Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense Locking Up With Large Downloads

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 4 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Rorinson
      last edited by

      Hello there,

      I've been using pFsense for a few months now and it's been fantastic - Still very much a new user but learning as I go.  Over the past week or so I've noticed a problem that seems to occur when downloading large files.  I don't often do large downloads so I can't say if this is a recent issue - I am using 2.3.3-RELEASE-p1).  It appears the pfsense box locks up until the download is finished.  Sometimes when this happens the box doesn't spring back to life and I have to shut it down and reboot.

      I tested this out today using a torrent application and downloaded a 9Gb torrent.  I am on a 200Mbps connection and I get near enough 200 when I've tested with speedtests and such.

      The torrent I tested was 9GB and I was getting about 25.5MiB/s after a few moments of starting it.  Browser worked fine as I navigated pages and such.  Then the torrent download dropped to about 5MiB/s and continued to slowly drop.  I could no longer use my browser, any internet applications etc.

      I have spent some time reading the forums here for a solution and some mentioned state tables could be an issue but currently mine sit at 778/396000 and don't climb that much above this even when the problem occurs.

      Others mentioned memory / cpu usage being a probable cause - I have 4GB RAM and a N3150 @ 1.60GHz machine (custom box I bought from Amazon a while ago just for pfSense).  According to the system information which I've watched as the problem occurs, memory is far from being fully consumed and CPU doesn't exceed about 70%.  The box does use Realtek NIC.

      The following is the log, I've copied from the exact moment it starts until the moment the pfsense box became completely unresponsive.  It mentiones hotplug issues - There is no problem with the cables I use, this problem only arises when large files are being downloaded.  The log also mentions "detected an IP change or dynamic WAN reconnection" - There is no IP change, and it's showing the same IP there twice.

      I do use SNORT and pfBlockerNG but I could not see anything in their logs relating to this problem.

      I'd really appreciate if someone could help me out with this problem.

      Jul 9 23:24:25 kernel re1: promiscuous mode enabled
      Jul 9 23:24:22 php-fpm 26305 /rc.newwanip: rc.newwanip: on (IP address: 86...) (interface: WAN[wan]) (real interface: re1).
      Jul 9 23:24:22 php-fpm 26305 /rc.newwanip: rc.newwanip: Info: starting on re1.
      Jul 9 23:24:17 php-fpm 56117 [pfBlockerNG] Starting cron process.
      Jul 9 23:24:16 SnortStartup 68549 Ignoring additional START command since Snort is already starting…
      Jul 9 23:24:16 php-fpm 56117 /rc.start_packages: Restarting/Starting all packages.
      Jul 9 23:24:16 check_reload_status Reloading filter
      Jul 9 23:24:16 check_reload_status updating dyndns wan
      Jul 9 23:24:14 check_reload_status Restarting ipsec tunnels
      Jul 9 23:24:14 php-fpm 56117 /rc.linkup: ROUTING: setting default route to 86.      ..
      Jul 9 23:24:14 check_reload_status rc.newwanip starting re1
      Jul 9 23:24:14 php-fpm 56117 /rc.linkup: HOTPLUG: Configuring interface wan
      Jul 9 23:24:14 php-fpm 56117 /rc.linkup: DEVD Ethernet attached event for wan
      Jul 9 23:24:14 check_reload_status Starting packages
      Jul 9 23:24:14 php-fpm 56117 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 86.      .      . -> 86... - Restarting packages.
      Jul 9 23:24:12 check_reload_status Linkup starting re1
      Jul 9 23:24:12 kernel re1: link state changed to UP
      Jul 9 23:24:12 php-fpm 56117 /rc.newwanip: Creating rrd update script
      Jul 9 23:24:12 php-fpm 56117 /rc.newwanip: Resyncing OpenVPN instances for interface WAN.
      Jul 9 23:24:11 kernel arpresolve: can't allocate llinfo for 86.      .      . on re1
      Jul 9 23:24:11 check_reload_status Reloading filter
      Jul 9 23:24:11 check_reload_status Restarting OpenVPN tunnels/interfaces
      Jul 9 23:24:11 check_reload_status Restarting ipsec tunnels
      Jul 9 23:24:11 check_reload_status updating dyndns WAN_DHCP
      Jul 9 23:24:10 check_reload_status Reloading filter
      Jul 9 23:24:09 php-fpm 34117 /rc.linkup: DEVD Ethernet detached event for wan
      Jul 9 23:24:08 check_reload_status Linkup starting re1
      Jul 9 23:24:08 kernel re1: link state changed to DOWN
      Jul 9 23:24:08 kernel re1: watchdog timeout
      Jul 9 23:24:08 php-fpm 56117 /rc.newwanip: ROUTING: setting default route to 86.      ..
      Jul 9 23:23:45 php-fpm 34117 [pfBlockerNG] Starting cron process.
      Jul 9 23:23:45 kernel re1: promiscuous mode disabled
      Jul 9 23:23:45 kernel pid 58728 (snort), uid 0: exited on signal 11
      Jul 9 23:23:45 SnortStartup 46574 Snort START for WANSNORT(33214_re1)…
      Jul 9 23:23:45 php-fpm 34117 /rc.start_packages: Restarting/Starting all packages.
      Jul 9 23:23:39 check_reload_status Starting packages
      Jul 9 23:23:39 php-fpm 24556 /rc.newwanip: pfSense package system has detected an IP change or dynamic WAN reconnection - 86.      .      . -> 86... - Restarting packages.
      Jul 9 23:23:37 php-fpm 24556 /rc.newwanip: Creating rrd update script
      Jul 9 23:23:37 php-fpm 24556 /rc.newwanip: Resyncing OpenVPN instances for interface WAN.
      Jul 9 23:23:34 php-fpm 34117 /rc.filter_configure_sync: dpinger: No dpinger session running for gateway WAN_DHCP
      Jul 9 23:23:34 php-fpm 24556 /rc.newwanip: ROUTING: setting default route to 86.      .      .
      Jul 9 23:23:33 php-fpm 56117 /rc.newwanip: rc.newwanip: on (IP address: 86.      ..) (interface: WAN[wan]) (real interface: re1).
      Jul 9 23:23:33 php-fpm 56117 /rc.newwanip: rc.newwanip: Info: starting on re1.
      Jul 9 23:23:32 check_reload_status Reloading filter
      Jul 9 23:23:32 check_reload_status updating dyndns wan
      Jul 9 23:23:30 check_reload_status Restarting ipsec tunnels
      Jul 9 23:23:30 php-fpm 56117 /rc.linkup: ROUTING: setting default route to 86.      .      .
      Jul 9 23:23:30 check_reload_status rc.newwanip starting re1
      Jul 9 23:23:29 php-fpm 56117 /rc.linkup: HOTPLUG: Configuring interface wan
      Jul 9 23:23:29 php-fpm 56117 /rc.linkup: DEVD Ethernet attached event for wan
      Jul 9 23:23:28 kernel re1: link state changed to UP
      Jul 9 23:23:28 check_reload_status Linkup starting re1
      Jul 9 23:23:26 check_reload_status Reloading filter
      Jul 9 23:23:25 check_reload_status Reloading filter
      Jul 9 23:23:25 check_reload_status Restarting OpenVPN tunnels/interfaces
      Jul 9 23:23:25 check_reload_status Restarting ipsec tunnels
      Jul 9 23:23:25 check_reload_status updating dyndns WAN_DHCP
      Jul 9 23:23:25 php-fpm 54612 /rc.linkup: DEVD Ethernet detached event for wan
      Jul 9 23:23:24 check_reload_status Linkup starting re1
      Jul 9 23:23:24 kernel re1: link state changed to DOWN
      Jul 9 23:23:24 kernel re1: watchdog timeout
      Jul 9 23:23:21 check_reload_status Reloading filter
      Jul 9 23:23:21 check_reload_status updating dyndns wan
      Jul 9 23:23:19 php-fpm 24556 /rc.newwanip: rc.newwanip: on (IP address: 86.      ..) (interface: WAN[wan]) (real interface: re1).
      Jul 9 23:23:19 php-fpm 24556 /rc.newwanip: rc.newwanip: Info: starting on re1.
      Jul 9 23:23:18 check_reload_status Restarting ipsec tunnels
      Jul 9 23:23:18 php-fpm 91521 /rc.linkup: ROUTING: setting default route to 86.      .      .
      Jul 9 23:23:18 check_reload_status rc.newwanip starting re1
      Jul 9 23:23:18 php-fpm 91521 /rc.linkup: HOTPLUG: Configuring interface wan
      Jul 9 23:23:18 php-fpm 91521 /rc.linkup: DEVD Ethernet attached event for wan
      Jul 9 23:23:17 kernel re1: link state changed to UP
      Jul 9 23:23:17 check_reload_status Linkup starting re1
      Jul 9 23:23:15 check_reload_status Reloading filter
      Jul 9 23:23:14 php-fpm 91521 /rc.linkup: DEVD Ethernet detached event for wan
      Jul 9 23:23:13 check_reload_status Linkup starting re1
      Jul 9 23:23:13 kernel re1: link state changed to DOWN
      Jul 9 23:23:13 kernel re1: watchdog timeout
      Jul 9 23:23:07 check_reload_status Reloading filter
      Jul 9 23:23:07 php-fpm 87963 /rc.newwanip: rc.newwanip: on (IP address: 192.      .. ) (interface: LAN[lan]) (real interface: re0).
      Jul 9 23:23:07 php-fpm 87963 /rc.newwanip: rc.newwanip: Info: starting on re0.
      Jul 9 23:23:06 check_reload_status Reloading filter
      Jul 9 23:23:06 check_reload_status rc.newwanip starting re0
      Jul 9 23:23:06 php-fpm 87963 /rc.linkup: Hotplug event detected for LAN(lan) static IP (192... )
      Jul 9 23:23:05 kernel re0: link state changed to UP
      Jul 9 23:23:05 check_reload_status Linkup starting re0
      Jul 9 23:23:02 check_reload_status Reloading filter
      Jul 9 23:23:02 php-fpm 48922 /rc.linkup: Hotplug event detected for LAN(lan) static IP (192.      .. )
      Jul 9 23:23:01 kernel re0: link state changed to DOWN
      Jul 9 23:23:01 kernel re0: watchdog timeout
      Jul 9 23:23:01 check_reload_status Linkup starting re0

      1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan
        last edited by

        @Rorinson:

        The following is the log, I've copied from the exact moment it starts until the moment the pfsense box became completely unresponsive.  It mentiones hotplug issues - There is no problem with the cables I use, this problem only arises when large files are being downloaded.  The log also mentions "detected an IP change or dynamic WAN reconnection" - There is no IP change, and it's showing the same IP there twice.

        As said : Your pfSense NIC detects cable removing.
        This means : some one is ripping out the WAN cable - or the NIC (Realtek => may day …. ) is bad or the NIC on the other side is bad.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • JailerJ
          Jailer
          last edited by

          Sounds like a realtec NIC crapping out under load.

          1 Reply Last reply Reply Quote 0
          • R
            Rorinson
            last edited by

            @Gertjan:

            As said : Your pfSense NIC detects cable removing.
            This means : some one is ripping out the WAN cable - or the NIC (Realtek => may day …. ) is bad or the NIC on the other side is bad.

            @Jailer:

            Sounds like a realtec NIC crapping out under load.

            Hi there,

            Thanks very much for the response both!

            As I said, the cable is fine - It only happens when large downloads are going on.  I've even replaced the cable to rule out a cable issue too.

            So it may be the card can't handle the load then.  Is there any way I can confirm this?  Some test I can perform?

            I guess I could just replace the card with an Intel card but before I do that it'd be good to check this is the problem.

            1 Reply Last reply Reply Quote 0
            • N
              Nullity
              last edited by

              @Rorinson:

              @Gertjan:

              As said : Your pfSense NIC detects cable removing.
              This means : some one is ripping out the WAN cable - or the NIC (Realtek => may day …. ) is bad or the NIC on the other side is bad.

              @Jailer:

              Sounds like a realtec NIC crapping out under load.

              Hi there,

              Thanks very much for the response both!

              As I said, the cable is fine - It only happens when large downloads are going on.  I've even replaced the cable to rule out a cable issue too.

              So it may be the card can't handle the load then.  Is there any way I can confirm this?  Some test I can perform?

              I guess I could just replace the card with an Intel card but before I do that it'd be good to check this is the problem.

              Use iperf between your pfSense and another LAN host.

              Please correct any obvious misinformation in my posts.
              -Not a professional; an arrogant ignoramous.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.