FreeBSD Bug 188261 - How to apply patch to pfSense
-
Hi all,
I've come across an issue I described here:
https://forum.netgate.com/topic/155834/issue-xcp-ng-routed-config-pfsense-slow-speed-packetlossLikely the same issue than found here:
https://forum.netgate.com/topic/77283/very-slow-traffic-from-other-vm-s-through-pfsense-on-xenserver
and here:
https://forum.netgate.com/topic/78077/unbelieveably-bad-performance/In the meanwhile I gather this is the same issue described here:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=188261Which takes me to this:
(In reply to Ricardo from comment #38) Hello, I've looked into it in the past, but I'm not a networking expert, and properly solving those issues requires a very good understanding of the network subsystem, as I think some modifications to common code are required. When trying to solve this I've made the following patches: https://reviews.freebsd.org/D6611 https://reviews.freebsd.org/D6612 (this last one might not be required:) https://reviews.freebsd.org/D6656 I'm afraid those patches are old, so they might not apply cleanly. Let me know if you can apply and give them a try, and whether they fix anything. Roger.
but looking for where to apply the patch I don't have the directory /sys and /usr/src/sys is empty/doesn't exist.
Tried to find it but without success:
[admin@pfs-fw01]/: find / -iname 'ip_fastfwd.c' [admin@pfs-fw01]/: pfSense 2.4.5-RELEASE-p1 (amd64) built on Tue Jun 02 17:51:17 EDT 2020 FreeBSD 11.3-STABLE
So could someone please help me where to apply this patch and see if it works?
Thank you.
-
@maverickws "FreeBSD Bug 188261 - How to apply patch to pfSense"
pfSense is not "clean" FreeBSD please keep this in mind
if you need a fix you will have to wait for the pfSense team to resolve it...or
submit a request for repair or a future request for a new featurehttps://redmine.pfsense.org/
BTW:
checked "patch" so it can be applied (not recommended) -
@DaddyGo said in FreeBSD Bug 188261 - How to apply patch to pfSense:
https://redmine.pfsense.org/
Hi there thank you so much for your reply.
I think I'll go to pfSense bug tracker and take the issue there. Cheers!
-
@maverickws said in FreeBSD Bug 188261 - How to apply patch to pfSense:
I'll go to pfSense bug tracker
pls. let me suggest his help as well @viktor_g
-
@DaddyGo I've added here:
https://redmine.pfsense.org/issues/10820Thanks!
-
@maverickws said in FreeBSD Bug 188261 - How to apply patch to pfSense:
I've added here:
nice..
You Welcome -
@DaddyGo Hi,
I just wanted to post an update, after some tests I concluded that this issue was only happening when I was using Hetzner vSwitch, and after creating new network interfaces and assigning those the issue stopped. So it is not due to pfSense nor the virtualisation per se.
Cheers -
@maverickws said in FreeBSD Bug 188261 - How to apply patch to pfSense:
Hetzner vSwitch
In any case, it is definitely useful for lessons and information about Hetzner vSwitch vs. pfSense
-
Just for reference if you wanted to apply that patch (which you don't because it's ancient) you would need to do so against the pfSense source code and then build it. You can't apply it against an installed system, it's against C source code.
https://github.com/pfsense/FreeBSD-src/blob/RELENG_2_4_5/sys/netinet/ip_fastfwd.cSteve
-
@DaddyGo said in FreeBSD Bug 188261 - How to apply patch to pfSense:
In any case, it is definitely useful for lessons and information about Hetzner vSwitch vs. pfSense
Right. So here what happened was I had set the LAN interface to MTU 1400, but apparently that was not enough (at all!)
What I did next was to, in:
Services > DHCP Serverfor each interface that was connected to Hetzner's vSwitch I have added to:
- Additional BOOTP/DHCP Options
Option Number: 26
Type: Unsigned 16 bit integer
Value: 1400This fixed it, but afterwards I went to the interfaces and also added MSS 1400 (for target value 1360).
@stephenw10 said in FreeBSD Bug 188261 - How to apply patch to pfSense:
Just for reference if you wanted to apply that patch (which you don't because it's ancient) you would need to do so against the pfSense source code and then build it. You can't apply it against an installed system, it's against C source code.
https://github.com/pfsense/FreeBSD-src/blob/RELENG_2_4_5/sys/netinet/ip_fastfwd.cSteve
Yes I see that now. But actually it turned out to be good that wasn't easily patched as the solution was not related to that!!
-
Nice catch. That's an unfortunate situation if you really need to apply that to everything.
Is that workaround documented anywhere?
Steve
-
Hi Stephen, not that I know of.
Actually I busted my brains for three days trying to figure out the issue. As I was already looking to patch pfSense :D and all lol.So basically here I had set the LAN/DMZ etc interface (the internal facing) to MTU 1400 on the interface configuration. I had assumed that by having the interface at 1400 mtu it would automatically set it to all the client interfaces but apparently not.
So after I added the additional dhcp options all started working just fine, but decided to configure MSS anyway after reading about.
-
If you want this patch I think the best avenue is a ticket on redmine. If the pfSense developers agree, then they will patch themselves. Otherwise it is waiting until an eventual update which would use a patched version of FreeBSD
-
@chrcoluk said in FreeBSD Bug 188261 - How to apply patch to pfSense:
ticket on redmine
if you read, this has happened in the past
@maverickws " I've added here:
https://redmine.pfsense.org/issues/10820Thanks!"