[SOLVED] 2.3.1_1 still stops routing traffic every day
-
Hi!
i am still having the issues described here https://forum.pfsense.org/index.php?topic=110710.75 pfsense stops routing traffic every day… if i reboot, everything works again. i have 2 supermicro servers
(8 cores, 32 GB Ram) in version 2.3.1_1 that according to forum administrator cmb should work know, but not in my case... user murmur seems to have the same problem.Firewalls have no load as of now, just new installation... and both have default config everywhere. i am not using IPSec.
There is no error signs anywhere, no error logs, no weird console symptoms...
I have another pair of fws with same hardware in old pfsense version 2.1.5 working as a charm.
any thoughts, please?
-
i am still having the issues described here https://forum.pfsense.org/index.php?topic=110710.75 pfsense stops routing traffic every day… if i reboot, everything works again. i <snip>Firewalls have no load as of now, just new installation... and both have default config everywhere. i am not using IPSec.</snip>
That's precisely why I locked that thread. You're not having that issue, it's fixed. That issue was strictly with IPsec enabled.
The console is still responsive when it stops working? Anything in the system log or logged to the console? What NICs do you have in the system? What tunables if any in loader.conf(.local).
-
@cmb:
i am still having the issues described here https://forum.pfsense.org/index.php?topic=110710.75 pfsense stops routing traffic every day… if i reboot, everything works again. i <snip>Firewalls have no load as of now, just new installation... and both have default config everywhere. i am not using IPSec.</snip>
That's precisely why I locked that thread. You're not having that issue, it's fixed. That issue was strictly with IPsec enabled.
The console is still responsive when it stops working? Anything in the system log or logged to the console? What NICs do you have in the system? What tunables if any in loader.conf(.local).
Hi!
Thanks cmb, yes i know that issue was ipsec related but as symptoms are the same, i thought it could be somehow related.
Servers have 2 interfaces, LAN and WAN and both freeze at he same time. The only way to get in the system is via keyboard console… once insde, top command does not show anything weird... cpu load is near 0% , there is absolutely no error logs anywhere... it seems like if nothing happened... there is no CARP so far between them.
i have tried to stop filtering with pcftl and re-enabling again... no luck.
All configuration files, as the one you mention (loader.conf) have default values (it is a new installation, not an update). This servers do not have real traffic yet. nothing tuned... all by default.
i suspect of any internal cron task process because both hang more or less at the same time! (between 4am and 5am every day) but i have not found anything unusual in logs... no errors, no warnings...
In the network they are installed, there is no production traffic so far.As stated, with the same hardware, version 2.1.5 works perfectly...
-
What type of NICs? You probably need to bump nmbclusters. https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards
-
@cmb:
What type of NICs? You probably need to bump nmbclusters. https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards
Good idea!! i will check values in servers running pfsense 2.1.5 and will set them in new servers…
Thanks Cmb!
Pedreter.
-
Why is it so difficult to get an answer to a simple question like, "What type of NICs?" It was directly asked. Twice.
-
Why is it so difficult to get an answer to a simple question like, "What type of NICs?" It was directly asked. Twice.
Sorry, my fault, i just mentioned i have 2 NICs without more details, please excuse me…
Each server has a Dual Intel i350 GbE card.
-
Just to be sure are they real Intel cards or Chinese knock-offs off eBay?
-
Just to be sure are they real Intel cards or Chinese knock-offs off eBay?
Unless Supermicro has cheated me, they are Genuine Intel cards! ( https://www.supermicro.nl/products/system/3U/5039/SYS-5039MS-H12TRF.cfm ) bought from a Supermicro authorized reseller.
GbE models are not in this doc https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards but….
-
Just to be sure are they real Intel cards or Chinese knock-offs off eBay?
Unless Supermicro has cheated me, they are Genuine Intel cards! ( https://www.supermicro.nl/products/system/3U/5039/SYS-5039MS-H12TRF.cfm ) bought from a Supermicro authorized reseller.
GbE models are not in this doc https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards but….
i350s are presenting with the igb driver, right? It's a multi-port card right?
Isn't this section speaking directly to you? https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards#Intel_igb.284.29_and_em.284.29_Cards
-
Just to be sure are they real Intel cards or Chinese knock-offs off eBay?
Unless Supermicro has cheated me, they are Genuine Intel cards! ( https://www.supermicro.nl/products/system/3U/5039/SYS-5039MS-H12TRF.cfm ) bought from a Supermicro authorized reseller.
GbE models are not in this doc https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards but….
i350s are presenting with the igb driver, right? It's a multi-port card right?
Isn't this section speaking directly to you? https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards#Intel_igb.284.29_and_em.284.29_Cards
Yes, you are right… i have applied recommendations an let's see...
Thanks for your time (and patience) on Sunday...
Pedreter.
-
SOLVED!
HI! more than 3 days without a hang now! Thanks cmb… you were right! nmblclusters issue!
Pedreter.
-
Glad that worked.
