every other packet comes thru. If i keep the ping running and reboot the pfsense box, it'll go down for a minute while pf reboots. funny thing is it will start pinging 100% for about a minute or so, I'm assuming until pf fully finishes booting and then starts doing whatever it is that causes the issue. I'm running intel Pro/1000 4-port cards, also tried the onboard, same thing. 2 Different, default (fresh) installs on 2 different boxes with different hardware. Also, I ran a winmtr test and this is what I got. Seems like it's making it to the cable modem (Spectrum for me), but dying as soon as it gets into their network. The first hop is the spectrum router I tossed in line to see if it was hardware. Another funny quirk I've found, is if I run a laptop on the Spectrum router without the pfsense box connected, I can ping all day long. As soon as the network port for the pfsense box comes up, give it 5-30 seconds and it goes right back to misbehaving, both on the laptop and the pfbox/LAN. Thanks
-
@t309 sucks for you, l but I'm glad I'm not the only one. I've been running over the Xfinity modem/router all day long without skipping a bit. I can't remember when was the last time my IOT devices are this stable. I have not received a "something went wrong" with google home throughout the day.
I really hope we can get to the bottom of this because as I've mentioned, I hate ISP provided equipment and prefer not to use off the ship routers, i have enough of those.
If we can keep this thread open maybe some smart people can figure it out.
-
Mmm, I can't really see it being the NIC either to be honest. Hard to see what it could be though. If I hit that here I'd probably swapping out the hardware entirely to confirm it's not something there.
Steve
