pfSense Plus software version 22.05 is now available for upgrades!
-
@dgall uninstalled squid and 2 reboots later everything is working
-
I upgraded from 22.01 to 22.05 and I now have 100% CPU usage for the last day. When I disable pfBlockerNG it goes back to normal. As soon as I re-enable it the CPU goes back to 100% it was working fine on 22.01, what is the best way to diagnose why pfBlockerNG is now using 100% CPU usage?
Thanks
Rockyuk
-
Reminder: If you have issues, start a new thread in an appropriate category (e.g. General pfSense Questions).
This thread is an announcement and not intended for diagnosing problems.
-
@rockyuk I don't know why you are at 100% cpu usage with pfBlocker. For me it was the downloading and installing of the UTI adult category. I watched the processes on TOP and they pretty well told the story. Dropping to the command line and running
top -aSH
helps to understand the processes that are using up the cycles.
Roy
-
Upgrade from 22.01 to 22.05 on my SG-1000 was successful (only Bandwidthd package installed). It always takes 15+ minutes to reboot and come back up, but it's working.
Mark
-
I have upgraded main Router and two of my smaller router to 22.05. With this in mind I ran a test on a small router first. The upgrade went perfect and the upgrade did install perfectly. Now for the problem. If you run openvpn's new version on both router for a site to site vpn I can not get them to stay up at all. They connect fine then drop. I currently run it as TCP. but here is what I have tried all while taking down smaller sites all day yesterday to try to fix this issue.
- I change the connection to UDP instead of TCP (added the firewall rule)
- I changed the SHA to SHA512
- I created a TLS KEY for HMAC Auth and Shared that between the 2
- I removed all Encryption Algos except AES-256-GCM on both for main and fall back
- I remove DH
And it still will not stay connected...
However if you run 21.05 to 22.05 it will work fine.
Thank you
-
So what are your Ping settings set at?
I lost my network periodically and had to change my ping setting
Ping settings
Inactive
Causes OpenVPN to exit after n seconds of inactivity on the TUN/TAP device.
Activity is based on the last incoming or outgoing tunnel packet (not control or keep-alive packets).
A value of 0 disables this feature.WARNING: Use with caution. When triggered, the client process will exit and it will not automatically restart.
Ping method
keepalive helper uses interval and timeout parameters to define ping and ping-restart values as follows:
ping = interval
ping-restart = timeout
Interval
Timeout -
@reberhar cut and past didn't get it. I am at 10 and 300
-
@reberhar You can also set a service watchdog (install package) to keep the openvpn service running if disconnects. This has been an issue with OpenVPN site to site for a very long time - when disconnects seems it never reconnects by itself again.
-
@brians Yes you are right. It is a pain in the neck when you must rely on tunnel and it is not there. The ping change is a little easier.
-
This post is deleted! -
M marcosm unpinned this topic on
