Commands to help identify Lan interface errors
-
Hi PFSense Board,
I am running PFSense 2.0.1-RELEASE (i386) directly on an intel atom board, with a dual nic Intel card.
Everything seems to be running fine, except that i have quite a lot of errors on the Lan interface.Which commands can i use to help identify what is causing these errors ?
$ netstat -s -s
tcp:
103754 packets sent
83602 data packets (29328524 bytes)
186 data packets (148521 bytes) retransmitted
45 data packets unnecessarily retransmitted
18706 ack-only packets (0 delayed)
12 window update packets
1248 control packets
60601 packets received
41025 acks (for 29281769 bytes)
688 duplicate acks
17333 packets (7511731 bytes) received in-sequence
13 completely duplicate packets (3811 bytes)
6 out-of-order packets (2214 bytes)
120 window update packets
3 packets received after close
11 discarded for bad checksums
122 connection requests
1132 connection accepts
720 ignored RSTs in the windows
1240 connections established (including accepts)
1263 connections closed (including 720 drops)
1039 connections updated cached RTT on close
1039 connections updated cached RTT variance on close
742 connections updated cached ssthresh on close
13 embryonic connections dropped
20598 segments updated rtt (of 20754 attempts)
217 retransmit timeouts
13 keepalive timeouts
13 connections dropped by keepalive
343 correct ACK header predictions
14714 correct data packet header predictions
1133 syncache entries added
1 retransmitted
6 dupsyn
1132 completed
1 reset
1133 cookies sent
25 SACK recovery episodes
42 segment rexmits in SACK recovery episodes
44386 byte rexmits in SACK recovery episodes
274 SACK options (SACK blocks) received
2 SACK options (SACK blocks) sent
udp:
777315 datagrams received
2 with bad checksum
112037 dropped due to no socket
190151 broadcast/multicast datagrams undelivered
475125 delivered
810175 datagrams output
sctp:
Packet drop statistics:
Timeouts:
ip:
71983607 total packets received
1299466 packets for this host
66927492 packets forwarded
3387 packets not forwardable
1388818 packets sent from this host
10 packets sent with fabricated ip header
15 output datagrams fragmented
31 fragments created
icmp:
2406 calls to icmp_error
Output histogram:
echo reply: 28
destination unreachable: 2405
time exceeded: 1
34 messages with bad checksum
Input histogram:
echo reply: 461514
destination unreachable: 8
echo: 28
28 message responses generated
ICMP address mask responses are disabled
igmp:
ipsec:
ah:
esp:
ipcomp:
pim:
carp:
pfsync:
arp:
1014 ARP requests sent
33396 ARP replies sent
574552 ARP requests received
255 ARP replies received
574807 ARP packets received
727 total packets dropped due to no ARP entry
456 ARP entrys timed out
ip6:
16814 total packets received
12 packets sent from this host
42 output packets discarded due to no route
Input histogram:
hop by hop: 576
UDP: 16114
ICMP6: 124
Mbuf statistics:
0 one mbuf
16814 one ext mbuf
0 two or more ext mbuf
Source addresses selection rule applied:
icmp6:
Output histogram:
neighbor solicitation: 3
MLDv2 listener report: 9
Histogram of error messages to be generated:
ipsec6:
rip6:
pfkey:
4 requests sent from userland
64 bytes sent from userland
histogram by message type:
flush: 2
x_spdflush: 2
4 requests sent to userland
64 bytes sent to userland
histogram by message type:
flush: 2
x_spdflush: 2 -
New to this but what about "netstat -sl <lan interface="">"? Seems to give more specifics and with regard to that iface.</lan>
-
Finally found out that it was my switch that caused all the errors. Not going to buy a SRW2008 ever again :-)
-
Ditto on that. Those SRW switches cause an unreasonable amount of trouble. And half the time, upgrading firmware bricks it.