*RANT* Why pfsense is popular
-
Stop building castles in swamps, pfSense being the castle and the swamp being your hardware.
I'm getting 0.008ms through pfSense. I let bittorrent run 24/7 and don't have any issues with latency. Here's my quality graph against 4.2.2.2
Yeah i doubt my hardware is the swamp you can read the specs above. Are you using a beta version of PFsense cuz it shows my is the latest version:
2.4.2-RELEASE-p1 (amd64)
built on Tue Dec 12 13:45:26 CST 2017
FreeBSD 11.1-RELEASE-p6Can provide me the info to get those graph and chart I do not see them in the dashboard widgets.
-
If you have gateway monitoring on WAN (the default setting), the system is automatically keeping track of two pings per second in Status > Monitoring.
From there select settings, change the left axis to Quality / WANGW (or the local equivalent).
A good place to start with Options: 8 hours, Resolution: 1 minute.
-
If you have gateway monitoring on WAN (the default setting), the system is automatically keeping track of two pings per second in Status > Monitoring.
From there select settings, change the left axis to Quality / WANGW (or the local equivalent).
A good place to start with Options: 8 hours, Resolution: 1 minute.
Thank you for the help on setting that up, also playing wow now to see if that could help capture any packet drops or issues :D ;D
-
I do not see any difference between your tests with your GF and pfsense.. And that azure test.. Where are those 300-1500 numbers your talking about?
-
I do not see any difference between your tests with your GF and pfsense.. And that azure test.. Where are those 300-1500 numbers your talking about?
In World of Warcraft. Like I said my normal day to day traffic is rock solid.
 -
And how exactly do you think pfsense can tell the difference between these packets.. And slow down the wow ones? PFM? Because pfsense/netgate hate wow players? ;)
-
And how exactly do you think pfsense can tell the difference between these packets.. And slow down the wow ones? PFM? Because pfsense/netgate hate wow players? ;)
Well its obvious they do, seriously ….... Hence why it was a RANT, its doesn't make sense. General networking would suggest that there were a a large % of dropped packets while gaming, which I have not seen. Maybe I did something wrong, but its is pretty much a vanilla install and the 3rd clean install, after trying port forwarding and traffic shaping.
I did game a bit last nite and upon logging it it jumped to 300+ms lag. Leaving the game running I moved the cables to the GFiber box, relogged into wow of a few mins add lag was as always 78ms, then switched the cables back to pfsense and relogged and then they stayed at 78ms for the rest of the nite, thoughts?
-
And how exactly do you think pfsense can tell the difference between these packets.. And slow down the wow ones? PFM? Because pfsense/netgate hate wow players? ;)
Well its obvious they do, seriously ….... Hence why it was a RANT, its doesn't make sense. General networking would suggest that there were a a large % of dropped packets while gaming, which I have not seen. Maybe I did something wrong, but its is pretty much a vanilla install and the 3rd clean install, after trying port forwarding and traffic shaping.
I did game a bit last nite and upon logging it it jumped to 300+ms lag. Leaving the game running I moved the cables to the GFiber box, relogged into wow of a few mins add lag was as always 78ms, then switched the cables back to pfsense and relogged and then they stayed at 78ms for the rest of the nite, thoughts?
My thoughts are its a compatibility issue, it might be a specific vlan id or something needs setting to get the right performance from the ISP.
e.g.in the UK on openreach VDSL, there is multiple vlan's used to classify traffic priority, some are only supposed to be used for IPTV customers and can have unpredictable results on other types of network usage, I expect your google supplied box is preconfigured correctly and you need to research and get the information to get it all setup right on pfsense.
-
And how exactly do you think pfsense can tell the difference between these packets.. And slow down the wow ones? PFM? Because pfsense/netgate hate wow players? ;)
Well its obvious they do, seriously ….... Hence why it was a RANT, its doesn't make sense. General networking would suggest that there were a a large % of dropped packets while gaming, which I have not seen. Maybe I did something wrong, but its is pretty much a vanilla install and the 3rd clean install, after trying port forwarding and traffic shaping.
I did game a bit last nite and upon logging it it jumped to 300+ms lag. Leaving the game running I moved the cables to the GFiber box, relogged into wow of a few mins add lag was as always 78ms, then switched the cables back to pfsense and relogged and then they stayed at 78ms for the rest of the nite, thoughts?
My thoughts are its a compatibility issue, it might be a specific vlan id or something needs setting to get the right performance from the ISP.
e.g.in the UK on openreach VDSL, there is multiple vlan's used to classify traffic priority, some are only supposed to be used for IPTV customers and can have unpredictable results on other types of network usage, I expect your google supplied box is preconfigured correctly and you need to research and get the information to get it all setup right on pfsense.
I'm not ruling that out, but I have done the research, this projects is a good 6-8 mos in planning and readin google, level1techs and pfsense forums. What I have gleened from the data is that WAN has to be configured for VLAN 2 with the 802.11q bit priority set to 3, to get the internet traffic flowing and it does I hit my normal speed test at 900Mbps on all the major speed test sites so I know its configured for internet data, versus IPTV and VOIP.
-
other ideas (without commands sorry as I been up all night).best to try these step by step one at a time, and retest in each step.
Disable energy efficient ethernet.
Disable (at least temporarily checksum offloading on the NIC).
Reduce network queues to 1, this to make sure no packet ordering issues causing problems or driver bugs.
Disable TSO/RSO if enabled.
Disable interrupt moderation on NIC if enabled.
If powerd is enabled set to the performance mode or disable it.Its unlikely to be a widescale pfsense issue, there would be many complaints if it was, its either a bug that only kicks in a specific scenario which you hitting or a compatibility issue whether it be hardware or isp config.
WOW has a known issue where if nagle is enabled (Delayed acks) it will show high lag because it uses tcp not udp for the game packets. But pfsense as the router doesnt control nagle for client LAN devices, however just in case you can disable nagle on pfsense side via this shell command.
'sysctl net.inet.tcp.delayed_ack=0'
-
What does http://us-looking-glass.battle.net/ show from realm your on to the your IP?
Lets see a sniff of this problem.
So put pfsense behind your GF device in a double nat.. Do you have the problem then vs replacement and the vlan tagging your doing..
Lets see your looking glass traces with your GF and Pfsense and then your untangle - the one thing that would be most likely changing would be your IP.. Are you on the same netblock when you swap out devices.. Your routing could be completely different based upon network your on with google..
if your saying untangle does not have the problem - lets see sniff on untangle wan with it working good, and then sniff on pfsense wan with it bad..
-
What does http://us-looking-glass.battle.net/ show from realm your on to the your IP?
Lets see a sniff of this problem.
So put pfsense behind your GF device in a double nat.. Do you have the problem then vs replacement and the vlan tagging your doing..
Lets see your looking glass traces with your GF and Pfsense and then your untangle - the one thing that would be most likely changing would be your IP.. Are you on the same netblock when you swap out devices.. Your routing could be completely different based upon network your on with google..
if your saying untangle does not have the problem - lets see sniff on untangle wan with it working good, and then sniff on pfsense wan with it bad..
I was going to try untangled but I can't set the priority bit so had to bypass that set of testing….
Here is the Looking Glass out put and it doesn't look good....
PING:
PING MYEXTIP (MYEXTIP) 56(84) bytes of data.--- MYEXTIP ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3001ms23/12/2017 15:25:10 UTC
PING:
PING MYEXTIP (MYEXTIP) 56(84) bytes of data.--- MYEXTIP ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3002ms23/12/2017 15:25:10 UTC
TRACEROUTE:
traceroute to MYEXTIP (MYEXTIP), 15 hops max, 60 byte packets
1 24.105.30.2 (24.105.30.2) 0.562 ms 1.036 ms 1.056 ms
2 * * *
3 137.221.66.2 (137.221.66.2) 1.382 ms 1.441 ms 1.505 ms
4 137.221.68.66 (137.221.68.66) 1.315 ms 1.344 ms 1.387 ms
5 137.221.68.32 (137.221.68.32) 0.838 ms 1.052 ms 1.066 ms
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *23/12/2017 15:25:10 UTC
TRACEROUTE:
traceroute to MYEXTIP (MYEXTIP), 15 hops max, 60 byte packets
1 24.105.30.2 (24.105.30.2) 1.408 ms 1.414 ms 1.429 ms
2 * * *
3 137.221.66.2 (137.221.66.2) 1.288 ms 1.345 ms 2.723 ms
4 137.221.68.66 (137.221.68.66) 1.308 ms 1.331 ms 1.356 ms
5 137.221.68.32 (137.221.68.32) 0.869 ms 0.906 ms 1.060 ms
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *23/12/2017 15:25:10 UTC
TRACEROUTE:
traceroute to MYEXTIP (MYEXTIP), 15 hops max, 60 byte packets
1 Blizzard (Blizzard) 0.739 ms 0.757 ms 0.803 ms
2 * * *
3 137.221.66.8 (137.221.66.8) 2.093 ms 2.147 ms 2.226 ms
4 137.221.69.70 (137.221.69.70) 2.042 ms 2.064 ms 2.090 ms
5 137.221.69.34 (137.221.69.34) 1.720 ms 1.810 ms 1.820 ms
6 * * *
7 * * *
8 * * *
9 192-119-18-202.mci.googlefiber.net (192.119.18.202) 31.579 ms 31.618 ms 31.682 ms
10 192-119-18-184.mci.googlefiber.net (192.119.18.184) 32.038 ms 32.012 ms 32.041 ms
11 ae7.ar02.mci102.googlefiber.net (192.119.17.69) 32.005 ms 31.962 ms 31.975 ms
12 23-255-225-17.mci.googlefiber.net (23.255.225.17) 32.105 ms 32.099 ms 31.998 ms
13 23-255-225-19.mci.googlefiber.net (23.255.225.19) 32.483 ms 32.531 ms 32.534 ms
14 * * *
15 * * *23/12/2017 15:25:15 UTC
PING:
PING MYEXTIP (MYEXTIP) 56(84) bytes of data.--- MYEXTIP ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 2998ms23/12/2017 15:25:16 UTC
TRACEROUTE:
traceroute to MYEXTIP (MYEXTIP), 15 hops max, 60 byte packets
1 Blizzard (Blizzard) 0.953 ms 0.990 ms 1.068 ms
2 * * *
3 137.221.66.8 (137.221.66.8) 1.935 ms 2.028 ms 2.073 ms
4 137.221.69.70 (137.221.69.70) 1.863 ms 1.971 ms 1.992 ms
5 137.221.69.34 (137.221.69.34) 1.717 ms 1.729 ms 1.733 ms
6 * * *
7 * * *
8 * * *
9 192-119-18-202.mci.googlefiber.net (192.119.18.202) 31.793 ms 31.835 ms 31.935 ms
10 192-119-18-184.mci.googlefiber.net (192.119.18.184) 33.210 ms 32.071 ms 32.099 ms
11 ae7.ar02.mci102.googlefiber.net (192.119.17.69) 32.061 ms 31.990 ms 31.974 ms
12 23-255-225-17.mci.googlefiber.net (23.255.225.17) 32.255 ms 32.265 ms 32.005 ms
13 23-255-225-19.mci.googlefiber.net (23.255.225.19) 32.461 ms 32.673 ms 32.565 ms
14 * * *
15 * * *23/12/2017 15:25:20 UTC
MTR:
Start: Sat Dec 23 15:25:10 2017
HOST: Blizzard Loss% Snt Last Avg Best Wrst StDev
1.|-- 24.105.30.2 0.0% 10 0.6 0.7 0.5 0.8 0.0
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- 137.221.66.2 0.0% 10 1.3 1.4 1.3 1.5 0.0
4.|-- 137.221.68.66 0.0% 10 1.2 1.3 1.2 1.3 0.0
5.|-- 137.221.68.32 0.0% 10 1.0 2.8 0.9 11.5 3.9
6.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.023/12/2017 15:25:10 UTC
MTR:
Start: Sat Dec 23 15:25:10 2017
HOST: Blizzard Loss% Snt Last Avg Best Wrst StDev
1.|-- 24.105.30.2 0.0% 10 0.6 0.7 0.5 1.3 0.0
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- 137.221.66.2 0.0% 10 1.4 1.3 1.2 1.4 0.0
4.|-- 137.221.68.66 0.0% 10 1.1 1.3 1.1 1.4 0.0
5.|-- 137.221.68.32 0.0% 10 1.0 4.5 1.0 35.6 10.9
6.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.023/12/2017 15:25:10 UTC
PING:
PING MYEXTIP (MYEXTIP) 56(84) bytes of data.--- MYEXTIP ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 2999ms23/12/2017 15:25:21 UTC
MTR:
Start: Sat Dec 23 15:25:15 2017
HOST: Blizzard Loss% Snt Last Avg Best Wrst StDev
1.|-- Blizzard 0.0% 10 2.4 2.7 0.5 7.9 2.8
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- 137.221.66.8 0.0% 10 2.1 2.1 2.1 2.2 0.0
4.|-- 137.221.69.70 0.0% 10 2.0 2.6 1.9 7.2 1.5
5.|-- 137.221.69.34 0.0% 10 41.3 6.6 1.7 41.3 12.4
6.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
7.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
8.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
9.|-- 192-119-18-202.mci.googlefiber.net 0.0% 10 31.5 31.6 31.5 31.7 0.0
10.|-- 192-119-18-184.mci.googlefiber.net 0.0% 10 32.3 32.2 32.0 33.0 0.0
11.|-- ae7.ar02.mci102.googlefiber.net 0.0% 10 32.0 32.1 32.0 32.1 0.0
12.|-- 23-255-225-17.mci.googlefiber.net 0.0% 10 32.1 32.1 32.0 32.2 0.0
13.|-- 23-255-225-19.mci.googlefiber.net 0.0% 10 32.6 32.5 32.5 32.6 0.0
14.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.023/12/2017 15:25:15 UTC
MTR:
Start: Sat Dec 23 15:25:16 2017
HOST: Blizzard Loss% Snt Last Avg Best Wrst StDev
1.|-- Blizzard 0.0% 10 0.8 0.6 0.6 0.8 0.0
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- 137.221.66.8 0.0% 10 2.1 2.0 1.9 2.2 0.0
4.|-- 137.221.69.70 0.0% 10 1.9 2.6 1.9 7.5 1.7
5.|-- 137.221.69.34 0.0% 10 9.8 3.6 1.7 9.8 3.2
6.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
7.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
8.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
9.|-- 192-119-18-202.mci.googlefiber.net 0.0% 10 31.6 31.9 31.5 33.5 0.6
10.|-- 192-119-18-184.mci.googlefiber.net 0.0% 10 32.2 32.5 32.1 33.9 0.5
11.|-- ae7.ar02.mci102.googlefiber.net 0.0% 10 32.1 32.1 32.0 32.2 0.0
12.|-- 23-255-225-17.mci.googlefiber.net 0.0% 10 32.1 32.1 32.1 32.2 0.0
13.|-- 23-255-225-19.mci.googlefiber.net 0.0% 10 32.5 32.5 32.5 32.5 0.0
14.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.023/12/2017 15:25:16 UTC
-
So what is the perceived issue there?
If you want your WAN port to respond to pings you have to enable a firewall rule on WAN passing ICMP source any dest WAN address.
All unsolicited inbound traffic is blocked by default. Even pings.
-
So what is the perceived issue there?
If you want your WAN port to respond to pings you have to enable a firewall rule on WAN passing ICMP source any dest WAN address.
All unsolicited inbound traffic is blocked by default. Even pings.
Ok I had forgotten about that…..
Why do the first couple pings/tracert bottom out and the last few complete as normal????
PING:
PING MYEXTIP (MYEXTIP) 56(84) bytes of data.--- MYEXTIP ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 2999ms23/12/2017 20:06:53 UTC
PING:
PING MYEXTIP (MYEXTIP) 56(84) bytes of data.--- MYEXTIP ping statistics ---
4 packets transmitted, 0 received, 100% packet loss, time 3000ms23/12/2017 20:06:53 UTC
TRACEROUTE:
traceroute to MYEXTIP (MYEXTIP), 15 hops max, 60 byte packets
1 24.105.30.2 (24.105.30.2) 1.277 ms 1.879 ms 1.896 ms
2 * * *
3 137.221.66.2 (137.221.66.2) 1.372 ms 1.432 ms 1.502 ms
4 137.221.68.66 (137.221.68.66) 1.236 ms 1.259 ms 1.288 ms
5 137.221.68.32 (137.221.68.32) 0.955 ms 0.974 ms 0.978 ms
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *23/12/2017 20:06:53 UTC
TRACEROUTE:
traceroute to MYEXTIP (MYEXTIP), 15 hops max, 60 byte packets
1 24.105.30.2 (24.105.30.2) 1.390 ms 1.501 ms 1.520 ms
2 * * *
3 137.221.66.2 (137.221.66.2) 1.234 ms 1.299 ms 1.365 ms
4 137.221.68.66 (137.221.68.66) 1.104 ms 1.200 ms 1.305 ms
5 137.221.68.32 (137.221.68.32) 1.022 ms 1.049 ms 1.058 ms
6 * * *
7 * * *
8 * * *
9 * * *
10 * * *
11 * * *
12 * * *
13 * * *
14 * * *
15 * * *23/12/2017 20:06:53 UTC
TRACEROUTE:
traceroute to MYEXTIP (MYEXTIP), 15 hops max, 60 byte packets
1 Blizzard (Blizzard) 0.535 ms 0.597 ms 0.706 ms
2 * * *
3 137.221.66.8 (137.221.66.8) 2.048 ms 2.163 ms 2.208 ms
4 137.221.69.70 (137.221.69.70) 1.980 ms 2.014 ms 2.036 ms
5 137.221.69.34 (137.221.69.34) 2.021 ms 2.028 ms 2.037 ms
6 * * *
7 * * *
8 * * *
9 192-119-18-202.mci.googlefiber.net (192.119.18.202) 31.584 ms 31.615 ms 31.620 ms
10 192-119-18-186.mci.googlefiber.net (192.119.18.186) 32.917 ms 32.072 ms 32.102 ms
11 ae7.ar02.mci102.googlefiber.net (192.119.17.69) 31.954 ms 31.887 ms 32.099 ms
12 23-255-225-17.mci.googlefiber.net (23.255.225.17) 32.098 ms 32.108 ms 32.009 ms
13 23-255-225-19.mci.googlefiber.net (23.255.225.19) 32.469 ms 32.482 ms 32.513 ms
14 MYEXTIP (MYEXTIP) 33.482 ms 33.679 ms 33.665 ms23/12/2017 20:06:59 UTC
PING:
PING MYEXTIP (MYEXTIP) 56(84) bytes of data.
64 bytes from MYEXTIP: icmp_seq=1 ttl=48 time=33.5 ms
64 bytes from MYEXTIP: icmp_seq=2 ttl=48 time=33.6 ms
64 bytes from MYEXTIP: icmp_seq=3 ttl=48 time=33.5 ms
64 bytes from MYEXTIP: icmp_seq=4 ttl=48 time=33.6 ms--- MYEXTIP ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3001ms
rtt min/avg/max/mdev = 33.537/33.593/33.660/0.049 ms23/12/2017 20:06:59 UTC
TRACEROUTE:
traceroute to MYEXTIP (MYEXTIP), 15 hops max, 60 byte packets
1 Blizzard (Blizzard) 0.746 ms 0.808 ms 0.930 ms
2 * * *
3 137.221.66.8 (137.221.66.8) 2.060 ms 2.141 ms 2.220 ms
4 137.221.69.70 (137.221.69.70) 1.963 ms 1.989 ms 2.014 ms
5 137.221.69.34 (137.221.69.34) 1.690 ms 2.297 ms 2.310 ms
6 * * *
7 * * *
8 * * *
9 192-119-18-202.mci.googlefiber.net (192.119.18.202) 31.505 ms 31.493 ms 31.482 ms
10 192-119-18-186.mci.googlefiber.net (192.119.18.186) 32.280 ms 31.942 ms 31.965 ms
11 ae7.ar02.mci102.googlefiber.net (192.119.17.69) 31.920 ms 31.906 ms 31.952 ms
12 23-255-225-17.mci.googlefiber.net (23.255.225.17) 31.980 ms 31.952 ms 32.224 ms
13 23-255-225-19.mci.googlefiber.net (23.255.225.19) 32.474 ms 32.494 ms 32.464 ms
14 MYEXTIP (MYEXTIP) 33.655 ms 33.520 ms 33.520 ms23/12/2017 20:07:01 UTC
PING:
PING MYEXTIP (MYEXTIP) 56(84) bytes of data.
64 bytes from MYEXTIP: icmp_seq=1 ttl=48 time=33.5 ms
64 bytes from MYEXTIP: icmp_seq=2 ttl=48 time=33.6 ms
64 bytes from MYEXTIP: icmp_seq=3 ttl=48 time=33.5 ms
64 bytes from MYEXTIP: icmp_seq=4 ttl=48 time=33.7 ms--- MYEXTIP ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2998ms
rtt min/avg/max/mdev = 33.519/33.611/33.713/0.081 ms23/12/2017 20:07:03 UTC
MTR:
Start: Sat Dec 23 20:06:53 2017
HOST: Blizzard Loss% Snt Last Avg Best Wrst StDev
1.|-- 24.105.30.2 0.0% 10 10.1 1.8 0.4 10.1 3.0
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- 137.221.66.2 0.0% 10 1.2 1.3 1.1 1.4 0.0
4.|-- 137.221.68.66 0.0% 10 1.4 1.3 1.2 1.4 0.0
5.|-- 137.221.68.32 0.0% 10 1.0 4.9 0.9 29.9 9.4
6.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.023/12/2017 20:06:53 UTC
MTR:
Start: Sat Dec 23 20:06:53 2017
HOST: Blizzard Loss% Snt Last Avg Best Wrst StDev
1.|-- 24.105.30.2 0.0% 10 0.8 0.8 0.5 1.8 0.0
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- 137.221.66.2 0.0% 10 1.1 1.3 1.1 1.4 0.0
4.|-- 137.221.68.66 0.0% 10 1.4 1.6 1.2 4.1 0.7
5.|-- 137.221.68.32 0.0% 10 1.0 1.4 0.9 5.4 1.3
6.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.023/12/2017 20:06:53 UTC
MTR:
Start: Sat Dec 23 20:06:59 2017
HOST: Blizzard Loss% Snt Last Avg Best Wrst StDev
1.|-- Blizzard 0.0% 10 0.5 0.6 0.4 0.8 0.0
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- 137.221.66.8 0.0% 10 2.0 2.0 1.9 2.2 0.0
4.|-- 137.221.69.70 0.0% 10 2.0 1.9 1.9 2.1 0.0
5.|-- 137.221.69.34 0.0% 10 1.7 2.9 1.7 12.8 3.4
6.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
7.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
8.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
9.|-- 192-119-18-202.mci.googlefiber.net 0.0% 10 31.6 31.6 31.5 31.7 0.0
10.|-- 192-119-18-186.mci.googlefiber.net 0.0% 10 32.1 32.1 31.9 32.7 0.0
11.|-- ae7.ar02.mci102.googlefiber.net 0.0% 10 32.0 32.0 31.9 32.3 0.0
12.|-- 23-255-225-17.mci.googlefiber.net 0.0% 10 32.0 32.1 32.0 32.2 0.0
13.|-- 23-255-225-19.mci.googlefiber.net 0.0% 10 32.4 32.5 32.4 32.5 0.0
14.|-- MYEXTIP 0.0% 10 33.7 33.6 33.0 33.8 0.023/12/2017 20:06:58 UTC
MTR:
Start: Sat Dec 23 20:07:00 2017
HOST: Blizzard Loss% Snt Last Avg Best Wrst StDev
1.|-- Blizzard 0.0% 10 0.5 0.6 0.4 0.7 0.0
2.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
3.|-- 137.221.66.8 0.0% 10 2.1 2.1 2.0 2.2 0.0
4.|-- 137.221.69.70 0.0% 10 2.0 2.0 1.9 2.2 0.0
5.|-- 137.221.69.34 0.0% 10 1.9 1.8 1.7 2.0 0.0
6.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
7.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
8.|-- ??? 100.0 10 0.0 0.0 0.0 0.0 0.0
9.|-- 192-119-18-202.mci.googlefiber.net 0.0% 10 31.6 31.6 31.5 31.6 0.0
10.|-- 192-119-18-186.mci.googlefiber.net 0.0% 10 32.0 32.1 32.0 32.3 0.0
11.|-- ae7.ar02.mci102.googlefiber.net 0.0% 10 32.0 32.0 32.0 32.1 0.0
12.|-- 23-255-225-17.mci.googlefiber.net 0.0% 10 32.1 32.1 32.0 32.7 0.0
13.|-- 23-255-225-19.mci.googlefiber.net 0.0% 10 32.5 32.5 32.4 32.5 0.0
14.|-- MYEXTIP 0.0% 10 33.8 33.6 33.5 33.8 0.023/12/2017 20:07:00 UTC
-
Because not every device will respond to traceroute.
Probably more than you want to know about traceroute: https://en.wikipedia.org/wiki/Traceroute
(I still don't see any issues there.)
-
If you want pfsense to show up on a udp traceroute then you have to reject the UDP ports used…. But with Derelict here.. Sure doesn't look like any sort of problem.. 30 something ms looks way lower than that 300-1500 you were stating..
Where are you seeing these numbers... Post a screenshot of these numbers so user here that run wow can help you... I would be more than happy to fire up a trial to just test the latency numbers, etc.
If I knew exactly how your seeing these numbers so I could try and duplicate them so we have apples to apples.. While not on google fiber.. I wish I am using pfsense and have been for really since it came out.. There is nothing that would cause such latency to be added.. Pfsense can not tell packet from your game from packet to websites, or a video packet or a voip packet - they are all just packets that is allows or doesn't allow, etc. It sure doesn't say you know what - let me hold these for 300ms to piss of the game player..
Do a simple sniff on lan and wan at same time via tcpdump - check delay pfsense adds to the packets.. its going to be in the micro seconds..
Here did a simple ping to 8.8.8.8 from lan and sniff on lan and wan at same time.. You can see when my ping hit pfsense lan at 46.907733 and when it left wan at 46.907822 or 89 micro seconds later.. And then you see the answer come back to my host.. .923618 or 15.885 ms later which my ping shows that first ping was 16ms..
The return packet latency was only 0.000035 from the time it hit pfsense wan, to when it was sent out lan to client.. that is 35 micro seconds…
So let us see this sort of sniff with your game traffic going through pfsense and how much latency pfsense ads to this traffic..
-
I to was curious about forwarding latency. This is with NAT and HFSC+Codel
timeout 5 tcpdump -i igb0 -n host 23.255.225.19
timeout 5 tcpdump -i igb1 -n host 23.255.225.19igb1 12:13:22.078057 IP 192.168.1.2 > 23.255.225.19: ICMP echo request, id 33991, seq 1175, length 40
igb0 12:13:22.078071 IP 192.168.101.2 > 23.255.225.19: ICMP echo request, id 25512, seq 1175, length 40 <– 14usigb0 12:13:22.121213 IP 23.255.225.19 > 192.168.101.2: ICMP echo reply, id 25512, seq 1175, length 40
igb1 12:13:22.121226 IP 23.255.225.19 > 192.168.1.2: ICMP echo reply, id 33991, seq 1175, length 40 <-- 13usWhen pinging the LAN interface
HFSC enabled with shaping to 150Mb, my standard
12:38:49.415947 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27900, seq 18212, length 40
12:38:49.415956 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27900, seq 18212, length 40 <-- 9us
12:38:49.415963 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27900, seq 18213, length 40
12:38:49.415972 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27900, seq 18213, length 40 <-- 9us
12:38:49.416269 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27900, seq 18214, length 40
12:38:49.416280 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27900, seq 18214, length 40 <-- 11us
12:38:49.416311 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27900, seq 18215, length 40
12:38:49.416320 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27900, seq 18215, length 40 <-- 9us
12:38:49.416322 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27900, seq 18216, length 40
12:38:49.416332 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27900, seq 18216, length 40 <-- 10us
12:38:49.416334 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27900, seq 18217, length 40
12:38:49.416343 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27900, seq 18217, length 40 <-- 9us
12:38:49.416368 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27900, seq 18218, length 40No shaping enabled on LAN
12:46:40.253820 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27897, seq 34858, length 40
12:46:40.253827 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27897, seq 34858, length 40 <-- 7us
12:46:40.253844 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27897, seq 34859, length 40
12:46:40.253851 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27897, seq 34859, length 40 <-- 7us
12:46:40.253852 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27897, seq 34860, length 40
12:46:40.253859 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27897, seq 34860, length 40 <-- 7us
12:46:40.254158 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27897, seq 34861, length 40
12:46:40.254165 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27897, seq 34861, length 40 <-- 7us
12:46:40.254170 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27897, seq 34862, length 40
12:46:40.254177 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27897, seq 34862, length 40 <-- 7us
12:46:40.254182 IP 192.168.1.2 > 192.168.1.1: ICMP echo request, id 27897, seq 34863, length 40
12:46:40.254189 IP 192.168.1.1 > 192.168.1.2: ICMP echo reply, id 27897, seq 34863, length 40 <-- 7usI should mention that my HP-1810-24G claims 2.3us forwarding latency, so this is within the range of my switch.
P.S. Before you criticize my version number: Uptime 220 Days 16 Hours 11 Minutes 52 Seconds
-
PEBCAK?
-
Just waiting to see OP show us these 300+ms delay Pfsense is adding to the packets as it sends them on..
-
If you want pfsense to show up on a udp traceroute then you have to reject the UDP ports used…. But with Derelict here.. Sure doesn't look like any sort of problem.. 30 something ms looks way lower than that 300-1500 you were stating..
Where are you seeing these numbers... Post a screenshot of these numbers so user here that run wow can help you... I would be more than happy to fire up a trial to just test the latency numbers, etc.
If I knew exactly how your seeing these numbers so I could try and duplicate them so we have apples to apples.. While not on google fiber.. I wish I am using pfsense and have been for really since it came out.. There is nothing that would cause such latency to be added.. Pfsense can not tell packet from your game from packet to websites, or a video packet or a voip packet - they are all just packets that is allows or doesn't allow, etc. It sure doesn't say you know what - let me hold these for 300ms to piss of the game player..
Do a simple sniff on lan and wan at same time via tcpdump - check delay pfsense adds to the packets.. its going to be in the micro seconds..
Here did a simple ping to 8.8.8.8 from lan and sniff on lan and wan at same time.. You can see when my ping hit pfsense lan at 46.907733 and when it left wan at 46.907822 or 89 micro seconds later.. And then you see the answer come back to my host.. .923618 or 15.885 ms later which my ping shows that first ping was 16ms..
The return packet latency was only 0.000035 from the time it hit pfsense wan, to when it was sent out lan to client.. that is 35 micro seconds…
So let us see this sort of sniff with your game traffic going through pfsense and how much latency pfsense ads to this traffic..
And this might be an issue with Gfiber that you might not see, but the Latency I see is in World Of Warcraft….. https://us.battle.net/account/download/ I know you can play for free up to like level 20 but there is an in game latency tracker (ie network status) and for the record currently I'm sitting at 78 ms and I am good with that, but It may change over night for no particular reason.
