Upgraded Production Box To V2.6RC
-
Today, I had a wild hair up my rear end which took me on a surprise journey...upgrading my production box from pfSense 2.5.2 to v2.6RC. First,
it took a while to initialize the process, then appears to gave up; so I reboot the box then proceed with the upgrade. This time it just flew.So, I'll be able to participate throughout the final stage of v2.6 development process til release at which time I'll do a fresh install and restore configuration. So far, all is good.
-
Kept seeing dpinger stop and when I check the log process ID 31243 WAN_DHCP sento error 64. So far, it only know after I have been away for a little while, and I return I see the on dashboard dpinger had stop. Scrooling through the log reveals:Clear latency 8141us stddev 11853us loss 20%. then: Alarm latency 6922us stddev 905us loss 21%m followed by: Clear latency 11514us stddev 28171us loss 9% then process ID 31243 sento error 65.
Is there any tuning I could do?
-
The latest error from dpinger error code 50:
Feb 11 10:50:58 dpinger 11205 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr xx.xxx.xxx.xxx bind_addr xx.xxx.xxx.xxx identifier "WAN_DHCP "
Is there any tuning I need to do?
-
The pass few nights shortly after midnight, dpinger seems to get into sento error 50. From here: https://docs.netgate.com/pfsense/en/latest/troubleshooting/gateway-errors.html
It seems that sometimes the error has to do with memory buffer, or sometimes it could be an Ethernet cable going bad, stale state, etc.So, the issue may have nothing to do with pfSense v2.6RC and the first potential solution I'll try is changed the cable, then, if it continues to try tuning.
Well, after checking Mbuf, I changed it to equal 1,000,000 (of course without the comma) since I am running 32GB RAM on a 64bit system and will continue to monitor.
-
So, dpinger seems to be happy with the tuning I have made. This morning, I was greeted with this crash report below. If you're wondering, yes, I have Suricata on WAN and Snort on LAN and on the DMZ...this is my personal setup and is not recommended by the package maintainer for full disclaimer. I have using this since v2.4 with no problem...I just don't use the same rules set.
-
Does anyone need to reply or you just keep going talking to yourself??
-
@cool_corona said in Upgraded Production Box To V2.6RC:
Does anyone need to reply or you just keep going talking to yourself??
Well, you did reply; so, I wasn't just talking to myself, isn't it?
I am running the release candidate in production mode and sharing my experience for others including the developers. It wouldn't make sense just to create another thread so I post here. The whole purpose of open source software is for community sharing to help perfect the application.
Thank you for responding.
-
This is the perfect way to end this v2.6RC thread, isn't it?
