4. Pfsense sync-traffic exploded after update

Pfsense sync-traffic exploded after update

  • F

    We have a pretty large pfsense installation.

    After updating to 2.3.4 the sync-traffic raised on a lot of systems from a few Mbit/s to a hundert Mbit/s,
    with even worse, sometimes connections are stalled due to sync-traffic problems.

    The traffic profile is still the same (a few Gbit/s of traffic through the system).

    Has anybody seen the same effect ?
    Are there any way to reduce the sync traffic (e.g. patch default to sloppy)?

    0
  • Rebel Alliance Developer Netgate

    You've left out an important detail: What version were you on before?

    Also, how busy is the firewall? Ballpark figures for throughput, active connections, connections/sec if you know it.

    0
  • F

    We have noticed the change at several systems:

    One Example:
    8 vcpus Intel(R) Xeon(R) CPU E5-2697 v3 @ 2.60GHz 8 CPUs: 8 package(s) x 1 core(s)
    Version used before:  2.3.3-RELEASE-p1
    Throughput: 1 - 2 Gbit/s
    States < 10k
    Conns/s < 100

    We have changed several parameters (virtual-infrastructure, hw-firmware, and pfsense-update)

    We noticed that sync traffic is reaching 10% of WAN-Traffic which is a real huge increase.
    I have attached two files (after_update is the sync-traffic, wan_traffic is the wan traffic).

    At time our solution is to turn sync off. I have also noticed that high traffic
    rates ( > 4 Gbit/s) are only achivable with sync turned off.




    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy