Nuisance pfSence issues disappeared after upgrading hardware

Ghost 0

I have been using pfSense since 2020 and have been dealing with performance and nuisance issues from the get-go. I tried all the suggestions from this forum, and they were unhelpful for the most part and ended up in the proverbial rabbit hole to nowhere. So, I just gave up and accepted it.

PfSense was running on a refurbished HP workstation, Intel Quad CPU w/o AES-NI at 2200/5G RAM/64GB HDD with OpenVPN enabled/no packages. I used to get the following errors; first two errors every few mins throughout the day and the third one, about every 7 to 10 days:

Error #1: dpinger 52560 NORDVPN_VPNV4 10.X00.X.1: sendto error: 55
Error #2 dpinger 2289 WAN_DHCP 97.X91.0XX.1: sendto error: 64

Error #3: dpinger 14176 send_interval 500ms loss_interval 2000ms time_period
60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms
loss_alarm 20% alarm_hold 10000ms dest_addr 10.X00.X.1 bind_addr 10.X00.0.X identifier "NORDVPN_VPNV4 "

Error #4: From the VPN gateway, "warning packetloss" when an internet speed test was enabled in bright yellow with the loss percentage. And I could never achieve the advertised bandwidth that my ISP was sending while the VPN was enabled. I was only getting approximately 30% of said bandwidth. I thought this was primarily due to my VPN provider because I have heard that VPN can significantly decrease the bandwidth/ throughput.

Recently, the aforementioned underpowered PC died an untimely death, RIP! Thus, I transitioned to a used HP ProDesk 600 G1 with a I5-4590 CPU/ 8G DDR3/standard HDD. This is an old CPU 4th gen with AES-NI; purchased it for under $75 with free shipping from Amazon. I purchased it as a test, and if it failed to meet my expectations, I was ready to buy a dedicated Netgate PfSense hardware. To my surprise, all the aforementioned errors and the inadequate bandwidth disappeared. I'm now slightly exceeding the agreed bandwidth, which is my advantage, that I'm paying my ISP. This old refurbished HP is quiet and stable. This is a great eye-opener because all these people kept telling me it was a software issue and gave me all these bad advice when it was a hardware issue. The only minor issue that I experienced was that I couldn't easily fit the standard Intel 4-port NIC since this is a low profile desktop. I had to strip the metal part off the NIC and jam it with a piece of wood to make it fit since this HP desktop is a screw-less system. It is stable, quiet, and fast with VPN, and numerous VLAN's enabled. It is stored in a closet with just the cable modem and two LAN (cat6) ethernet uplinks to managed enterprise PoE switches located in the attic and to other hardware like UniFi access points and security cameras. IMHO, the Intel I-5 CPU with AES-NI is the minimum hardware one needs to run pfSense without major issues. Thus, I'm keeping this cheap refurbished PC since it has met and exceeded my expectations thus far and saved me lots of Benjamins $$$$$$.

stephenw10

@Ghost-0 said in Nuisance pfSence issues disappeared after upgrading hardware:

Error #3: dpinger 14176 send_interval 500ms loss_interval 2000ms time_period
60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms
loss_alarm 20% alarm_hold 10000ms dest_addr 10.X00.X.1 bind_addr 10.X00.0.X identifier "NORDVPN_VPNV4 "

Just for information that isn't an error. It's dpinger restarting.

The hardware required really depends almost entirely on the bandwidth you need it to pass. An i5, even an older one like that, is pretty higher power. You should pass 1G without breaking a sweat for example!

Steve