• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

[solved] pfSense (2.6.0 & 22.01 ) is very slow on Hyper-V

Virtualization
36
187
102.9k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    Bob.Dig LAYER 8
    last edited by Bob.Dig Jun 29, 2023, 6:28 PM Feb 15, 2022, 8:32 AM

    https://redmine.pfsense.org/issues/12873

    ⏩⏩Solved in pfSense Plus Version 22.05 and 2.7.0

    ⏩ Try disabling RSC, see here.


    After Upgrading my pfSense install from 2.5.2 to 2.6 (and later to 22.01) on Hyper-V I noticed that I couldn't copy any files from a SMB-Share in another VLAN anymore. Explorer is showing the content of the folder but the copy dialog is never beginning the copy-job. 😞

    Or to more precise, I tried to copy a file from a Windows Virtual machine, which is in a VLAN on an external Hyper-V switch, which is shared with the host, to another host on the real Switch in the default LAN, which is not a VLAN in pfSense.
    But also happens on inter VLAN-communication between VMs on the same host using the external switch.

    Restored the pfSense to before the upgrade and everything is working again.

    Edit: Problem also occurs when only updating to 2.6.0
    Speed is super slow.
    login-to-view

    Hyper-V on WinServer 2022.

    1 Reply Last reply Reply Quote 3
    • B Bob.Dig referenced this topic on Feb 15, 2022, 8:47 AM
    • B Bob.Dig referenced this topic on Feb 15, 2022, 8:48 AM
    • D
      DD
      last edited by DD Feb 15, 2022, 12:32 PM Feb 15, 2022, 12:30 PM

      We have problem on Hyper-V too. After upgrade from 2.5.2CE -> 2.6CE. Internet speed is very unstable and very slow. We are using Hyper-V 2019, pfSense VM is Gen2.
      After downgrade (restore from backup) to 2.5.2 everything is ok.

      B N 2 Replies Last reply Feb 15, 2022, 12:53 PM Reply Quote 0
      • B
        Bob.Dig LAYER 8 @DD
        last edited by Bob.Dig Feb 15, 2022, 12:56 PM Feb 15, 2022, 12:53 PM

        @dd Internet speed was good here. But I do use a socks proxy in another vlan and with that the speed was also very slow.

        1 Reply Last reply Reply Quote 0
        • B Bob.Dig referenced this topic on Feb 15, 2022, 1:11 PM
        • S
          stephenw10 Netgate Administrator
          last edited by Feb 15, 2022, 2:33 PM

          Are you using VLANs on hn(4) directly? Either or both of you?

          Steve

          B D 2 Replies Last reply Feb 15, 2022, 2:48 PM Reply Quote 0
          • B
            Bob.Dig LAYER 8 @stephenw10
            last edited by Bob.Dig Feb 15, 2022, 5:50 PM Feb 15, 2022, 2:48 PM

            @stephenw10 I do, because back in the day, pfSense didn't supported my intel NIC via DDA anymore.

            But I only have one NIC for LAN, that is why I only have one Subnet without VLAN.
            Internet speed is also good in the VLANs. So the problem might be not VLAN specific, but for all "LAN-routing". Can't tell for sure.


            login-to-view

            login-to-view

            1 Reply Last reply Reply Quote 0
            • D
              DD @stephenw10
              last edited by Feb 15, 2022, 2:50 PM

              @stephenw10 We are using directly adapters. We have 50/50Mbit internet line and after upgrade to pfSense 2.6 upload speed was about 0.07Mbit/s only, download was ok. Sometimes ok and sometimes very slow. Now we have another customer that he have same problem. After downgrade everything is ok.

              S 1 Reply Last reply Feb 15, 2022, 6:09 PM Reply Quote 0
              • B Bob.Dig referenced this topic on Feb 15, 2022, 5:45 PM
              • B Bob.Dig referenced this topic on Feb 15, 2022, 5:45 PM
              • B Bob.Dig referenced this topic on Feb 15, 2022, 5:46 PM
              • B Bob.Dig referenced this topic on Feb 15, 2022, 5:53 PM
              • S
                stephenw10 Netgate Administrator @DD
                last edited by Feb 15, 2022, 6:09 PM

                @dd said in After Upgrade inter VLAN communication very slow on Hyper-V:

                We are using directly adapters.

                Like pass-though hardware with the native drivers?

                @bob-dig said in After Upgrade inter VLAN communication very slow on Hyper-V:

                I do, because back in the day, pfSense didn't supported my intel NIC via DDA anymore.

                Have you tried disabling AltQ support for hn in Sys > Adv > Networking?

                This feels like some sort of hardware off-loading issue. It would be good to compare the ifconfig -vvv output for one of the hn NICs between 2.5.2 and 2.6.0.

                Steve

                B D M 3 Replies Last reply Feb 15, 2022, 6:15 PM Reply Quote 0
                • B
                  Bob.Dig LAYER 8 @stephenw10
                  last edited by Bob.Dig Feb 15, 2022, 6:25 PM Feb 15, 2022, 6:15 PM

                  @stephenw10 That is how it is looking for me all the time.

                  login-to-view

                  Could you please write out the complete command for a noob for comparison?

                  1 Reply Last reply Reply Quote 0
                  • D
                    DD @stephenw10
                    last edited by Feb 15, 2022, 6:19 PM

                    @stephenw10 No pass-though adapters, I meant that I have virtual switches WAN, LAN, DMZ and VM has three adapters connected to these switches.

                    1 Reply Last reply Reply Quote 0
                    • M
                      mxkied2 @stephenw10
                      last edited by Feb 15, 2022, 7:40 PM

                      @stephenw10 I am experiencing the same issue as others have mentioned, running pfsense in hyper-v and after the upgrade to 2.6 my wan speeds are about 10% of what they were before. I ran the ifconfig -vvv command you mentioned and then reverted to a snapshot just before the upgrade to 2.6 (so back to 2.5.2) and compared the results and they are exactly the same (via compare tool not just visual compare) with the only exception being the last line PID number which is expected.

                      I also tried the AltQ suggestion which mine was enabled, so I tried disabling it and the wan speeds are still 10% of expected. Hope this helps.

                      1 Reply Last reply Reply Quote 1
                      • S
                        stephenw10 Netgate Administrator
                        last edited by Feb 15, 2022, 7:46 PM

                        So like:

                        [22.01-RELEASE][admin@azure8.stevew.lan]/root: ifconfig -vvvm hn0
                        hn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                        	options=48001b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,LINKSTATE,TXCSUM_IPV6>
                        	capabilities=48071b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,TSO4,TSO6,LRO,LINKSTATE,TXCSUM_IPV6>
                        	ether 00:22:48:4a:f3:4a
                        	inet6 fe80::222:48ff:fe4a:f34a%hn0 prefixlen 64 scopeid 0x5
                        	inet 10.0.0.5 netmask 0xffffff00 broadcast 10.0.0.255
                        	media: Ethernet autoselect (10Gbase-T <full-duplex>)
                        	status: active
                        	supported media:
                        		media autoselect
                        	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                        

                        That from an Azure instance where there doesn't seem to be an issue.

                        Steve

                        M 1 Reply Last reply Feb 15, 2022, 8:01 PM Reply Quote 1
                        • M
                          mxkied2 @stephenw10
                          last edited by Feb 15, 2022, 8:01 PM

                          @stephenw10 Only difference I have other than the ether, inet6 and inet address lines (obviously) is the first line I have PROMISC

                          hn0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500

                          1 Reply Last reply Reply Quote 0
                          • S
                            stephenw10 Netgate Administrator
                            last edited by stephenw10 Feb 15, 2022, 11:22 PM Feb 15, 2022, 11:20 PM

                            Do you have VLANs? Snort/Suricata? Other packages? There are a few things that can put the interface in promiscuous mode. Not that it would expected to cause a problem.

                            There are a lot of Hyper-V users though and only a few of you seeming to hit this. You must have something set differently. Try to detail exactly how you have hyper-v setup to find some commonality.

                            Steve

                            M 1 Reply Last reply Feb 16, 2022, 8:37 PM Reply Quote 0
                            • S stephenw10 referenced this topic on Feb 16, 2022, 1:48 AM
                            • S stephenw10 referenced this topic on Feb 16, 2022, 1:48 AM
                            • B
                              boelter
                              last edited by boelter Feb 16, 2022, 2:27 AM Feb 16, 2022, 2:07 AM

                              Same here -- some context. I've been troubleshooting this for about a day now. Using HPE/Broadcom LOMs I'm getting 2/1Mb (1000/200Mb connection) on 2.6. Switching to Intel x450-T2s I end up getting 90/90Mb... odd. Failing over to old watchguard h/w I get full speeds.

                              I have also installed from scratch taking all defaults and get the same results -- some correlation between Hyper-V and the NICs used.

                              Here's ifconfig -vvv on 2.6.0 (this one is a restore from 2.6 conf backup, not from scratch):

                              [2.6.0-RELEASE][admin@pfSense]/root: ifconfig -vvv
                              enc0: flags=41<UP,RUNNING> metric 0 mtu 1536
                                      groups: enc
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
                                      options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
                                      inet6 ::1 prefixlen 128
                                      inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
                                      inet 127.0.0.1 netmask 0xff000000
                                      groups: lo
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              pflog0: flags=100<PROMISC> metric 0 mtu 33160
                                      groups: pflog
                              pfsync0: flags=41<UP,RUNNING> metric 0 mtu 1500
                                      pfsync: syncdev: hn1 syncpeer: 192.168.1.2 maxupd: 128 defer: off
                                      syncok: 1
                                      groups: pfsync
                              hn0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      description: LAN
                                      options=48001b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,LINKSTATE,TXCSUM_IPV6>
                                      ether 00:15:5d:08:0b:05
                                      inet6 fe80::215:5dff:fe08:b05%hn0 prefixlen 64 scopeid 0x5
                                      inet 10.42.0.10 netmask 0xffff0000 broadcast 10.42.255.255
                                      inet 10.42.0.1 netmask 0xffff0000 broadcast 10.42.255.255 vhid 3
                                      carp: BACKUP vhid 3 advbase 1 advskew 254
                                      media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                      status: active
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              hn1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      description: OPT1
                                      options=48001b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,LINKSTATE,TXCSUM_IPV6>
                                      ether 00:15:5d:08:0b:07
                                      inet6 fe80::215:5dff:fe08:b07%hn1 prefixlen 64 scopeid 0x6
                                      inet 192.168.1.10 netmask 0xffffff00 broadcast 192.168.1.255
                                      media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                      status: active
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              hn2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      description: WAN
                                      options=48001b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,LINKSTATE,TXCSUM_IPV6>
                                      ether 00:15:5d:08:0b:06
                                      inet6 fe80::215:5dff:fe08:b06%hn2 prefixlen 64 scopeid 0x7
                                      inet <pubIP> netmask 0xfffffe00 broadcast <pubIP>
                                      inet 10.43.0.1 netmask 0xffff0000 broadcast 10.43.255.255 vhid 1
                                      carp: BACKUP vhid 1 advbase 1 advskew 254
                                      media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                      status: active
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      options=800000<>
                                      ether 00:00:00:00:00:00
                                      inet6 fe80::215:5dff:fe08:b05%lagg0 prefixlen 64 scopeid 0x8
                                      laggproto none lagghash l2,l3,l4
                                      lagg options:
                                              flags=0<>
                                              flowid_shift: 16
                                      lagg statistics:
                                              active ports: 0
                                              flapping: 0
                                      groups: lagg
                                      media: Ethernet autoselect
                                      status: no carrier
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              hn0.42: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      description: IOT
                                      options=80000<LINKSTATE>
                                      ether 00:15:5d:08:0b:05
                                      inet6 fe80::215:5dff:fe08:b05%hn0.42 prefixlen 64 scopeid 0x9
                                      inet 172.16.42.1 netmask 0xffffff00 broadcast 172.16.42.255
                                      groups: vlan
                                      vlan: 42 vlanpcp: 0 parent interface: hn0
                                      media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                      status: active
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              hn0.88: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      description: CAMERAS
                                      options=80000<LINKSTATE>
                                      ether 00:15:5d:08:0b:05
                                      inet6 fe80::215:5dff:fe08:b05%hn0.88 prefixlen 64 scopeid 0xa
                                      inet 172.16.88.1 netmask 0xffffff00 broadcast 172.16.88.255
                                      groups: vlan
                                      vlan: 88 vlanpcp: 0 parent interface: hn0
                                      media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                      status: active
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              ovpns1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
                                      options=80000<LINKSTATE>
                                      inet6 fe80::215:5dff:fe08:b05%ovpns1 prefixlen 64 scopeid 0xb
                                      inet 172.16.0.1 --> 172.16.0.2 netmask 0xffffff00
                                      groups: tun openvpn
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                                      Opened by PID 14732
                              ovpns2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
                                      options=80000<LINKSTATE>
                                      inet6 fe80::215:5dff:fe08:b05%ovpns2 prefixlen 64 scopeid 0xc
                                      inet 172.16.1.1 --> 172.16.1.2 netmask 0xffffff00
                                      groups: tun openvpn
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                                      Opened by PID 58751
                              
                              

                              And 2.5.2:

                              enc0: flags=41<UP,RUNNING> metric 0 mtu 1536
                                      groups: enc
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
                                      options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
                                      inet6 ::1 prefixlen 128
                                      inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
                                      inet 127.0.0.1 netmask 0xff000000
                                      groups: lo
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              pflog0: flags=100<PROMISC> metric 0 mtu 33160
                                      groups: pflog
                              pfsync0: flags=41<UP,RUNNING> metric 0 mtu 1500
                                      pfsync: syncdev: hn1 syncpeer: 192.168.1.2 maxupd: 128 defer: off
                                      syncok: 1
                                      groups: pfsync
                              hn0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      description: LAN
                                      options=48001b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,LINKSTATE,TXCSUM_IPV6>
                                      ether 00:15:5d:08:0b:05
                                      inet6 fe80::215:5dff:fe08:b05%hn0 prefixlen 64 scopeid 0x5
                                      inet 10.42.0.10 netmask 0xffff0000 broadcast 10.42.255.255
                                      inet 10.42.0.1 netmask 0xffff0000 broadcast 10.42.255.255 vhid 3
                                      carp: MASTER vhid 3 advbase 1 advskew 0
                                      media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                      status: active
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              hn1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      description: OPT1
                                      options=48001b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,LINKSTATE,TXCSUM_IPV6>
                                      ether 00:15:5d:08:0b:07
                                      inet6 fe80::215:5dff:fe08:b07%hn1 prefixlen 64 scopeid 0x6
                                      inet 192.168.1.10 netmask 0xffffff00 broadcast 192.168.1.255
                                      media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                      status: active
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              hn2: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      description: WAN
                                      options=48001b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,LINKSTATE,TXCSUM_IPV6>
                                      ether 00:15:5d:08:0b:06
                                      inet6 fe80::215:5dff:fe08:b06%hn2 prefixlen 64 scopeid 0x7
                                      inet <pubIP> netmask 0xfffffe00 broadcast <pubIP>
                                      inet 10.43.0.1 netmask 0xffff0000 broadcast 10.43.255.255 vhid 1
                                      carp: MASTER vhid 1 advbase 1 advskew 0
                                      media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                      status: active
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              lagg0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      options=800000<>
                                      ether 00:00:00:00:00:00
                                      inet6 fe80::215:5dff:fe08:b05%lagg0 prefixlen 64 scopeid 0x8
                                      laggproto none lagghash l2,l3,l4
                                      lagg options:
                                              flags=0<>
                                              flowid_shift: 16
                                      lagg statistics:
                                              active ports: 0
                                              flapping: 0
                                      groups: lagg
                                      media: Ethernet autoselect
                                      status: no carrier
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              hn0.42: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      description: IOT
                                      options=80000<LINKSTATE>
                                      ether 00:15:5d:08:0b:05
                                      inet6 fe80::215:5dff:fe08:b05%hn0.42 prefixlen 64 scopeid 0x9
                                      inet 172.16.42.1 netmask 0xffffff00 broadcast 172.16.42.255
                                      groups: vlan
                                      vlan: 42 vlanpcp: 0 parent interface: hn0
                                      media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                      status: active
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              hn0.88: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                      description: cameras
                                      options=80000<LINKSTATE>
                                      ether 00:15:5d:08:0b:05
                                      inet6 fe80::215:5dff:fe08:b05%hn0.88 prefixlen 64 scopeid 0xa
                                      inet 172.16.88.1 netmask 0xffffff00 broadcast 172.16.88.255
                                      groups: vlan
                                      vlan: 88 vlanpcp: 0 parent interface: hn0
                                      media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                      status: active
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                              ovpns1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
                                      options=80000<LINKSTATE>
                                      inet6 fe80::215:5dff:fe08:b05%ovpns1 prefixlen 64 scopeid 0xb
                                      inet 172.16.0.1 --> 172.16.0.2 netmask 0xffffff00
                                      groups: tun openvpn
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                                      Opened by PID 83964
                              ovpns2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
                                      options=80000<LINKSTATE>
                                      inet6 fe80::215:5dff:fe08:b05%ovpns2 prefixlen 64 scopeid 0xc
                                      inet 172.16.1.1 --> 172.16.1.2 netmask 0xffffff00
                                      groups: tun openvpn
                                      nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                                      Opened by PID 13964
                              
                              

                              Will gladly provide more details as needed!

                              disclaimer that there may be some 'wtf?' items in those confs... I tinker... poorly, sometimes.

                              1 Reply Last reply Reply Quote 1
                              • W
                                wicked1
                                last edited by Feb 16, 2022, 2:15 AM

                                Me too..
                                Hyper-v. Intel i350-t4 nic. Everything fine in 2.5.2. In 2.6, I'm having issues w/ NAT reflection. Some banking type websites never load. And, everything is slow. About 1.7Mb, when it should be 400.

                                For my internal things where nat reflection isn't working, and for the bank logins which never load, if I kill the states, parts of the sites show up. Then I can wait a while and kill the states again, and another section of the site loads.
                                I think that's all I've got to add at the moment. I'm happy to test and get logs or whatever.

                                1 Reply Last reply Reply Quote 0
                                • D
                                  DonZalmrol
                                  last edited by Feb 16, 2022, 7:45 AM

                                  Same issues here on two sites. All worked well on v2.5.2 with normal speeds for my ISPs (+-300/30). Both virtualized on Hyper-V.

                                  Now the speeds are either very slow or very "wobbly"

                                  Specs of servers are almost the same:

                                  • HP DL380 Gen9
                                  • Intel Xeon E5-2650L V3
                                  • 192GB DDR4 ECC
                                  • Full flash SSD array
                                  • Server 2019
                                  • Gen2 machines
                                  • Each VLAN has its own network adapter from Hyper-V
                                  • Server A: (Mellanox) HP 10G 2-Port 546FLR SFP+ LOM in LACP with 10GB uplink
                                  • Server B: QLogic BCM578110-10GB in LACP with 2GB uplink

                                  Site A speed:
                                  login-to-view
                                  login-to-view

                                  Site B speed:
                                  login-to-view
                                  login-to-view
                                  Tested with enabling/disabling SR-IOV and VMQ, other hardware offloading is disabled per Netgates best-practices for Hyper-V.

                                  Tried also the suggested disabling of ALTQ and rebooted both firewalls = no real change in speeds.

                                  All NICs are horribly slow, inter-vlan traffic is so slow I cannot open certain programs that are hosted on another guest.

                                  HN0 output:
                                  login-to-view

                                  I noticed that when I do a ping test to one of my switches from my laptop via cable the reply time is quite high, the should be less then <1ms for healthy switches:
                                  login-to-view

                                  Note 1: The upgrade to v2.6.0 took a very long time for both FWs

                                  Note 2: From what I find on the internet/forums/Reddit is that is seems to be "only" happening to MS Hyper-V FWs, perhaps a faulty driver in FreeBSD?

                                  Note 3: Site B firewall is now running on v2.7.0 as a test -> no improvement.

                                  At this point planning to do a rollback, never done it for PFSense, so need to research it.

                                  If the Netgate team needs more information/ testing, I'll happily provide it.

                                  W 1 Reply Last reply Feb 16, 2022, 8:57 AM Reply Quote 2
                                  • D DonZalmrol referenced this topic on Feb 16, 2022, 7:51 AM
                                  • W
                                    whiteshadow @DonZalmrol
                                    last edited by Feb 16, 2022, 8:57 AM

                                    @donzalmrol : can you get a TCPDUMP and see if we have loss or other odd behavior's

                                    1 Reply Last reply Reply Quote 0
                                    • D DD referenced this topic on Feb 16, 2022, 9:07 AM
                                    • D DD referenced this topic on Feb 16, 2022, 9:08 AM
                                    • D DD referenced this topic on Feb 16, 2022, 9:10 AM
                                    • D
                                      DonZalmrol
                                      last edited by DonZalmrol Feb 16, 2022, 12:28 PM Feb 16, 2022, 9:49 AM

                                      @whiteshadow

                                      The TCP dump returns a 503 error when running, so I pulled a states dump for you

                                      The are currently 9151 states on my FW, so I've provided a very short & minor redacted overview so you can see inter(v)lan/wan communication.

                                      Better than nothing:

                                      ![c053bd75-b8d8-49c2-8b9d-cba0721263ca-image.png]([[error:parse-error]]) code_text
                                      Interface	Protocol	Source (original source) -> Destination (original destination)	State	Packets	Bytes
                                      VOICE	udp	X.X.70.100:5060 -> X.X.10.3:5060	MULTIPLE:MULTIPLE	592 / 411	290 KiB / 210 KiB
                                      CAMS	udp	X.X.80.20:17423 -> 34.250.216.38:6000	MULTIPLE:MULTIPLE	215 / 214	18 KiB / 15 KiB
                                      DATA	tcp	X.X.90.70:27820 -> 151.236.217.85:443	ESTABLISHED:ESTABLISHED	544 / 544	29 KiB / 52 KiB
                                      LAN	udp	X.X.65.101:54915 -> X.X.65.255:54915	NO_TRAFFIC:SINGLE	6.263 K / 0	1.74 MiB / 0 B
                                      DATA	udp	X.X.90.70:60922 -> X.X.90.255:32412	NO_TRAFFIC:SINGLE	1.064 K / 0	51 KiB / 0 B
                                      CAMS	udp	X.X.80.20:17423 -> 99.81.240.103:6000	MULTIPLE:MULTIPLE	215 / 214	18 KiB / 15 KiB
                                      LAN	udp	X.X.65.101:65512 -> X.X.90.10:53	MULTIPLE:MULTIPLE	38 / 33	3 KiB / 5 KiB
                                      WAN	udp	Site A IP:56833 -> 185.100.84.135:4431	MULTIPLE:MULTIPLE	109.301 K / 67.3 K	89.35 MiB / 8.50 MiB
                                      DATA	udp	X.X.90.70:38558 -> X.X.90.255:32414	NO_TRAFFIC:SINGLE	1.064 K / 0	51 KiB / 0 B
                                      WAN	tcp	Site A IP:44706 (X.X.90.70:27820) -> 151.236.217.85:443	ESTABLISHED:ESTABLISHED	543 / 544	29 KiB / 52 KiB
                                      LAN	tcp	X.X.65.101:59454 -> 51.104.30.131:443	ESTABLISHED:ESTABLISHED	294 / 228	28 KiB / 22 KiB
                                      WAN	tcp	Site A IP:36187 (X.X.65.101:59454) -> 51.104.30.131:443	ESTABLISHED:ESTABLISHED	294 / 228	28 KiB / 22 KiB
                                      LAN	tcp	X.X.65.101:59456 -> 52.114.92.88:443	ESTABLISHED:ESTABLISHED	397 / 592	84 KiB / 366 KiB
                                      VPNAC	icmp	openvpn..220.10:59534 -> openvpn..100.1:59534	0	10.368 K / 10.355 K	294 KiB / 293 KiB
                                      WAN	tcp	Site A IP:38134 (X.X.65.101:59456) -> 52.114.92.88:443	ESTABLISHED:ESTABLISHED	397 / 592	84 KiB / 366 KiB
                                      WAN	ipv6-icmp	IPV6 Address[58806] -> 2001:4860:4860::8888[58806]	NO_TRAFFIC:NO_TRAFFIC	10.366 K / 10.366 K	496 KiB / 496 KiB
                                      WAN	icmp	Site A IP:59176 -> 8.8.8.8:59176	0	10.367 K / 10.367 K	294 KiB / 294 KiB
                                      DATA	udp	X.X.90.70:50780 -> 239.255.255.250:1900	NO_TRAFFIC:SINGLE	533 / 0	67 KiB / 0 B
                                      DATA	udp	X.X.90.4:1024 -> X.X.90.1:123	MULTIPLE:MULTIPLE	84 / 84	6 KiB / 6 KiB
                                      LAN	tcp	X.X.65.101:59484 -> 20.54.37.73:443	ESTABLISHED:ESTABLISHED	245 / 129	17 KiB / 30 KiB
                                      WAN	tcp	Site A IP:35549 (X.X.65.101:59484) -> 20.54.37.73:443	ESTABLISHED:ESTABLISHED	245 / 129	17 KiB / 30 KiB
                                      IOT	udp	X.X.25.100:64149 -> X.X.25.1:53	MULTIPLE:MULTIPLE	60 / 60	4 KiB / 5 KiB
                                      WAN	udp	Site A IP:123 -> 109.68.160.220:123	MULTIPLE:MULTIPLE	65 / 65	5 KiB / 5 KiB
                                      WAN	udp	Site A IP:123 -> 188.165.224.178:123	MULTIPLE:MULTIPLE	65 / 65	5 KiB / 5 KiB
                                      WAN	udp	Site A IP:123 -> 87.233.197.123:123	MULTIPLE:MULTIPLE	65 / 65	5 KiB / 5 KiB
                                      WAN	udp	Site A IP:123 -> 185.159.125.100:123	MULTIPLE:MULTIPLE	65 / 65	5 KiB / 5 KiB
                                      DATA	udp	X.X.90.10:54826 -> X.X.65.99:161	NO_TRAFFIC:SINGLE	547 / 464	52 KiB / 57 KiB
                                      LAN	udp	X.X.90.10:54826 -> X.X.65.99:161	SINGLE:NO_TRAFFIC	547 / 0	52 KiB / 0 B
                                      WAN	udp	Site A IP:123 -> 45.83.233.8:123	MULTIPLE:MULTIPLE	66 / 56	5 KiB / 4 KiB
                                      WAN	udp	Site A IP:123 -> 45.87.77.15:123	MULTIPLE:MULTIPLE	65 / 65	5 KiB / 5 KiB
                                      DATA	udp	X.X.30.31:35453 -> X.X.90.30:3478	MULTIPLE:MULTIPLE	178 / 178	10 KiB / 15 KiB
                                      WAN	esp	Site B IP -> Site A IP	MULTIPLE:MULTIPLE	66.862 K / 72.161 K	18.25 MiB / 33.13 MiB
                                      DATA	udp	X.X.30.32:47631 -> X.X.90.30:3478	MULTIPLE:MULTIPLE	178 / 178	10 KiB / 15 KiB
                                      LAN	tcp	X.X.65.101:49416 -> 20.54.37.73:443	ESTABLISHED:ESTABLISHED	188 / 99	19 KiB / 23 KiB
                                      WAN	tcp	Site A IP:32590 (X.X.65.101:49416) -> 20.54.37.73:443	ESTABLISHED:ESTABLISHED	188 / 99	19 KiB / 23 KiB
                                      LAN	tcp	X.X.65.101:59602 -> 217.146.21.137:5938	ESTABLISHED:ESTABLISHED	517 / 474	176 KiB / 271 KiB
                                      IPsec	udp	X.X.30.32:47631 -> X.X.90.30:3478	MULTIPLE:MULTIPLE	178 / 178	10 KiB / 15 KiB
                                      WAN	tcp	Site A IP:61981 (X.X.65.101:59602) -> 217.146.21.137:5938	ESTABLISHED:ESTABLISHED	517 / 474	176 KiB / 271 KiB
                                      LAN	udp	X.X.65.1:52209 -> 239.255.255.250:1900	SINGLE:NO_TRAFFIC	3.916 K / 0	1.77 MiB / 0 B
                                      LAN	tcp	X.X.65.101:59603 -> 35.83.91.138:443	ESTABLISHED:ESTABLISHED	40 / 52	4 KiB / 10 KiB
                                      WAN	tcp	Site A IP:39983 (X.X.65.101:59603) -> 35.83.91.138:443	ESTABLISHED:ESTABLISHED	40 / 52	4 KiB / 10 KiB
                                      IPsec	udp	X.X.30.31:35453 -> X.X.90.30:3478	MULTIPLE:MULTIPLE	178 / 178	10 KiB / 15 KiB
                                      IPsec	udp	X.X.30.30:56690 -> X.X.90.30:3478	MULTIPLE:MULTIPLE	178 / 178	10 KiB / 15 KiB
                                      IPsec	udp	X.X.10.3:5060 -> X.X.70.100:5060	MULTIPLE:MULTIPLE	411 / 587	210 KiB / 287 KiB
                                      DATA	tcp	X.X.90.30:41948 -> 52.36.125.178:8883	ESTABLISHED:ESTABLISHED	373 / 212	28 KiB / 25 KiB
                                      WAN	tcp	Site A IP:40143 (X.X.90.30:41948) -> 52.36.125.178:8883	ESTABLISHED:ESTABLISHED	373 / 212	28 KiB / 25 KiB
                                      DATA	udp	X.X.30.30:56690 -> X.X.90.30:3478	MULTIPLE:MULTIPLE	178 / 178	10 KiB / 15 KiB
                                      DATA	udp	X.X.90.30:3478 -> X.X.30.33:35855	MULTIPLE:MULTIPLE	179 / 178	15 KiB / 10 KiB
                                      IPsec	udp	X.X.90.30:3478 -> X.X.30.33:35855	MULTIPLE:MULTIPLE	179 / 178	15 KiB / 10 KiB
                                      WAN	udp	Site A IP:40339 (X.X.80.20:17423) -> 99.81.240.103:6000	MULTIPLE:MULTIPLE	214 / 214	18 KiB / 15 KiB
                                      WAN	udp	Site A IP:23739 (X.X.80.20:17423) -> 34.250.216.38:6000	MULTIPLE:MULTIPLE	214 / 214	18 KiB / 15 KiB
                                      DATA	udp	X.X.90.30:1900 -> 239.255.255.250:1900	NO_TRAFFIC:SINGLE	267 / 0	77 KiB / 0 B
                                      LAN	tcp	X.X.65.101:59614 -> 52.97.183.194:443	ESTABLISHED:ESTABLISHED	421 / 591	206 KiB / 257 KiB
                                      WAN	tcp	Site A IP:13434 (X.X.65.101:59614) -> 52.97.183.194:443	ESTABLISHED:ESTABLISHED	421 / 591	206 KiB / 257 KiB
                                      DATA	udp	X.X.65.101:65512 -> X.X.90.10:53	MULTIPLE:MULTIPLE	37 / 33	2 KiB / 5 KiB
                                      IPsec	udp	X.X.30.35:49238 -> X.X.90.30:3478	MULTIPLE:MULTIPLE	178 / 177	10 KiB / 15 KiB
                                      VOICE	udp	X.X.70.100:5060 -> Site B IP:5060	NO_TRAFFIC:SINGLE	483 / 0	307 KiB / 0 B
                                      WAN	udp	Site A IP:16751 (X.X.70.100:5060) -> Site B IP:5060	SINGLE:NO_TRAFFIC	483 / 0	307 KiB / 0 B
                                      DATA	udp	X.X.30.35:49238 -> X.X.90.30:3478	MULTIPLE:MULTIPLE	178 / 177	10 KiB / 15 KiB
                                      DATA	udp	X.X.90.50:60719 -> X.X.65.99:161	NO_TRAFFIC:SINGLE	348 / 281	37 KiB / 38 KiB
                                      LAN	udp	X.X.90.50:60719 -> X.X.65.99:161	SINGLE:NO_TRAFFIC	348 / 0	37 KiB / 0 B
                                      DATA	udp	X.X.90.65:51413 -> 93.158.213.92:1337	MULTIPLE:MULTIPLE	67 / 67	5 KiB / 10 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 93.158.213.92:1337	MULTIPLE:MULTIPLE	67 / 67	5 KiB / 10 KiB
                                      DATA	udp	X.X.90.65:51413 -> 186.10.172.120:1337	MULTIPLE:MULTIPLE	57 / 57	4 KiB / 7 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 186.10.172.120:1337	MULTIPLE:MULTIPLE	57 / 57	4 KiB / 7 KiB
                                      DATA	udp	X.X.90.65:51413 -> 185.181.60.155:80	MULTIPLE:MULTIPLE	57 / 57	4 KiB / 6 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 185.181.60.155:80	MULTIPLE:MULTIPLE	57 / 57	4 KiB / 6 KiB
                                      DATA	udp	X.X.90.65:51413 -> 45.152.209.49:63510	MULTIPLE:MULTIPLE	204 / 204	28 KiB / 38 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 45.152.209.49:63510	MULTIPLE:MULTIPLE	204 / 204	28 KiB / 38 KiB
                                      DATA	udp	X.X.90.3:123 -> X.X.90.1:123	MULTIPLE:MULTIPLE	81 / 81	6 KiB / 6 KiB
                                      DATA	udp	X.X.90.65:51413 -> 193.77.58.163:49486	MULTIPLE:MULTIPLE	442 / 369	42 KiB / 59 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 193.77.58.163:49486	MULTIPLE:MULTIPLE	442 / 369	42 KiB / 59 KiB
                                      DATA	udp	X.X.90.65:51413 -> 208.83.20.20:6969	MULTIPLE:MULTIPLE	70 / 69	5 KiB / 9 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 208.83.20.20:6969	MULTIPLE:MULTIPLE	70 / 69	5 KiB / 9 KiB
                                      IPsec	tcp	X.X.30.50:50774 -> X.X.90.50:389	ESTABLISHED:ESTABLISHED	179 / 90	28 KiB / 30 KiB
                                      IPsec	tcp	X.X.30.10:59464 -> X.X.90.50:389	ESTABLISHED:ESTABLISHED	179 / 90	28 KiB / 30 KiB
                                      DATA	udp	X.X.90.65:51413 -> 49.12.86.202:6888	MULTIPLE:MULTIPLE	33 / 32	4 KiB / 4 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 49.12.86.202:6888	MULTIPLE:MULTIPLE	33 / 32	4 KiB / 4 KiB
                                      DATA	udp	X.X.90.65:51413 -> 192.184.193.177:53687	MULTIPLE:MULTIPLE	170 / 168	25 KiB / 27 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 192.184.193.177:53687	MULTIPLE:MULTIPLE	170 / 168	25 KiB / 27 KiB
                                      DATA	tcp	X.X.30.10:59464 -> X.X.90.50:389	ESTABLISHED:ESTABLISHED	179 / 90	28 KiB / 30 KiB
                                      DATA	tcp	X.X.30.50:50774 -> X.X.90.50:389	ESTABLISHED:ESTABLISHED	179 / 90	28 KiB / 30 KiB
                                      CAMS	tcp	X.X.80.20:51382 -> 3.249.4.57:31006	ESTABLISHED:ESTABLISHED	586 / 424	171 KiB / 17 KiB
                                      WAN	tcp	Site A IP:1105 (X.X.80.20:51382) -> 3.249.4.57:31006	ESTABLISHED:ESTABLISHED	586 / 424	171 KiB / 17 KiB
                                      CAMS	tcp	X.X.80.22:38743 -> 52.16.133.176:6800	ESTABLISHED:ESTABLISHED	156 / 152	37 KiB / 11 KiB
                                      WAN	tcp	Site A IP:35184 (X.X.80.22:38743) -> 52.16.133.176:6800	ESTABLISHED:ESTABLISHED	156 / 152	37 KiB / 11 KiB
                                      LAN	udp	X.X.65.101:51999 -> 52.114.88.86:3478	MULTIPLE:MULTIPLE	95 / 176	31 KiB / 29 KiB
                                      WAN	udp	Site A IP:38817 (X.X.65.101:51999) -> 52.114.88.86:3478	MULTIPLE:MULTIPLE	95 / 176	31 KiB / 29 KiB
                                      DATA	tcp	X.X.90.50:54785 -> X.X.30.50:49751	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      IPsec	tcp	X.X.90.50:54785 -> X.X.30.50:49751	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      DATA	tcp	X.X.30.50:50789 -> X.X.90.50:51553	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      DATA	tcp	X.X.30.10:59485 -> X.X.90.50:51553	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      DATA	tcp	X.X.90.50:54789 -> X.X.30.10:56896	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      IPsec	tcp	X.X.90.50:54789 -> X.X.30.10:56896	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      IPsec	tcp	X.X.30.50:50789 -> X.X.90.50:51553	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      IPsec	tcp	X.X.30.50:50793 -> X.X.90.10:53367	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      DATA	tcp	X.X.90.10:54915 -> X.X.30.10:56896	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      IPsec	tcp	X.X.90.10:54915 -> X.X.30.10:56896	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      DATA	tcp	X.X.30.10:59481 -> X.X.90.10:53367	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      DATA	tcp	X.X.30.50:50793 -> X.X.90.10:53367	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      IPsec	tcp	X.X.30.10:59485 -> X.X.90.50:51553	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      IPsec	tcp	X.X.30.10:59481 -> X.X.90.10:53367	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      DATA	udp	X.X.90.65:51413 -> 185.38.14.195:13709	MULTIPLE:MULTIPLE	137 / 136	17 KiB / 18 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 185.38.14.195:13709	MULTIPLE:MULTIPLE	137 / 136	17 KiB / 18 KiB
                                      CAMS	tcp	X.X.80.21:56003 -> 52.17.254.178:6800	ESTABLISHED:ESTABLISHED	155 / 150	37 KiB / 11 KiB
                                      WAN	tcp	Site A IP:57272 (X.X.80.21:56003) -> 52.17.254.178:6800	ESTABLISHED:ESTABLISHED	155 / 150	37 KiB / 11 KiB
                                      DATA	tcp	X.X.90.10:54924 -> X.X.30.50:49751	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      IPsec	tcp	X.X.90.10:54924 -> X.X.30.50:49751	ESTABLISHED:ESTABLISHED	23 / 22	4 KiB / 2 KiB
                                      LAN	tcp	X.X.65.101:64367 -> 20.54.37.73:443	ESTABLISHED:ESTABLISHED	126 / 120	7 KiB / 13 KiB
                                      WAN	tcp	Site A IP:60327 (X.X.65.101:64367) -> 20.54.37.73:443	ESTABLISHED:ESTABLISHED	126 / 120	7 KiB / 13 KiB
                                      DATA	udp	X.X.90.65:51413 -> 85.224.212.37:22494	MULTIPLE:MULTIPLE	526 / 449	48 KiB / 82 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 85.224.212.37:22494	MULTIPLE:MULTIPLE	526 / 449	48 KiB / 82 KiB
                                      DATA	udp	X.X.90.65:51413 -> 94.60.204.24:11126	MULTIPLE:MULTIPLE	171 / 171	24 KiB / 28 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 94.60.204.24:11126	MULTIPLE:MULTIPLE	171 / 171	24 KiB / 28 KiB
                                      DATA	udp	X.X.90.65:51413 -> 111.201.55.100:23553	MULTIPLE:MULTIPLE	222 / 146	23 KiB / 23 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 111.201.55.100:23553	MULTIPLE:MULTIPLE	222 / 146	23 KiB / 23 KiB
                                      LAN	tcp	X.X.65.100:58508 -> 17.57.146.162:5223	ESTABLISHED:ESTABLISHED	150 / 149	34 KiB / 32 KiB
                                      WAN	tcp	Site A IP:13811 (X.X.65.100:58508) -> 17.57.146.162:5223	ESTABLISHED:ESTABLISHED	150 / 149	34 KiB / 32 KiB
                                      WAN	tcp	5.100.32.41:63430 -> Site A IP:443	FIN_WAIT_2:ESTABLISHED	184 / 262	19 KiB / 211 KiB
                                      WAN	tcp	5.100.32.41:63429 -> Site A IP:443	FIN_WAIT_2:ESTABLISHED	153 / 205	21 KiB / 134 KiB
                                      WAN	tcp	5.100.32.41:63444 -> Site A IP:443	FIN_WAIT_2:ESTABLISHED	100 / 105	5 KiB / 12 KiB
                                      LAN	udp	X.X.65.101:50005 -> 52.115.136.178:3480	MULTIPLE:MULTIPLE	80.818 K / 39.756 K	17.43 MiB / 5.91 MiB
                                      WAN	udp	Site A IP:2006 (X.X.65.101:50005) -> 52.115.136.178:3480	MULTIPLE:MULTIPLE	80.818 K / 39.756 K	17.43 MiB / 5.91 MiB
                                      LAN	udp	X.X.65.101:50021 -> 52.112.172.243:3478	MULTIPLE:MULTIPLE	153 / 153	37 KiB / 30 KiB
                                      WAN	udp	Site A IP:51518 (X.X.65.101:50021) -> 52.112.172.243:3478	MULTIPLE:MULTIPLE	153 / 153	37 KiB / 30 KiB
                                      LAN	udp	X.X.65.101:50045 -> 52.115.136.178:3481	MULTIPLE:MULTIPLE	60.36 K / 6.246 K	47.26 MiB / 1.12 MiB
                                      WAN	udp	Site A IP:49178 (X.X.65.101:50045) -> 52.115.136.178:3481	MULTIPLE:MULTIPLE	60.36 K / 6.246 K	47.26 MiB / 1.12 MiB
                                      DATA	udp	X.X.90.65:51413 -> 116.54.103.93:51413	MULTIPLE:MULTIPLE	143 / 141	17 KiB / 29 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 116.54.103.93:51413	MULTIPLE:MULTIPLE	143 / 141	17 KiB / 29 KiB
                                      LAN	udp	X.X.65.101:50005 -> 52.112.175.13:3478	MULTIPLE:MULTIPLE	153 / 153	37 KiB / 30 KiB
                                      WAN	udp	Site A IP:18532 (X.X.65.101:50005) -> 52.112.175.13:3478	MULTIPLE:MULTIPLE	153 / 153	37 KiB / 30 KiB
                                      LAN	udp	X.X.65.101:50042 -> 52.112.175.8:3478	MULTIPLE:MULTIPLE	153 / 152	37 KiB / 30 KiB
                                      WAN	udp	Site A IP:52439 (X.X.65.101:50042) -> 52.112.175.8:3478	MULTIPLE:MULTIPLE	153 / 152	37 KiB / 30 KiB
                                      LAN	udp	X.X.65.101:50042 -> 52.115.136.178:3480	MULTIPLE:MULTIPLE	3.445 K / 3.441 K	477 KiB / 352 KiB
                                      WAN	udp	Site A IP:19557 (X.X.65.101:50042) -> 52.115.136.178:3480	MULTIPLE:MULTIPLE	3.445 K / 3.441 K	477 KiB / 352 KiB
                                      LAN	udp	X.X.65.101:50021 -> 52.115.136.178:3480	MULTIPLE:MULTIPLE	236.582 K / 893.433 K	179.50 MiB / 869.62 MiB
                                      WAN	udp	Site A IP:29482 (X.X.65.101:50021) -> 52.115.136.178:3480	MULTIPLE:MULTIPLE	236.582 K / 893.433 K	179.50 MiB / 869.62 MiB
                                      DATA	udp	X.X.90.65:51413 -> 132.147.100.36:63465	MULTIPLE:MULTIPLE	131 / 131	19 KiB / 21 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 132.147.100.36:63465	MULTIPLE:MULTIPLE	131 / 131	19 KiB / 21 KiB
                                      DATA	udp	X.X.90.65:51413 -> 141.98.103.77:53831	MULTIPLE:MULTIPLE	340 / 351	31 KiB / 58 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 141.98.103.77:53831	MULTIPLE:MULTIPLE	340 / 351	31 KiB / 58 KiB
                                      DATA	tcp	X.X.90.65:24224 -> 194.5.49.226:6881	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:24224 (X.X.90.65:24224) -> 194.5.49.226:6881	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:36064 -> 154.160.24.40:12285	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:36064 (X.X.90.65:36064) -> 154.160.24.40:12285	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:15684 -> 124.168.48.234:49767	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:15684 (X.X.90.65:15684) -> 124.168.48.234:49767	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10775 -> 197.185.98.220:45682	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10775 (X.X.90.65:10775) -> 197.185.98.220:45682	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10778 -> 169.1.247.231:13285	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10778 (X.X.90.65:10778) -> 169.1.247.231:13285	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10790 -> 216.131.84.117:10951	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10790 (X.X.90.65:10790) -> 216.131.84.117:10951	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10794 -> 185.159.158.108:51413	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10794 (X.X.90.65:10794) -> 185.159.158.108:51413	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10817 -> 188.155.251.19:51413	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10817 (X.X.90.65:10817) -> 188.155.251.19:51413	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10825 -> 41.13.82.160:40464	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10825 (X.X.90.65:10825) -> 41.13.82.160:40464	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10826 -> 5.29.16.216:24616	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10826 (X.X.90.65:10826) -> 5.29.16.216:24616	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10829 -> 77.137.78.115:24616	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10829 (X.X.90.65:10829) -> 77.137.78.115:24616	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10832 -> 14.200.21.147:58070	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10832 (X.X.90.65:10832) -> 14.200.21.147:58070	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10835 -> 117.20.67.130:60637	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10835 (X.X.90.65:10835) -> 117.20.67.130:60637	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10844 -> 154.70.58.233:53333	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10844 (X.X.90.65:10844) -> 154.70.58.233:53333	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	udp	X.X.90.65:51413 -> 146.70.61.139:20121	MULTIPLE:MULTIPLE	354 / 296	35 KiB / 43 KiB
                                      VPNAC	udp	openvpn..220.10:51413 (X.X.90.65:51413) -> 146.70.61.139:20121	MULTIPLE:MULTIPLE	354 / 296	35 KiB / 43 KiB
                                      DATA	tcp	X.X.90.65:10847 -> 37.120.131.189:16881	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10847 (X.X.90.65:10847) -> 37.120.131.189:16881	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10856 -> 109.202.196.152:51413	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10856 (X.X.90.65:10856) -> 109.202.196.152:51413	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10860 -> 37.120.157.21:6882	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10860 (X.X.90.65:10860) -> 37.120.157.21:6882	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10796 -> 176.182.231.224:53033	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      VPNAC	tcp	openvpn..220.10:10796 (X.X.90.65:10796) -> 176.182.231.224:53033	SYN_SENT:CLOSED	1 / 0	60 B / 0 B
                                      DATA	tcp	X.X.90.65:10799 -> 119.18.2.241:51413	CLOSED:SYN_SENT	1 / 0	60 B / 0 B
                                      

                                      Update: was able to get a Wireshark capture of my WAN: https://cloud.gregoir.be/index.php/s/yf8awxHbDbpGDHm

                                      1 Reply Last reply Reply Quote 0
                                      • B
                                        Bob.Dig LAYER 8
                                        last edited by Bob.Dig Feb 16, 2022, 1:36 PM Feb 16, 2022, 1:35 PM

                                        Today tried changing settings wildly in Windows but nothing changed. Again, went back.

                                        2.5
                                        
                                        hn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                        	description: WAN
                                        	options=80018<VLAN_MTU,VLAN_HWTAGGING,LINKSTATE>
                                        	capabilities=48071b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,TSO4,TSO6,LRO,LINKSTATE,TXCSUM_IPV6>
                                        	ether 00:15:5d:8c:c0:1f
                                        	inet6 fe80::215:5dff:fe8c:c01f%hn0 prefixlen 64 scopeid 0x5
                                        	inet6 2003:da:a718:4300:215:5dff:fe8c:c01f prefixlen 128
                                        	inet 172.25.0.2 netmask 0xffffff00 broadcast 172.25.0.255
                                        	media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                        	status: active
                                        	supported media:
                                        		media autoselect
                                        	nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
                                        
                                        hn1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                        	description: LAN
                                        	options=80018<VLAN_MTU,VLAN_HWTAGGING,LINKSTATE>
                                        	capabilities=48071b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,TSO4,TSO6,LRO,LINKSTATE,TXCSUM_IPV6>
                                        	ether 00:15:5d:8a:c0:20
                                        	inet6 fe80::215:5dff:fe8a:c020%hn1 prefixlen 64 scopeid 0x6
                                        	inet6 fe80::1:1%hn1 prefixlen 64 scopeid 0x6
                                        	inet6 2003:da:a718:43f0:215:5dff:fe8a:c020 prefixlen 64
                                        	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
                                        	groups: GroupNTP GroupDNS
                                        	media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                        	status: active
                                        	supported media:
                                        		media autoselect
                                        	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                                        
                                        2.6
                                        
                                        hn0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                        	description: WAN
                                        	options=80018<VLAN_MTU,VLAN_HWTAGGING,LINKSTATE>
                                        	capabilities=48071b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,TSO4,TSO6,LRO,LINKSTATE,TXCSUM_IPV6>
                                        	ether 00:15:5d:8c:c0:1f
                                        	inet6 fe80::215:5dff:fe8c:c01f%hn0 prefixlen 64 scopeid 0x5
                                        	inet6 2003:da:a718:4300:215:5dff:fe8c:c01f prefixlen 64 autoconf
                                        	inet 172.25.0.2 netmask 0xffffff00 broadcast 172.25.0.255
                                        	media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                        	status: active
                                        	supported media:
                                        		media autoselect
                                        	nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
                                        
                                        hn1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
                                        	description: LAN
                                        	options=80018<VLAN_MTU,VLAN_HWTAGGING,LINKSTATE>
                                        	capabilities=48071b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,TSO4,TSO6,LRO,LINKSTATE,TXCSUM_IPV6>
                                        	ether 00:15:5d:8a:c0:20
                                        	inet6 fe80::215:5dff:fe8a:c020%hn1 prefixlen 64 scopeid 0x6
                                        	inet6 fe80::1:1%hn1 prefixlen 64 scopeid 0x6
                                        	inet6 2003:da:a718:43f0:215:5dff:fe8a:c020 prefixlen 64
                                        	inet 192.168.1.1 netmask 0xffffff00 broadcast 192.168.1.255
                                        	groups: GroupNTP GroupDNS
                                        	media: Ethernet autoselect (10Gbase-T <full-duplex>)
                                        	status: active
                                        	supported media:
                                        		media autoselect
                                        	nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>
                                        

                                        1 Reply Last reply Reply Quote 0
                                        • S
                                          stephenw10 Netgate Administrator
                                          last edited by Feb 16, 2022, 3:30 PM

                                          Only thing I've seen so far is this post on reddit:
                                          https://www.reddit.com/r/PFSENSE/comments/ssabdz/pfsense_plus_version_2201_and_pfsense_ce_version/hwznlap/

                                          Which suggests it's an issue with the VMQ support that is now functioning in 2.6.
                                          However it looks like several of you have tried running SR-IOV or were already with no improvement?

                                          Steve

                                          D 1 Reply Last reply Feb 16, 2022, 4:52 PM Reply Quote 0
                                          2 out of 187
                                          • First post
                                            2/187
                                            Last post
                                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.