Weird issue with large files

mewsense

Here's my network setup.

Whenever I copy a large file, say over 50 GB from the 10.0.0.0 network to the 10.0.1.0 network, my WAN modem drops internet and reboots itself. As far as I can tell, pfsense router SG-1000 seems OK during this process. Any ideas on what causes it and how to fix?

johnpoz

So pfsense is going to be pinging the gateway every second.. And when packet loss or response time goes up to a point. pfsense will think gateway is offline and reset connections (unless you turned off that feature).

Your not running any of these vlans over your wan connection are you? All your vlans are on your LAN interface? or do you have some running on the wan physical interface? And I do believe the interfaces on the sg1000 are actual just switched interfaces so yeah you could be running into issues with saturating your checks to the wan?

Keep an eye on the latency and packetloss to the wan when your moving the large amount of data..

mewsense

Yes I think that's what's happening. It's so bad that I can't access pfSense during the file copy. After checking the logs it looks like the VLAN2 interface gets reset as well. I'm seeing this:

send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 0 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr 10.0.3.4 bind_addr 10.0.3.1 identifier "LABGW "

Do I need better hardware for running large file copies across VLANs with pfSense? Or should I just disable the pinger? How to disable the pinger?

Thanks.

johnpoz

You don't have to disable the pinger... Just set it so it doesn't reset states on loss of gateway.

What interfaces do you have the vlan setup on pfsense - on the wan interface, just the lan?

You could also set your gateway to be always UP.

mewsense

Thanks, there are no VLANs on the WAN interface.

I can't find your top screenshot. Where is it in pfSense? I'll configure that and then try another large file copy and see what happens.

johnpoz

System / Advanced / Miscellaneous

mewsense

@johnpoz Thanks all good now.

johnpoz

You prob want to update your pfsense to something with more interfaces that are distinct vs switched ports. That way when you vlan on an interface it has no effect on your wan interface.

Other option would be to move to a downstream router... Possible your switch can do L3 and route at your switch for your large intervlan traffic?

Maybe the sg1100 would be option? But maybe not since all the ports are just part of mvneta0, and not actually distinct interfaces?

mewsense

@johnpoz Thanks I don't know if my Switch can route. What is L3? The manufacturer site is https://www.netgear.com/support/product/GS116Ev2.aspx

Can I route my VLANs through the switch? My gut feel is it doesn't.

johnpoz

L3, ie layer 3... Vs L2 - layer 2... That seems to be only a layer 2 switch, so no routing..