Pfsense Struggling big time.

Harvy66

It's possible the consumer grade router is so limited that it is unable to saturate the internet connection or a limited number of states.

I actually had the inverse issue. I went from a 60/3 cable connection to a 50/50 dedicated fiber connection and when downloading torrents, I found that my Netgear suddenly started to puke. I had to limit the number of connections my torrent client could make to keep it from dying. But prior to fiber, I could use torrent just fine.

x2rl

@Harvy66:

It's possible the consumer grade router is so limited that it is unable to saturate the internet connection or a limited number of states.

I actually had the inverse issue. I went from a 60/3 cable connection to a 50/50 dedicated fiber connection and when downloading torrents, I found that my Netgear suddenly started to puke. I had to limit the number of connections my torrent client could make to keep it from dying. But prior to fiber, I could use torrent just fine.

Seems to be the other way around for me pal.

KOM

Apr 5 10:25:24  rc.gateway_alarm  20213  >>> Gateway alarm: WAN_DHCP (Addr:81.107.216.1 Alarm:1 RTT:87812ms RTTsd:49587ms Loss:21%)

This isn't good.  pfSense gateway quality detection thinks your WAN is really flaky.  What does it say under Status - Gateways?

x2rl

@KOM:

Apr 5 10:25:24  rc.gateway_alarm  20213  >>> Gateway alarm: WAN_DHCP (Addr:81.107.216.1 Alarm:1 RTT:87812ms RTTsd:49587ms Loss:21%)

This isn't good.  pfSense gateway quality detection thinks your WAN is really flaky.  What does it say under Status - Gateways?

WAN_DHCP 81.107* 81.107* 12.19ms 4.111ms 0.0% Online Interface WAN_DHCP Gateway
WAN_DHCP6 fe80::201:5cff:fe80:1447 Pending Pending Pending Pending Interface WAN_DHCP6 Gateway
with deluge off

On

WAN_DHCP 81.107.* 81.107* 598.681ms 216.247ms 38% Offline Interface WAN_DHCP Gateway
WAN_DHCP6 fe80::201:5cff:fe80:1447 Pending Pending Pending Pending Interface WAN_DHCP6 Gateway

KOM

Try going to System - Routing - Gateways.  Edit your gateway and check the Disable Gateway Monitoring checkbox and try again.  It seems that your torrent app is filling your pipe to the point that the upstream monitor thinks your link is dying.

x2rl

@KOM:

Try going to System - Routing - Gateways.  Edit your gateway and check the Disable Gateway Monitoring checkbox and try again.  It seems that your torrent app is filling your pipe to the point that the upstream monitor thinks your link is dying.

Seems to be the same Kom. Thanks again for the help.

Jailer

Hmmm, crapping out under heavy traffic. What hardware is pfsense installed on?

I'm betting there's a Realtek NIC in there.

x2rl

@Jailer:

Hmmm, crapping out under heavy traffic. What hardware is pfsense installed on?

I'm betting there's a Realtek NIC in there.

Smoothwall SWG700 I think its called

SammyWoo

@KOM:

This isn't good.  pfSense gateway quality detection thinks your WAN is really flaky.  What does it say under Status - Gateways?

Flaky or stuffed to the gill.

KOM

While we may never get to the bottom of your actual issue, you would still be best served by some traffic shaping so that your torrent traffic doesn't hog all your bandwidth.

x2rl

@KOM:

While we may never get to the bottom of your actual issue, you would still be best served by some traffic shaping so that your torrent traffic doesn't hog all your bandwidth.

Thanks is there some kind of guide on how you do this which you know of KOM

KOM

Traffic shaping is probably THE hardest element of pfSense to figure out.  Try:

https://www.youtube.com/watch?v=it_5xvC28vs

https://www.youtube.com/watch?v=rF46PNid1Mo

bartkowski

@KOM:

Traffic shaping is probably THE hardest element of pfSense to figure out.  Try:

https://www.youtube.com/watch?v=it_5xvC28vs

https://www.youtube.com/watch?v=rF46PNid1Mo

and this Darkvodka34 https://forum.pfsense.org/index.php?topic=126637.0 for general discussion, and this for message highlighting what to do.

SammyWoo

@Darkvodka34:

Thanks is there some kind of guide on how you do this which you know of KOM

I suggest save your conf, then turn on Traffic Shaper and see what it does, always can revert back by restoring conf.

If you use the Traffic Shaper's Wizard, it guides you through pages, and on the second page I believe, it presents you with common scenarios you want to deal with and one of them is ta-da, peer-to-peer protocol, u can simply ENABLE it and give it LOW Priority and see what happens.

In Cisco-land, Traffic Shaper is called Priority Queuing, which is a term simpler to understand what it's doing underneath.

In Traffic Shaper, a service sits on the WAN port controlling the uploads.  a second service sits on the LAN port controlling the downloads.

The gists of it is, rather than letting traffic pass though these ports as they come, the TS services hold the packets on queues (or buffer if u prefer), each queue has a priority label, another service takes the packets from the queues and shoot them out the interface. The highest priority queue gets serviced more often than the lower queues.  Think of a traffic cop sitting at a intersection and letting go of the commuter lane for 1 minute, while let go of the next passenger lane only for 15 seconds.  This way the packets flow is controlled, giving a chance for everybody to go through, eventually.

Well there is more to it, if you really get into it, but last paragraph is the gist and I hope easy to understand.

Bottom line is, without flow control, an app, in this case peer-to-peer often takes over and everybody else get stuck/freeze.

Don't know why your consumer grade box works, it could be just a coincidence. There is the possibility that it came with QOS (another Traffic Shaper term) turned on.  Lots of consumer boxes these days come with a variety versions of QOS, in part to deal with VOIP.

A Former User

Your ISP obviously prefers ipv4. For now I would turn ipv6 off. That Gateway pending, pending would bug me. Waste of packets.
With your ISP speeds your network seems to be slow or buggy from some of your replies here.
"Well its better other computers don't drop but do run slow".
Do you try to limit the seeding at all and to be clear your pfsense has direct line to ISP (no modem in front) correct. 21% loss not good.
Your WAN has adjustable pre-set timings in DHCP Client Configuration under Interfaces/WAN.
Maybe try spoofing your MAC on the PfSense to what the consumer MAC is. Heck could be many things.
I would put your ISP unit back and log in and go over what settings it may have that you may have missed, and if you can look at any logs that unit has that could help you figure out things.

Traffic shaping is great but do not forget the elephant in the room. Your Gateway link is crashing.
It may have a problem PfSense is just making more obvious.
https://www.dslreports.com/ Good info here also.

x2rl

Update I turned off Ipv6 and Enabled UPnP & NAT-PMP allow 40000-41000 10.0.0.52/24 40000-41000

Boom all working like it used to :) Odd right?

Thanks again to all.

SammyWoo

Well u must made those changes for a reason, hey as long as it works.

A Former User

Odd it is then.  ;)

x2rl

Nope seen to work fine for about 2 hours now back to how it was before. :(

x2rl

@webtyro:

Your ISP obviously prefers ipv4. For now I would turn ipv6 off. That Gateway pending, pending would bug me. Waste of packets.
With your ISP speeds your network seems to be slow or buggy from some of your replies here.
"Well its better other computers don't drop but do run slow".
Do you try to limit the seeding at all and to be clear your pfsense has direct line to ISP (no modem in front) correct. 21% loss not good.
Your WAN has adjustable pre-set timings in DHCP Client Configuration under Interfaces/WAN.
Maybe try spoofing your MAC on the PfSense to what the consumer MAC is. Heck could be many things.
I would put your ISP unit back and log in and go over what settings it may have that you may have missed, and if you can look at any logs that unit has that could help you figure out things.

Traffic shaping is great but do not forget the elephant in the room. Your Gateway link is crashing.
It may have a problem PfSense is just making more obvious.
https://www.dslreports.com/ Good info here also.

Ive turned of Ipv6

There are no settings on my modem when in "modem mode" Virgin media for you.

Clone the modem mac? sorry not sure what you mean

looks like I may need traffic shaping :/