4. larger files not serving through pfsense

larger files not serving through pfsense

  • B

    Hi,

    My laptop and web server and connected via a Netgate SG-3100 running the latest pfsense version (2.4.4-RELEASE-p3 (arm) ). Everything has been working fine until a week or so ago.

    When, on my laptop, I request a 61K file from my web server, it arrives.
    When, on my laptop, I request a 62K file from my web server, it does not arrive.
    When, in a shell on the Netgate SG-3100, I request that same 61K file from my web server, it arrives.
    When, in a shell on the Netgate SG-3100, I request that same 62K file from my web server, it arrives.

    Observations:

    • the 61K file can be fetched from the Netgate
    • the 61K file can be fetched from behind the Netgate
    • the 62K file can be fetched from the Netgate
    • the 62K file cannot be fetched from behind the Netgate.

    Both the 61K and 62K files are test files I created that contain only spaces.
    I created these files to pinpoint the problem, the original problem was that bootstrap.css would not load and when investigating it turned out that the problem is - or seems to be - related to the file size.

    Can there be any size limit or packet inspection in the Netgate that is causing this?

    0
  • Netgate Administrator

    No there would not normally be anything behaving like that.

    How are the client, server and SG-3100 arranged during this test?

    Do you see any blocked traffic in the firewall log?

    Are you running Snort or Suricata?

    Steve

    0
  • B

    @stephenw10 said in larger files not serving through pfsense:

    Are you running Snort or Suricata?

    No

    Do you see any blocked traffic in the firewall log?

    No

    How are the client, server and SG-3100 arranged during this test?

    I tried 2 setups:

    1. Client -> OpenVPN on Netgate -> Server
    2. Client -> SSH tunnel -> Server

    It is very strange. When connecting through OpenVPN I get the 61K works/62K does not work problem.
    When I connect through the SSH tunnel I get the same but now for different files. The 62K file works but when I curl a jquery.js it just stops halfway. When I try again it stops again but somewhere else halfway.

    0
  • Netgate Administrator

    Hmm, odd.

    I would take packet captures on WAN (or OpenVPN if that's how you're connected) and LAN covering the failed transfer.

    You might also try just setting up a port forward and connecting directly just as a test.

    Steve

    0
    B
     1 Reply
  • B

    @stephenw10 it looks like it is not related to pfSense.

    I set up a port forward like you suggested.

    To a Windows computer (I tried Windows 10 on a Dell laptop and Windows Server 2016 on GCE) the file is still not being served. To a Linux computer (I tried Firefox on CentOS and Firefox on Ubuntu) the file is being served.
    I will continue my investigation in the OS arena.

    Thanks for your support.

    0
  • Netgate Administrator

    No worries. Nice catch!

    0
  • L
    Banned

    This post is deleted!
    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy