Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    During transition of default gateway, pfsense is irresponsive for various seconds

    Scheduled Pinned Locked Moved Routing and Multi WAN
    8 Posts 5 Posters 728 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      felipemalmeida
      last edited by felipemalmeida

      When dpinger alarms, then all LAN can't connect to pfsense or route traffic to internet, even though I have Multi-WAN configuration and the other WAN is working properly.

      This is extremely annoying because when one WAN is unstable, the whole internet becomes unstable too because it starts ping-ponging between one WAN to the other. When the first tier WAN becomes "stable" again, then it again stops responding and routing traffic switching back, just to find a few minutes later it is not answering again.

      Is this normal behavior? Logs don't show any errors except for dpingers.

      Also, I see this same irresponsiveness when I set some configurations, such as enabling/disabling or altering any configuration on any interface.

      I use VLANs, FreeRadius, Multi-WAN and DHCP.

      Regards,

      1 Reply Last reply Reply Quote 0
      • B
        bogs
        last edited by bogs

        I registered just so I can say I am in the same boat. The router becomes unresponsive for anywhere between 2-5 minutes. Restarting does not fix it, there is no exceptions or errors in the logs just completely unusable. I have 2 WAN that I balance in a group and kick one offline on Packet or Latency loss.

        PING 192.168.1.1 (192.168.1.1): 56 data bytes
Request timeout for icmp_seq 0
Request timeout for icmp_seq 1
Request timeout for icmp_seq 2
Request timeout for icmp_seq 3
Request timeout for icmp_seq 4
Request timeout for icmp_seq 5
Request timeout for icmp_seq 6
Request timeout for icmp_seq 7
Request timeout for icmp_seq 8
Request timeout for icmp_seq 9
Request timeout for icmp_seq 10
Request timeout for icmp_seq 11
Request timeout for icmp_seq 12
Request timeout for icmp_seq 13
Request timeout for icmp_seq 14
Request timeout for icmp_seq 15
Request timeout for icmp_seq 16
Request timeout for icmp_seq 17
Request timeout for icmp_seq 18
Request timeout for icmp_seq 19
Request timeout for icmp_seq 20
Request timeout for icmp_seq 21
Request timeout for icmp_seq 22
Request timeout for icmp_seq 23
Request timeout for icmp_seq 24
Request timeout for icmp_seq 25
Request timeout for icmp_seq 26
Request timeout for icmp_seq 27
Request timeout for icmp_seq 28
Request timeout for icmp_seq 29
Request timeout for icmp_seq 30
Request timeout for icmp_seq 31
Request timeout for icmp_seq 32
Request timeout for icmp_seq 33
Request timeout for icmp_seq 34
Request timeout for icmp_seq 35
Request timeout for icmp_seq 36
Request timeout for icmp_seq 37
Request timeout for icmp_seq 38
Request timeout for icmp_seq 39
Request timeout for icmp_seq 40
Request timeout for icmp_seq 41
Request timeout for icmp_seq 42
Request timeout for icmp_seq 43
Request timeout for icmp_seq 44
Request timeout for icmp_seq 45
Request timeout for icmp_seq 46
Request timeout for icmp_seq 47
Request timeout for icmp_seq 48
Request timeout for icmp_seq 49
Request timeout for icmp_seq 50
Request timeout for icmp_seq 51
Request timeout for icmp_seq 52
Request timeout for icmp_seq 53
Request timeout for icmp_seq 54
Request timeout for icmp_seq 55
Request timeout for icmp_seq 56
Request timeout for icmp_seq 57
Request timeout for icmp_seq 58
Request timeout for icmp_seq 59
Request timeout for icmp_seq 60
Request timeout for icmp_seq 61
Request timeout for icmp_seq 62
Request timeout for icmp_seq 63
Request timeout for icmp_seq 64
Request timeout for icmp_seq 65
Request timeout for icmp_seq 66
Request timeout for icmp_seq 67
Request timeout for icmp_seq 68
Request timeout for icmp_seq 69
Request timeout for icmp_seq 70
Request timeout for icmp_seq 71
Request timeout for icmp_seq 72
Request timeout for icmp_seq 73
Request timeout for icmp_seq 74
Request timeout for icmp_seq 75
Request timeout for icmp_seq 76
Request timeout for icmp_seq 77
Request timeout for icmp_seq 78
Request timeout for icmp_seq 79
Request timeout for icmp_seq 80
Request timeout for icmp_seq 81
Request timeout for icmp_seq 82
Request timeout for icmp_seq 83
Request timeout for icmp_seq 84
Request timeout for icmp_seq 85
Request timeout for icmp_seq 86
Request timeout for icmp_seq 87
Request timeout for icmp_seq 88
Request timeout for icmp_seq 89
Request timeout for icmp_seq 90
Request timeout for icmp_seq 91
Request timeout for icmp_seq 92
Request timeout for icmp_seq 93
Request timeout for icmp_seq 94
Request timeout for icmp_seq 95
Request timeout for icmp_seq 96
Request timeout for icmp_seq 97
Request timeout for icmp_seq 98
Request timeout for icmp_seq 99
Request timeout for icmp_seq 100
Request timeout for icmp_seq 101
Request timeout for icmp_seq 102
Request timeout for icmp_seq 103
Request timeout for icmp_seq 104
64 bytes from 192.168.1.1: icmp_seq=105 ttl=64 time=2.142 ms
64 bytes from 192.168.1.1: icmp_seq=106 ttl=64 time=3.428 ms
        1 Reply Last reply Reply Quote 0
        • F
          felipemalmeida
          last edited by

          Nobody knows if this is normal behavior or not? Should I, maybe, use HA with different WANs?

          1 Reply Last reply Reply Quote 0
          • M
            moo82
            last edited by moo82

            This isn't normal behavior, I have never seen this on our dual wan box with four dedicated Intel ports on two dual nics.

            What kind of network interfaces do you use for wan1, wan2 and lan?

            Are all the nics dedicated ports, or are they on one shared nic with VLANs?

            Dedicated hardware or a VM? Self made box or official Netgate box?

            F 1 Reply Last reply Reply Quote 0
            • F
              felipemalmeida @moo82
              last edited by

              @moo82 It is a https://www.aliexpress.com/item/Eglobal-Fanless-Mini-PC-J1900-Quad-Core-4-Intel-WG82583-Gigabit-Lan-Firewall-Multi-function-Router/32714820537.html

              It uses a single NIC with four ports. VLANs are used only on LAN, not WANs. But LAN also stops responding, even for pinging the box itself.

              I'll check if something appears in dmesg when this happens.

              M 1 Reply Last reply Reply Quote 0
              • M
                moo82 @felipemalmeida
                last edited by

                @felipemalmeida I wouldn't be very surprised if the Intel parts in that computer are less than genuine. Have you tried disabling hardware offloading in Advanced -> Networking to see if this remedies this issue? By default checksum offloading appears to be enabled, while LRO and TSO are disabled. Try disabling all three.

                https://docs.netgate.com/pfsense/en/latest/config/advanced-setup.html

                In any event, the J1900 CPU doesn't appear to support AES-NI, so you need to look into a replacement router or CPU upgrade before upgrading to pfsense 2.5. It will possibly be released at some point this year? ✌

                1 Reply Last reply Reply Quote 0
                • JeGrJ
                  JeGr LAYER 8 Moderator
                  last edited by

                  @moo82 said in During transition of default gateway, pfsense is irresponsive for various seconds:

                  In any event, the J1900 CPU doesn't appear to support AES-NI, so you need to look into a replacement router or CPU upgrade before upgrading to pfsense 2.5. It will possibly be released at some point this year?

                  That requirement has already been discussed and lifted for 2.5 as it will most likely not getting the REST API. But again, it wouldn't hurt to upgrade before stepping up to 2.5 either ;)

                  Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

                  If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                  K 1 Reply Last reply Reply Quote 0
                  • K
                    KLX @JeGr
                    last edited by

                    This post is deleted!
                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.