Massive performance issues on some websites
-
Only snort huh?
-
Disable Snort and report back
-
-
Leave it on one at a time….
-
Disable Snort and report back
That was one of the first things I tried. Mentioned that in my OP
Leave it on one at a time….
I'm not sure what you mean by that?
-
I agree with super mule - Turning of snort has occasionally been known to help performance - From time to time.
The same way not being DDOSed helps with performance….You said you are running two packages.
I think supermule meant try disabling one, and then the other separately to see which is causing the problem. -
I agree with super mule - Turning of snort has occasionally been known to help performance - From time to time.
The same way not being DDOSed helps with performance….I've tried with Snort enabled (When I first tried to switch over to pfSense) and then with it disabled to try and narrow down the cause of the issues I'm having.
Considering it's a fresh install with minimal packages added I'm a bit stumped as to why these issues are occurring, and even more stumped that I can't see anything being blocked or high use in any resources >:( -
Pfsense works well and works fast. Its either a package, a misconfiguration, your DNS or something like that that is causing your problems.
What are you using for DNS? Can we see the list that appears on the main page to the left?
-
Pfsense works well and works fast. Its either a package, a misconfiguration, your DNS or something like that that is causing your problems.
What are you using for DNS? Can we see the list that appears on the main page to the left?
As mentioned previously, it is 127.0.0.1 followed by the two OpenDNS servers.
Here is a screenshot that shows details I have already given.
-
Try changing DNS to 8.8.8.8 and 8.8.4.4 just for a little while and reboot.
See if it helps.
If thats not the issue, can we see your lan and wan firewall rules?
"unable to check for updates" seems like something very basic is broken.
-
Why are you unable to check for updates??
-
Try changing DNS to 8.8.8.8 and 8.8.4.4 just for a little while and reboot.
See if it helps.
If thats not the issue, can we see your lan and wan firewall rules?
"unable to check for updates" seems like something very basic is broken.
100% sure that won't help. We've used OpenDNS for years without an issue and it works fine in Endian.
Not to mention that internally the DNS saved in the firewall isn't even used as we use our own internal DNS server. -
Why are you unable to check for updates??
I'm not sure. If I copy and paste the update link from the failure message it loads on my PC fine and the package list updates on pfSense fine so I'm still really dumbfounded.
Offtopic: Slightly jealous of your speed there :-\ Management won't spend more on a faster link (Currently 10mb) and home internet is worse :(
-
Please just try google DNS just to placate my silly whims.
-
Pls. try Google DNS to see if the issue persits…
Why are you unable to check for updates??
I'm not sure. If I copy and paste the update link from the failure message it loads on my PC fine and the package list updates on pfSense fine so I'm still really dumbfounded.
Offtopic: Slightly jealous of your speed there :-\ Management won't spend more on a faster link (Currently 10mb) and home internet is worse :(
-
Same issue with Google DNS.
-
What is your wan IP? Is it public or private?
-
We need access to that box because something is wrong.
And I bet thats why its slow. Are you using any specified GW's on any other interface than WAN??
-
Yep - But I hate to ask. People are paranoid you know…
-
What is your wan IP? Is it public or private?
WAN IPs are public (Only 1 IP currently in use in our IP range).
We need access to that box because something is wrong.
And I bet thats why its slow. Are you using any specified GW's on any other interface than WAN??
Only 1 gateway specified and that's the WAN IF. Remote access won't be possible, IT manager would lose his &#@&.
I'm in the process of setting up a 2nd pfSense VM (With only Open VM Tools installed) from the 2.1.5 install image and I'll manually setup rules and config again so no bad config comes across. If I can get it working like that then I'll add snort back in and hope that it all works.
