Pfsense sync-traffic exploded after update
-
We have a pretty large pfsense installation.
After updating to 2.3.4 the sync-traffic raised on a lot of systems from a few Mbit/s to a hundert Mbit/s,
with even worse, sometimes connections are stalled due to sync-traffic problems.The traffic profile is still the same (a few Gbit/s of traffic through the system).
Has anybody seen the same effect ?
Are there any way to reduce the sync traffic (e.g. patch default to sloppy)?
-
You've left out an important detail: What version were you on before?
Also, how busy is the firewall? Ballpark figures for throughput, active connections, connections/sec if you know it.
-
We have noticed the change at several systems:
One Example:
8 vcpus Intel(R) Xeon(R) CPU E5-2697 v3 @ 2.60GHz 8 CPUs: 8 package(s) x 1 core(s)
Version used before: 2.3.3-RELEASE-p1
Throughput: 1 - 2 Gbit/s
States < 10k
Conns/s < 100We have changed several parameters (virtual-infrastructure, hw-firmware, and pfsense-update)
We noticed that sync traffic is reaching 10% of WAN-Traffic which is a real huge increase.
I have attached two files (after_update is the sync-traffic, wan_traffic is the wan traffic).At time our solution is to turn sync off. I have also noticed that high traffic
rates ( > 4 Gbit/s) are only achivable with sync turned off.
