Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Network performance issue using pfSense v.2.7.0 running as router

    Scheduled Pinned Locked Moved General pfSense Questions
    14 Posts 6 Posters 921 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S
      stephenw10 Netgate Administrator
      last edited by stephenw10

      There were 3 duplicate threads, I locked the others.

      certctl rehash is by far the most common cause coming from 2.7.0 but nit the only one. 😉

      What does pkg-static -d update show?

      M JKnottJ 2 Replies Last reply Reply Quote 0
      • M
        mauro.tridici @stephenw10
        last edited by stephenw10

        Hi @stephenw10 , thank you for your reply.

        This is the output of the debug:

        DBG(1)[41599]> pkg initialized
Updating pfSense-core repository catalogue...
DBG(1)[41599]> PkgRepo: verifying update for pfSense-core
DBG(1)[41599]> PkgRepo: need forced update of pfSense-core
DBG(1)[41599]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense-core.sqlite'
DBG(1)[41599]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.conf
DBG(1)[41599]> curl_open
DBG(1)[41599]> Fetch: fetcher used: pkg+https
DBG(1)[41599]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.conf

DBG(1)[41599]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 2

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 1

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg00-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
pkg-static: An error occured while fetching package
DBG(1)[41599]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.txz
DBG(1)[41599]> curl_open
DBG(1)[41599]> Fetch: fetcher used: pkg+https
DBG(1)[41599]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.txz

DBG(1)[41599]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg00-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 2

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg01-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 1

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg00-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
pkg-static: An error occured while fetching package
repository pfSense-core has no meta file, using default settings
DBG(1)[41599]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/packagesite.pkg
DBG(1)[41599]> curl_open
DBG(1)[41599]> Fetch: fetcher used: pkg+https
DBG(1)[41599]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/packagesite.pkg

DBG(1)[41599]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg00-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 2

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg01-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 1

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg00-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
pkg-static: An error occured while fetching package
DBG(1)[41599]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/packagesite.txz
DBG(1)[41599]> curl_open
DBG(1)[41599]> Fetch: fetcher used: pkg+https
DBG(1)[41599]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/packagesite.txz

DBG(1)[41599]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg00-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 2

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg01-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 1

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg00-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
pkg-static: An error occured while fetching package
Unable to update repository pfSense-core
Updating pfSense repository catalogue...
DBG(1)[41599]> PkgRepo: verifying update for pfSense
DBG(1)[41599]> PkgRepo: need forced update of pfSense
DBG(1)[41599]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense.sqlite'
DBG(1)[41599]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/meta.conf
DBG(1)[41599]> curl_open
DBG(1)[41599]> Fetch: fetcher used: pkg+https
DBG(1)[41599]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/meta.conf

DBG(1)[41599]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 2

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 1

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg01-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
pkg-static: An error occured while fetching package
DBG(1)[41599]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/meta.txz
DBG(1)[41599]> curl_open
DBG(1)[41599]> Fetch: fetcher used: pkg+https
DBG(1)[41599]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/meta.txz

DBG(1)[41599]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg01-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 2

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg00-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 1

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg01-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
pkg-static: An error occured while fetching package
repository pfSense has no meta file, using default settings
DBG(1)[41599]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkg
DBG(1)[41599]> curl_open
DBG(1)[41599]> Fetch: fetcher used: pkg+https
DBG(1)[41599]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkg

DBG(1)[41599]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg01-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 2

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg00-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 1

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg01-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
pkg-static: An error occured while fetching package
DBG(1)[41599]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.txz
DBG(1)[41599]> curl_open
DBG(1)[41599]> Fetch: fetcher used: pkg+https
DBG(1)[41599]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.txz

DBG(1)[41599]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg01-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 2

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg00-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.207:443...
* Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
DBG(1)[41599]> CURL> attempting to fetch from , left retry 1

* Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults
* Hostname pkg01-atx.netgate.com was found in DNS cache
*   Trying 208.123.73.209:443...
* Connected to pkg01-atx.netgate.com (208.123.73.209) port 443
* ALPN: curl offers http/1.1
*  CAfile: none
*  CApath: /etc/ssl/certs/
* SSL certificate problem: unable to get local issuer certificate
* Closing connection
pkg-static: An error occured while fetching package
Unable to update repository pfSense
Error updating repositories!
        stephenw10S 1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator @mauro.tridici
          last edited by

          @mauro-tridici said in Network performance issue using pfSense v.2.7.0 running as router:

          • CAfile: none
          • CApath: /etc/ssl/certs/
          • SSL certificate problem: unable to get local issuer certificate

          That looks like the error that should be fixed by running certctl rehash. Did you try running that?

          A 1 Reply Last reply Reply Quote 0
          • JKnottJ
            JKnott @stephenw10
            last edited by

            @stephenw10 said in Network performance issue using pfSense v.2.7.0 running as router:

            What does pkg-statc -d update show?

            /root: pkg-statc -d update
            pkg-statc: Command not found.

            PfSense running on Qotom mini PC
            i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
            UniFi AC-Lite access point

            I haven't lost my mind. It's around here...somewhere...

            JKnottJ stephenw10S 2 Replies Last reply Reply Quote 0
            • JKnottJ
              JKnott @JKnott
              last edited by

              @JKnott
              Never mind. I just changed the update branch to 2.7.2 and it appears ready to update.

              PfSense running on Qotom mini PC
              i5 CPU, 4 GB memory, 32 GB SSD & 4 Intel Gb Ethernet ports.
              UniFi AC-Lite access point

              I haven't lost my mind. It's around here...somewhere...

              1 Reply Last reply Reply Quote 1
              • stephenw10S
                stephenw10 Netgate Administrator @JKnott
                last edited by

                @JKnott said in Network performance issue using pfSense v.2.7.0 running as router:

                /root: pkg-statc -d update
                pkg-statc: Command not found.

                Sorry I typo'd that. Should be: pkg-static -d update

                1 Reply Last reply Reply Quote 0
                • A
                  AK_4_Life @stephenw10
                  last edited by

                  @stephenw10 worked for me! thanks for the tip.

                  1 Reply Last reply Reply Quote 1
                  • GertjanG Gertjan referenced this topic on
                  • georgelzaG
                    georgelza
                    last edited by

                    @stephenw10 said in Network performance issue using pfSense v.2.7.0 running as router:

                    pkg-static -d update

                    hi all...
                    got redirected to this thread. upgrading my pfSense device
                    did backup 2.7.2, install new software 2.7.0. restored config file.
                    rebooted... had to get some renaming of interfaces resolved.

                    packages don't want to installed, see error below

                    The below was executed after having executed.

                    certctl rehash

                    Fetching meta.conf: 100%    178 B   0.2kB/s    00:01
* Connection #0 to host pkg00-atx.netgate.com left intact
DBG(1)[2436]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkg
DBG(1)[2436]> curl_open
DBG(1)[2436]> Fetch: fetcher used: pkg+https
DBG(1)[2436]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkg

DBG(1)[2436]> CURL> attempting to fetch from , left retry 3

* Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
* Found bundle for host: 0x8219d24d0 [serially]
* Re-using existing connection with host pkg00-atx.netgate.com
> GET /pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkg HTTP/1.1
Host: pkg00-atx.netgate.com
User-Agent: pkg/1.20.8
Accept: */*
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT

< HTTP/1.1 200 OK
Fetching packagesite.pkg:   0%< Server: nginx
< Date: Mon, 28 Oct 2024 09:10:44 GMT
< Content-Type: application/octet-stream
< Content-Length: 160404
< Last-Modified: Mon, 21 Oct 2024 21:31:27 GMT
< Connection: keep-alive
< ETag: "6716c82f-27294"
< Strict-Transport-Security: max-age=31536000; preload
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: all
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Accept-Ranges: bytes
<
Fetching packagesite.pkg: 100%  157 KiB 160.4kB/s    00:01
* Connection #0 to host pkg00-atx.netgate.com left intact
DBG(1)[2436]> PkgRepo: extracting packagesite.yaml of repo pfSense
DBG(1)[2971]> PkgRepo: extracting signature of repo in a sandbox
DBG(1)[2436]> Pkgrepo, reading new packagesite.yaml for '/var/db/pkg/repo-pfSense.sqlite'
Processing entries:   0%
Newer FreeBSD version for package xmlstarlet:
To ignore this error set IGNORE_OSVERSION=yes
- package: 1400094
- running kernel: 1400085
                    1 Reply Last reply Reply Quote 0
                    • georgelzaG
                      georgelza
                      last edited by

                      rinse and repeat... eventually package list showing...

                      but it's not showing/displaying original installed packages...
                      whats the thinking. do a upgrade to 2.7.0 -> 2.7.2 and then re load the config file.

                      nothing to loose, here it goes...
                      G

                      1 Reply Last reply Reply Quote 0
                      • georgelzaG
                        georgelza
                        last edited by

                        @georgelza said in Network performance issue using pfSense v.2.7.0 running as router:

                        pkg-static -d update

                        ok... we're back cooking with gas, as the saying goes, got haproxy installed and my external exposed services are working again.

                        Would have been great if the restore allowed me to re-attempt the installation of previously installed packages.

                        G

                        1 Reply Last reply Reply Quote 1
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.