Strange Reboot-Problems on NexCom 1085L (Oversized Packets?)
-
With all the hardware that you already tried and now with this unusual traffic at wan I really think you have some layer1/2 issues at WAN or some hardware at WAN that is acting up.
-
Hey, Hoba!
I have now shortened the thread a little bit as I was able to watch on my TFT what happens here…
And the problem is definitely those "Oversized Packets" ...As soon as they come it, WAN gets killed and sometimes pfSense/FreeBSD notices that and reboots, sometimes it doesn't and simply stays there...
Where could those packets come from?
How could I successfully block them?Two servers don't lock up with those packets but have problems with some packet getting delayed, one other server (this one we are talking about) locks up.... :'( :'( :'(
Everything worked fine with that SonicWall we tested, but it has only 100 MBit/Ports and we'd like to have GBit-Ports...
But I am slowly getting the idea that pfSense might for some reason simply not work here :-(I am seriously depressed...
Any more ideas/clues?
Thanks!
Chris
-
I have had exactly the same probs with these oversized packets (using rl and vr network cards). It seems to be a FreeBSD problem. There are questions on FreeBSD mailing lists but no real answers - well maybe I dont know enough about BSD.
If there is a router in front of your pfsense you might try to block these packets with that.
Agree with Hoba that packets probably come from malfunctioning hardware on the WAN network. Other customers on the ISP?
My problem was solved when the ISP changed my IP address to a different pool (fingers crossed - its been about 2 weeks, I think, with no bad packets). However my machine never rebooted - just lost WAN access. Had to reboot the modem and/or the firewall or the WAN interface to bring it back up.
The packets you are getting are HUGE! Mine were 1508 or 1530 (MTU = 1500)
-
Well there are lots of other customers behind the huge cisco-core-router…
I really don't know what else to do now...
If I cannot find a fix somehow before monday, I am afraid we will buy a SonicWall...
But I'd really like to stick to pfSense... Why is pfSense running on FreeBSD and not Linux?
Wouldn't the Hardware-Support on Linux-Kernels be much better? -
Well complaining to the data center might help. They might be able to help stop at the switch or router level.
Linux vs FreeBSD is a bit OT just now :-\
I had the feeling that my problem was related to getting my ip address by DHCP, but that does not seem to be the case here.
I definitely do not think that the problem is related to hardware as it seems to strike all kinds of ethernet cards. I have the same machine and modem so it was not that either.
-
Well they have a really huge cisco router there so I really doubt that the problem lies there…
As with a SonicWall everything worked perfectly...As that seems to be a bug in FreeBSD as you say we can only hope that it gets fixed soon... :-\
-
The bug seems to have been there for some time. Not too many people get it, and its difficult to reproduce. Hard to get something like that fixed.
Its a bit sad that Linux works fine where FreeBSD falls down…
I am not saying that there is a prolem with the cisco router, but that it could be stopped there. Make a noise, say that you are getting these huge packets that are messing up your machine. They might help out. Thats what I did. It wasnt the ISPs fault but they did what they could even though I am not a huge customer.
-
just a thought… if you are using gig ethernet cards, can you not increase the MTU significantly ? Might help..
-
Thanks for your help :)
But wouldn't an increase of the MTU affect all my Servers and those on the other side of pfSense?
As the packets would have to be fragmented anyway to 1500 ethernet packet-length, wouldn't they?I've now taken the NexCom back to the office and will try to set up a test-environment on Sunday where I will
attach two PC's and hammer pfSense with packets using "iperf" …
Perhaps I can then try and make that error appear again and find a solution for it ;-) -
I've used Iperf to test the performance of m0n0 based machines but never saw any problems. The problem packets are malformed - undefined ethertypes. You wont see that kind of output from iperf.
Let us know what you find out.
-
Btw, even if pfSense would ignore these packets and not crash this probably has a negative effect on performance and throughput. They consume bandwidth on the line and you usually don't want to have that and if you are accounted for volume it's even worse as this traffic will count in too. Guess you want to get rid of this traffic in any case.
-
Hm.. how could I manually create those malformed packets in my test-scenario?
Any ideas?
Because I somehow have to trick pfSense into these errors to see if Changes really
work ;-)Thanks :-)
-
Could the FreeBSD gurus tell me which FreeBSD mailing list to post this problem on? I have tried freebsd-questions@freebsd.org some weeks ago but no progress there.
-
@sai:
Could the FreeBSD gurus tell me which FreeBSD mailing list to post this problem on? I have tried freebsd-questions@freebsd.org some weeks ago but no progress there.
Start at questions, then make your way to freebsd-net@ and if that finally doesn't work try freebsd-current@