Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Enabling UPnP causes packet loss

    Scheduled Pinned Locked Moved NAT
    7 Posts 2 Posters 2.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vtmikel
      last edited by

      Hi-

      About a week ago I noticed a serious problem.  I was seeing packet loss between my router and a secondary gateway on my LAN on the Gateways dashboard widget.  After some testing I realized that all devices pinging my router would get ~20-30% packet loss, which also explained why my internet was acting strange on VoIP sessions.

      After much testing and a complete fresh install of pfsense I've now narrowed it down to the miniupnpd service.  When I enable it, the packet loss immediately returns.  I don't see anything of relevance in my logs.  While disabled, the router has been running fine for about a week under normal load.

      I have a pretty basic setup: My Lan is on a LAGG (but the problem is the same if I break the LAGG and use a single eth for LAN).  I have a static route added, one additional gateway on the LAN.  I run a OpenVPN Client, and OpenVPN Server.  No IPv6.  Fresh install of offense with update to 2.3.3-RELEASE-p1.  No packages except OpenVPN Client Export.  Hardware is less than 3 months old.

      I would like to see UPnP re-enabled on my network.  Any ideas that could help?

      Thanks.
      Mike

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        I doubt your voip would be even usable with 20 to 30% packet loss..  And enabling UPnP makes zero sense.. Is something creating some sort of rules via UPnP - if so what.. You can see them in the UPnP section of pfsense.

        So when you say you have a secondary gateway.. You mean a downstream router in your network - and its connected via a transit network?  Or does it connect via your lan that you have hosts on?

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • V
          vtmikel
          last edited by

          Thank you for the reply.

          My additional gateway is simply a separate network on my LAN, a video network that has very little traffic being routed between it and my primary lan.  I'm not as advanced as you, so my apologies if I'm using the wrong terms.

          The packet loss between my primary (pfsense) router and the second gateway was only what alerted me to the problem.  There was no packet loss between my router and the WAN.  Once I diagnosed further, I realized that any LAN based device was experiencing packet loss to the pfsense router (and vice versa).  This happened only when uPNP was turned on, and without even any port mapping rules being established by any client.

          In testing further yesterday, I found out that the problem only occurs when DLNA is enabled on my WAP while uPNP is enabled on the pfsense router.  If one or the other is disabled, network seems to be fine.  Very frustrating.  Even if I do have a rogue device on my wireless network, it shouldn't have this affect.

          I don't absolutely need uPNP enabled.  I just find this annoying and want to identify the cause.  Let me know if you have any more ideas.

          1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator
            last edited by

            DLNA on a wap??  huh??  What are you using as a wap, and what exactly are you enabling?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.8, 24.11

            1 Reply Last reply Reply Quote 0
            • V
              vtmikel
              last edited by

              It's a DLNA content filtering feature, allowing or prohibiting clients from consuming or advertising DLNA services.  The WAP is a Aruba.  It's part of their AirGroup feature.

              1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator
                last edited by

                So I take it your enabling it and this is causing you problems?  Or you say when you disable it then you have problems?

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                1 Reply Last reply Reply Quote 0
                • V
                  vtmikel
                  last edited by

                  That's right.

                  Configuration causing problems:

                  #1: DLNA enabled on WAP clients, uPnP enabled on router

                  Configuration seemingly not having problems:

                  #2: DLNA filtered / disabled on WAP clients, uPnP enabled on router
                  #3: DLNA enabled on WAP clients, uPnP disabled on router

                  I'm currently operating under configuration #3 and not noticing any issues.

                  Mike

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.