Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    HA: Slow web interface on backup node

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    3 Posts 2 Posters 577 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 1
      15wDDw
      last edited by

      Hey Forum,

      We're running a HA cluster of two XG-7100, pfsense version 2.4.4-RELEASE-p3, everything is working fine from a networking perspective - but I'm having an issue with the web interface and ssh connection.

      The connection via web-interface to the master-firewall works fine. But the backup-node has some issues:

      • Login-page loads well, login works

      • After login, everything is slow as hell. Opening pages (either by menue or with a link) takes minutes and fails often, it just stops loading. Today, I updated the pfblocker package. The package updated fine, but the webinterface stopped responding after a few seconds and never recovered.

      • Another time, i needed about 40 minutes for the simple task of downloading the current configuration. I think you get how slow it is.

      • Sometimes, I am able to restore responsiveness by connecting via http://xxx.xxx.xxx.xxx:80 (which redirects to https). But this does just help for a minute or so.

      • Disabling HTTPS and enabling http only makes the problems even worse.

      • When accessing the Firewall via SSH the same pattern is observable. Login works fine, but then it get's slow. It'll run into an connection loss after a very short time - i never managed to run more than one command.

      • When changing the active firewall (e.g. by temporarily disabling CARP) the issues are transferred as well. The former master has the issues and on the former backup node the problems are gone.

      Has anyone a idea what could cause these issues or where i have to search for the cause?

      Thanks in advance for your replies. If you need more details, just ask.
      Kind regards, Al

      1 Reply Last reply Reply Quote 0
      • H
        harjeet
        last edited by

        Are you using vlan?
        If so, than try to login through vlan ip of slave node.

        1 Reply Last reply Reply Quote 1
        • 1
          15wDDw
          last edited by

          Thanks for your reply!

          We are using mutliple VLANS and the access of the Firewall was only allowed via their management VLAN. As soon as i created a rule to allow access via the IP of the Interface of the VLAN I'm connected to it worked fine.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.