Troubleshooting LAN side latency / packet loss issues



  • Hi All,

    Hoping someone has some suggestions on what I may have missed or not thought of with this. I have a PFsense server running on VMware ESXi and I am finding that under it's peak load the LAN side interface has it's latency spike to several seconds then packet loss (presumably just from latency last the wait time default). As near as I can tell it is for near connections / states as traffic totals on the WAN side do not seem to be affected in any visible way.

    Installation details:
    VMware ESXi 5.1
    PFsense 2.3.2 (i386)
    1 Lan / 1 WAN both E1000 emulated
    Captive Portal limiting each user to 1Mbit
    2 VCPU
    3Gb ram (reports an average of < 20% usage)

    Up to 500 active devices (~350 users but phones / tablets / computers add up)
    Total 40 Mbit bandwidth allocated enforced by the Cisco router.

    Only has issues at peak times and state tables show ~30% usage Mbuf I don't recall precisely but I don't remember looking at it and seeing a high value % wise.
    Ping another VM on the same host / vlan has normal response times at the same time as PFsense has high response times.

    My current thoughts are to rebuild as X64 (host is capable but for some reason was not enable at BIOS level) and split wired / wireless clients into 2 interfaces on PFsense but any suggestions for if that does not work would be appreciated.

    Regards
    Simon



  • Well the rebuild was only partially effective seems to have reduced the symptoms but not solved it and still nothing I can see indicates an error.
    Is there a bandwidth limitation from the default setting somewhere as the symptoms to me match with what I see on an overloaded hardware based router?


  • Netgate

    500 Devices and, in particular, 40Mbit/s is just not that much.

    Probably should be looking at your virtual environment instead of the firewall.