Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Delay on ping to firewall

    General pfSense Questions
    3
    6
    1214
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      c4bcons last edited by

      Hi, I have a new, Netgate SG-4860, generally it's working well but there is a latency issue.  the symptoms are that, if you enter a url when browsing or using youtube, sometimes it will time out, the browser's error message will appear and then the url will resolve and all is well.  You can see evidence of this in the ping test to the firewall (192.168.4.1) below.  The first one says unreachable, then suddenly I have a series of responses.  The second group shows continuous responses around 3ms then up to 100, 200 or 300 plus.

      Does anyone have any thoughts as to why this is happening?

      Thank you

      temple@DaddylaptopKubuntu:~$ ping 192.168.4.1
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
From 192.168.4.8 icmp_seq=1 Destination Host Unreachable
From 192.168.4.8 icmp_seq=2 Destination Host Unreachable
From 192.168.4.8 icmp_seq=3 Destination Host Unreachable
64 bytes from 192.168.4.1: icmp_seq=4 ttl=64 time=379 ms
64 bytes from 192.168.4.1: icmp_seq=5 ttl=64 time=2.20 ms
64 bytes from 192.168.4.1: icmp_seq=6 ttl=64 time=2.31 ms
64 bytes from 192.168.4.1: icmp_seq=7 ttl=64 time=2.82 ms
64 bytes from 192.168.4.1: icmp_seq=8 ttl=64 time=5.52 ms
64 bytes from 192.168.4.1: icmp_seq=9 ttl=64 time=2.81 ms
^C
--- 192.168.4.1 ping statistics ---
9 packets transmitted, 6 received, +3 errors, 33% packet loss, time 8022ms
rtt min/avg/max/mdev = 2.205/65.905/379.746/140.358 ms, pipe 3
temple@DaddylaptopKubuntu:~$ ping 192.168.4.1
PING 192.168.4.1 (192.168.4.1) 56(84) bytes of data.
64 bytes from 192.168.4.1: icmp_seq=1 ttl=64 time=2.64 ms
64 bytes from 192.168.4.1: icmp_seq=2 ttl=64 time=2.85 ms
64 bytes from 192.168.4.1: icmp_seq=3 ttl=64 time=127 ms
64 bytes from 192.168.4.1: icmp_seq=4 ttl=64 time=2.20 ms
64 bytes from 192.168.4.1: icmp_seq=5 ttl=64 time=2.73 ms
64 bytes from 192.168.4.1: icmp_seq=6 ttl=64 time=2.66 ms
64 bytes from 192.168.4.1: icmp_seq=7 ttl=64 time=2.75 ms
64 bytes from 192.168.4.1: icmp_seq=8 ttl=64 time=336 ms
64 bytes from 192.168.4.1: icmp_seq=9 ttl=64 time=2.72 ms
64 bytes from 192.168.4.1: icmp_seq=10 ttl=64 time=3.56 ms
64 bytes from 192.168.4.1: icmp_seq=11 ttl=64 time=5.23 ms
64 bytes from 192.168.4.1: icmp_seq=12 ttl=64 time=2.55 ms
64 bytes from 192.168.4.1: icmp_seq=13 ttl=64 time=149 ms
64 bytes from 192.168.4.1: icmp_seq=14 ttl=64 time=2.72 ms
64 bytes from 192.168.4.1: icmp_seq=15 ttl=64 time=2.63 ms
64 bytes from 192.168.4.1: icmp_seq=16 ttl=64 time=6.75 ms
64 bytes from 192.168.4.1: icmp_seq=17 ttl=64 time=2.72 ms
64 bytes from 192.168.4.1: icmp_seq=18 ttl=64 time=230 ms
64 bytes from 192.168.4.1: icmp_seq=19 ttl=64 time=2.68 ms
64 bytes from 192.168.4.1: icmp_seq=20 ttl=64 time=5.37 ms
64 bytes from 192.168.4.1: icmp_seq=21 ttl=64 time=8.51 ms
64 bytes from 192.168.4.1: icmp_seq=22 ttl=64 time=5.89 ms
64 bytes from 192.168.4.1: icmp_seq=23 ttl=64 time=257 ms
64 bytes from 192.168.4.1: icmp_seq=24 ttl=64 time=100 ms
64 bytes from 192.168.4.1: icmp_seq=25 ttl=64 time=2.67 ms
64 bytes from 192.168.4.1: icmp_seq=26 ttl=64 time=2.61 ms
64 bytes from 192.168.4.1: icmp_seq=27 ttl=64 time=4.92 ms
64 bytes from 192.168.4.1: icmp_seq=28 ttl=64 time=350 ms
64 bytes from 192.168.4.1: icmp_seq=29 ttl=64 time=2.82 ms
64 bytes from 192.168.4.1: icmp_seq=30 ttl=64 time=2.02 ms
64 bytes from 192.168.4.1: icmp_seq=31 ttl=64 time=2.67 ms
64 bytes from 192.168.4.1: icmp_seq=32 ttl=64 time=2.69 ms
^C
--- 192.168.4.1 ping statistics ---
32 packets transmitted, 32 received, 0% packet loss, time 31052ms
rtt min/avg/max/mdev = 2.026/51.268/350.439/100.099 ms
temple@DaddylaptopKubuntu:~$
      1 Reply Last reply Reply Quote 0
      • H
        Harvy66 last edited by

        Are you using Squid? What's your system activity look like during these?

        1 Reply Last reply Reply Quote 0
        • C
          c4bcons last edited by

          thank you Harvy66 - afaik I'm not using squid and I don't know what it is.  I'm using OpenDNS 208.67.222.222 and 208.67.220.220 - but the ping isn't going as far as the DNS anyway.

          1 Reply Last reply Reply Quote 0
          • C
            c4bcons last edited by

            well, I've found out what Squid is and it's installed on the firewall now … let's see if there's an improvement

            1 Reply Last reply Reply Quote 0
            • Derelict
              Derelict LAYER 8 Netgate last edited by

              He wasn't telling you to install it he was asking if you had it because it might be a contributing factor.

              What is 192.168.4.8?

              Packet capture ICMP on the 192.168.4.1 interface and see if the delay is there or somewhere else.

              Chattanooga, Tennessee, USA
              The pfSense Book is free of charge!
              DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
              Do Not Chat For Help! NO_WAN_EGRESS(TM)

              1 Reply Last reply Reply Quote 0
              • C
                c4bcons last edited by

                Thanks Mr. Derelict - that was shutting the gate after the herd of cattle had bolted  :)

                The Squd thingy seems to be working fine … I've deliberately taken a step backwards and I'm using a single AP now.  I'll close this thread now and I'm going to ask some more questions in the wireless forum.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post