Pfsense Struggling big time.
-
Howdy, I have no idea where to check to find out why its struggling. As soon as I start deulge on my media pc the whole internet goes down for about 2 minutes than everyone else on the network as mega mega slow internet. sometimes pages do not even load, youtube changes from 1080 to 360 and buffers every second. Ive checked the CPU and Ram and fine there not full etc…
Any ideas sorry for the lack of info I can give as much info and you need.
Also everything is cat 6 leads and all nics are 1GB
Thanks
Ps. okay forget to add my plugins
Snort
PFblocker
squid
lcd driverIve removed everytone one by one till I had nothing and its the same
(also did a clean install of pfsense and was also the same. -
@Darkvodka34:
Also everything is cat 6 leads and all nics are 1GB
Are your NICs actually running at 1 Gbit/sec and in sync (duplex-wise) with your upstream switch, cable modem or other ISP device? Based on your problem description, the first place to start looking for the trouble is with the physical link layer. Replace cables first and verify that both ends of the connections to the firewall are both speaking the same duplex language (full or half) and the negotiated speeds are the same. 99% of the time this kind of issue is due to a duplex mismatch where two hardware devices can't negotiate properly. Either one is hard-coded and one is in auto, or they just can't agree on the setting. If the latter is the case, you would need to manually force a duplex setting on each end of the connection.
Bill
-
You're saying that when you start your bittorrent client, you get bad network performance? In other words, when you start up an app that is famous for saturating networks, suddenly your network starts performing poorly?
What is your bandwidth capacity, and what is Deluge doing? What does traffic graph show?
-
@Darkvodka34:
Also everything is cat 6 leads and all nics are 1GB
Are your NICs actually running at 1 Gbit/sec and in sync (duplex-wise) with your upstream switch, cable modem or other ISP device? Based on your problem description, the first place to start looking for the trouble is with the physical link layer. Replace cables first and verify that both ends of the connections to the firewall are both speaking the same duplex language (full or half) and the negotiated speeds are the same. 99% of the time this kind of issue is due to a duplex mismatch where two hardware devices can't negotiate properly. Either one is hard-coded and one is in auto, or they just can't agree on the setting. If the latter is the case, you would need to manually force a duplex setting on each end of the connection.
Bill
well on pfsense I see this
1000baseT <full-duplex>On my media center it must be 1000 also as I have had speeds of 350-400 mb when I have single torrent on (ubuntu)
its only happens when there are alot of torrents.</full-duplex> -
@KOM:
You're saying that when you start your bittorrent client, you get bad network performance? In other words, when you start up an app that is famous for saturating networks, suddenly your network starts performing poorly?
What is your bandwidth capacity, and what is Deluge doing? What does traffic graph show?
Is bandwidth is unlimited I have no limits my speed is 350mb and 100mb up
The traffic graph on single torrent is max when there is alot on its goes down.
Sometimes it will work fine maybe 10% of the time -
Perhaps you need to look into some traffic shaping so that your torrent app doesn't kill your network.
-
@KOM:
Perhaps you need to look into some traffic shaping so that your torrent app doesn't kill your network.
Guess ill have to look into that. Could it be the hardrive in the pfsense box its not great
-
Not likely. It's not like it writes every packet to disk. Check your System log for CAM Status errors if you suspect disk problems.
Think about it. If you run an app that sucks up all your bandwidth, then everyone else on your network is going to have a bad day.
-
@KOM:
Not likely. It's not like it writes every packet to disk. Check your System log for CAM Status errors if you suspect disk problems.
Think about it. If you run an app that sucks up all your bandwidth, then everyone else on your network is going to have a bad day.
Yea I do get that, its just odd that if I remove pfsense and just use a router I don't have the problems.
-
if I remove pfsense and just use a router I don't have the problems.
This information would have been nice to know much earlier in this thread. While I can't speak for your other router, you need to find the source of your issue. You said your link is 350/100? When you are having these issues, how saturated is your pipe? Is it mainly download traffic or are you mainly seeding? How full is your state table? Anything in your System log? What happens if you turn off Snort and pfBlockerNG which are two notoriously heavy packages?
-
@KOM:
if I remove pfsense and just use a router I don't have the problems.
This information would have been nice to know much earlier in this thread. While I can't speak for your other router, you need to find the source of your issue. You said your link is 350/100? When you are having these issues, how saturated is your pipe? Is it mainly download traffic or are you mainly seeding? How full is your state table? Anything in your System log? What happens if you turn off Snort and pfBlockerNG which are two notoriously heavy packages?
Sorry yea I should of said that at the start.
The main leeching seeding is done on my other server (which is not on this network)saturated pipe? sorry no idea what that means.
State table? no clue ill see if I can find something on pfsense for that ( from what I can see is there is lots if its (Diagnostics-States-States)
snort and pfblocker off deleted clean isntall still do the same.
I can;t seem to find where the logs are ill look -
I was about to create a thread but luckily found this thread.
I am facing this same issue. Someone help me please. -
saturated pipe?
That's another way of saying you're using all of your bandwidth.
The main leeching seeding is done on my other server (which is not on this network)
Is it using pfSense as its gateway?
State table? no clue ill see if I can find something on pfsense
Look on the dashboard for the System Information widget which has a section titled State table size.
I can;t seem to find where the logs are ill look
Status - System logs.
-
I dunno why you are looking north when the problem is south.
Bandwidth Saturation is common in every installation, not unique to pFsense, and on your first post u disclose starting this deluge thing on the media PC does it, so THAT is your problem.
When an App takes up all available bandwidth, the network is not smart enough, by default, to say, hold it, I got other clients to service so u can't have the whole "pipe." Fortunately you have the power to change this. Pfsense solution is: TRAFFIC SHAPER.
-
Bandwidth Saturation is common in every installation, not unique to pFsense
He said that the problem goes away if he swaps out pfSense for a consumer-grade router.
-
That's another way of saying you're using all of your bandwidth.
Not really thought I would says its alot of connections if that means anything
Is it using pfSense as its gateway?
No its not even in my house.
Look on the dashboard for the System Information widget which has a section titled State table size.
1% (3423/401000) with deluge off
5% (21722/401000) with it onStatus - System logs.
I see this every few lines
Apr 5 10:22:09 check_reload_status updating dyndns WAN_DHCP
Apr 5 10:22:09 check_reload_status Restarting ipsec tunnels
Apr 5 10:22:09 check_reload_status Restarting OpenVPN tunnels/interfaces
Apr 5 10:22:09 check_reload_status Reloading filter
Apr 5 10:25:24 rc.gateway_alarm 20213 >>> Gateway alarm: WAN_DHCP (Addr:81.107.216.1 Alarm:1 RTT:87812ms RTTsd:49587ms Loss:21%)He said that the problem goes away if he swaps out pfSense for a consumer-grade router.
Well its better other computers don't drop but do run slow
-
It's possible the consumer grade router is so limited that it is unable to saturate the internet connection or a limited number of states.
I actually had the inverse issue. I went from a 60/3 cable connection to a 50/50 dedicated fiber connection and when downloading torrents, I found that my Netgear suddenly started to puke. I had to limit the number of connections my torrent client could make to keep it from dying. But prior to fiber, I could use torrent just fine.
-
It's possible the consumer grade router is so limited that it is unable to saturate the internet connection or a limited number of states.
I actually had the inverse issue. I went from a 60/3 cable connection to a 50/50 dedicated fiber connection and when downloading torrents, I found that my Netgear suddenly started to puke. I had to limit the number of connections my torrent client could make to keep it from dying. But prior to fiber, I could use torrent just fine.
Seems to be the other way around for me pal.
-
Apr 5 10:25:24 rc.gateway_alarm 20213 >>> Gateway alarm: WAN_DHCP (Addr:81.107.216.1 Alarm:1 RTT:87812ms RTTsd:49587ms Loss:21%)
This isn't good. pfSense gateway quality detection thinks your WAN is really flaky. What does it say under Status - Gateways?
-
@KOM:
Apr 5 10:25:24 rc.gateway_alarm 20213 >>> Gateway alarm: WAN_DHCP (Addr:81.107.216.1 Alarm:1 RTT:87812ms RTTsd:49587ms Loss:21%)
This isn't good. pfSense gateway quality detection thinks your WAN is really flaky. What does it say under Status - Gateways?
WAN_DHCP 81.107* 81.107* 12.19ms 4.111ms 0.0% Online Interface WAN_DHCP Gateway
WAN_DHCP6 fe80::201:5cff:fe80:1447 Pending Pending Pending Pending Interface WAN_DHCP6 Gateway
with deluge offOn
WAN_DHCP 81.107.* 81.107* 598.681ms 216.247ms 38% Offline Interface WAN_DHCP Gateway
WAN_DHCP6 fe80::201:5cff:fe80:1447 Pending Pending Pending Pending Interface WAN_DHCP6 Gateway
