Painfully slow UI response

xrctp1

As of a few versions ago I started noticing the UI response is terrible. I have PFSense running on a Poweredge (Xeon e3-1220v2) and it isn't a terribly complex setup but for some reason every change takes 30+ seconds. Is there a particular log that might give me some insight into this?

netblues

@xrctp1 Verify that pfsense can resolve names.
Is unbound working?
From cli do a dig google.com and notice times
A typical response would be like this

dig google.com

; <<>> DiG 9.14.12 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 53893
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1432
;; QUESTION SECTION:
;google.com. IN A

;; ANSWER SECTION:
google.com. 300 IN A 172.217.169.206

;; Query time: 136 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jul 13 08:13:31 EEST 2020
;; MSG SIZE rcvd: 55

xrctp1

@netblues

/root: dig google.com

; <<>> DiG 9.14.9 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36332
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;google.com. IN A

;; ANSWER SECTION:
google.com. 165 IN A 172.217.4.110

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jul 13 09:35:40 MDT 2020
;; MSG SIZE rcvd: 55

On a side note, my DNS resolver is slow when queried from clients on the network.

netblues

@xrctp1 This is cached. Try something not in cache and see what is the typical response time.
As for clients, is it slow or is never answered.

Can you dig or nslookup from a client?

JeGr

If you want to question the local resolver try using

dig google.com @localhost or try another domain to check.

xrctp1

@netblues

/root: dig www.file.com

; <<>> DiG 9.14.9 <<>> www.file.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54273
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;www.file.com. IN A

;; ANSWER SECTION:
www.file.com. 600 IN A 54.36.56.87

;; Query time: 439 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jul 13 09:54:43 MDT 2020
;; MSG SIZE rcvd: 57

netblues

@xrctp1 this is typical response time for an uncached domain.
You should have the same when digging from a client.
Are the clients using pf for name resolution?

xrctp1

@netblues

I'm beginning to think this is an issue with CenturyLink. I'm using the Cloudflare secure DNS servers and they periodically become unreachable. From what I've found online this is a common problem with CL.

netblues

You need to narrow down the problems.
pfsense with unbound is usually as good as common public dns servers.
If you use pf as dns, and pf is without forwarders of any kind, do you get slow responses?
Are you accessing pf by hostname or ip?
When using the web ui, try running htop on cli..
Do you see high usage on php-fpm pool nginx?

Have you introduced any new floating rules lately?