Double counting of WAN out traffic?
-
@johnpoz Sorry that I am unable to explain the problem clearly.
- The problem exists only for outbound traffic of the WAN interface.
- The graph shows traffic that is clearly twice what shown on the LAN side
- It is also twice the traffic shown in the results of the speed test.
- It is also twice the traffic shown in the interface for the speed test connection.
- LAN Inbound traffic is the same as traffic shown in the speed test and also the same as shown for connection to speed test server.
- We have three different sources in agreement. So, we can assume the number is tight, but the graph of WAN outbound traffic shows twice this number.
- So my conclusion is that the graph of outbound traffic is wrong.
I am attaching once more a screenshot showing what I said above.
-
@teamits
@stepanov1975 to be clearer, are you saying you have a 5 Mbps upload and should not be able to get 9-10? Because that's what I saw in my thread, with the traffic shaper queue numbers.
This is also right. But I am actually saying something different.
I am saying that I can check connection speed in three different places (other than the graph), and all sources agree, but the graph shows twice the speed. -
@stepanov1975 Just brainstorming, do you have Snort or Suricata running? Or traffic shaping?
-
@teamits Triaffic shaping
-
@stepanov1975 said in Double counting of WAN out traffic?:
Triaffic shaping
Interesting. Can you check the bandwidth on the root queue on Status/Queues page as well, per https://forum.netgate.com/topic/157564/bandwidth-usage-shown-on-queue-status-page-is-wrong ? I can do more tests on the traffic graph later but I duplicated that doubled-bandwidth problem on four routers yesterday.
-
@teamits said in Double counting of WAN out traffic?:
Are you saying the traffic graph is expected to sometimes show 9.6 Mbps even though the connection speed is lower?
No not with a flat line like that.. But with instantaneous numbers you could for sure see different numbers that what you get for an average..
That instant number you see in the traffic graph can for sure be misleading to what your actually moving on an average..
For example - my plex is serving up some data via streams
you can see its bursty... And dending how you have your graphs set for when they sample, how they smooth you can see different values..
That instantaneous value you see in the traffic graph, wouldn't say that is all that exact to be honest if you looking to what the bandwidth move is over /time, etc..
I am not using any queues or shaping.. And the graphs show exactly what I would expect to see.. Not double that is for sure..
So what I am saying is I am unable to duplicate your problem no matter what graphs I look at.
Best testing method would be to generate some very stable traffic flow - iperf for example set with specific bandwidth setting so you could move say 50mbps stable for extended period... Then what does your values show.. Keep in mind best time to test this would be with nothing else on the network that could create traffic.
edit: More examples of variables.. And instantaneous readings..
No smoothing, max smoothing - instant values being shown vs what the graph shows.
I can not really do a stable iperf3 tests right now... because I have lots of stuff going on, and users streaming videos..
-
I started a 4 GB upload to observe. I understand traffic is a point in time measurement that will vary up and down, but for a max upload it should be reasonably consistent, and not double the connection speed.
For me the traffic graph WAN Out hovered around 13-15 Mbps (which would be normal), and the Status/Queues/Interface WAN/root queue ranged from 26-30 Mbps as I observed in my thread (double the connection speed). That's consistent with what I saw on all four routers yesterday, I just wasn't looking at the traffic graph specifically.
So it seems like OP and I have a similar sounding symptom but they are not the same.
-
@teamits I have PRIQ so, no root queue :(
-
@johnpoz Ok. I did a long upload test. Is good enough to see the traffic doubling?
-
This has been hit a number of times in the past so there are a few redmine bugs for it but I don't think there is one open currently for 2.4.5p1.
There is this for 2.5 where you have VLANs in use:
https://redmine.pfsense.org/issues/10852I am unable to replicate this on 2.4.5p1 here though:
That's on an SG-3100 with direct WAN LAN mvneta interfaces. No VLANs, no PPP, no VPNs.
It must be something specific to your setup. Can you give us more details about it?
Steve
-
@stepanov1975 Yeah that is great - no disputing that for sure ;)
But I'm with @stephenw10 I can not duplicate this on 2.4.5p1.. If you are using some sort of queues or limiters or the like... Can you turn those off, and then duplicate your test above?
Also I take that is showing Bytes, does it do the same if your set for bits?
edit: Yeah just not seeing such an issue... Here I got someone streaming off my plex, so its very spikey traffic flow... But you can see they are mirrors, and values match both using the bit scale and the bytes scale
on a side not - it would be nice if the graph listed the scale it was using ;)
-
@johnpoz said in Double counting of WAN out traffic?:
queues or limiters or the like... Can you turn those off
I was just going to post that. https://docs.netgate.com/pfsense/en/latest/trafficshaper/advanced.html#removing-traffic-shaper-settings. If you make a backup you can just restore the backup afterwards to get them back.
If I remove the shaper then I can't see the queue status so my issue would "go away." :)
His post yesterday with the hand drawn circles is in bits...status/traffic graph I don't think has a choice?
-
Yeah I don't think you can set the scale in the traffic graph section under status, only in the widget..
-
@stephenw10 I actually have PPPoE.
It is, of cause, expected that you can not reproduce this problem. Most of the bugs appear under the specific non-default conditions. This is because default and commonly used conditions tested before release. -
Bump as I'm also seeing this. Had it in 2.4, still happening in 2.5.
Wan is PPPoE. Outbound WAN traffic appears double in the traffic graph and in the value of ifOutOctets by SNMP. (Both compared to the interface on pfSense that the traffic is flowing to, and the traffic graphs generated by my ISP.) Inbound WAN traffic and all the other interfaces are unaffected.(I've been working around this in a script that collects SNMP data by dividing the value by two.)
-
I see the problem as well on 2.5.1.
I use PPPoE on VLAN tagged port with traffic shaping.
The WAN interface shows 22M during a speed test, which report 11M.
The DSLMODEM interface, where the DSL modem is connected, shows 11M upload at the same time, which is in line with my maximum upload speed as reported by the DSL modem.
When I remove the traffic shaping then the doubled upload bandwidth display on WAN goes away. -
Do you still see that in 2.6?
-
Yep, still happening for me in 2.6
-
Are you also running traffic shaping on the WAN?
-
Yes I am.
