I have to reset states every 10 hours PFSense 2.0
-
For some reason in the last 5 days as far as I can tell my traffic gets slowed on our WAN connection. I have to reset my states in order to get it back up to proper speed. Ping times are really high as well. Again once I reset my states everything goes back to normal. I have looked at the states and I don't see anything that stands out. No more that 500 states when this happens. Any assistance is greatly appreciated.
-
I do have Multi-WAN Loadbalancing on two separate ISP's. I have tried stopping the second connection on the load balancer gateway setting with the same result.
-
I do have two firewalls in place with Carp failover. This was working fine before I noticed the issue.
-
I am not seeing an error in the logs.
-
Firewall Maximum States = 390000
-
Firewall Maximum Table Entries = 390000
-
Total memory is 4GB
-
2.0-RELEASE (amd64) built on Tue Sep 13 17:05:32 EDT 2011 You are on the latest version.
-
-
have you tried runing mmtest86
http://www.memtest.org/
-
have you tried runing mmtest86
http://www.memtest.org/
No I have not yet as this physical machine is in a Datacenter an hour away. This machine isn't currently under high load and I don't see much change in memory usage. But I will try this tomorrow.
-
So memory test found no issues. I did track this down. If a PPTP user logs in. For some reason this causes the WAN connection configured with the highest priority to have latency. if I reset the states, the latency issue is resolved. Then its back as soon as the reconnects PPTP. If I delete the Group no problems. Just when the group is in place and someone connects via PPTP.
Anyone have ideas why? I am running out of hair fast.
-
Just a guess: In your PPTP settings, the "Server address" is set to your WAN IP. Don't do that, enter an unused local IP instead.
-
Just a guess: In your PPTP settings, the "Server address" is set to your WAN IP. Don't do that, enter an unused local IP instead.
I have it set to an unused private IP address within the same local subnet.
I did however find a automatic dynamic gateway setup so I have deleted that. So far everything looks good. Will let you know tomorrow if everything is still going strong.
-
Ok so this ended up being an issue where the firewall auto created a dynamic gateway. Thanks for the help
