High ping but normal bandwidth
-
Hey,
i´ve installed a virtual pfSense box on Unraid.
i´ve given pfsense a 4 port Gbit nic.in my test setup im getting high pings to my modem and a client.
with a speedtest to the internet (speedtest.net) im getting a high ping as well. the speed is normal. (100 mbit down and 40 up)when i ping the virtual pfsense box from my client im getting a high ping as well.
if i test the network speed with iperf3 im getting full gbit speeds.
is there any way to test if pfsense likes the 4 port gbit nic i gave it?
(maybe i need to reinstall a new driver?these are the 4 ports i´ve assigned to pfsense (all on one nic)
iperf3
ping from client to pfsene
ping from pfsense to client
ping from pfsense to google
-
Any ideas? :-/
-
Sorry to say but you are very vague giving not a lot of explication or info not many people will answer you question
Bad pings can be so many things
What is virtual pfsense box or did you mean virtualbox
I would recommend esxi
2 why 4 nics 1 wan lan and the rest 2vlans or dmz maybe brand name of the nics?
3 if it is VirtualBox what is your reference of configuration
4 is it in bridged your wan
5 info how did you setup/configurarion firewall rules inbound outbound
6 nat rules?
7 routing?
8 vpn's running?
9 dns configuration forwarder/resolver?
You see allot of guessing -
i wrote, that i´ve setup the virtuel pfSense on UNRAID....
i dont have any nat rules and i dont have any firewall rules except for any any for my testing...im not using a VPN or what so ever.
DNS = 8.8.8.8 and 1.1.1.1
im using 1 networkcard with 4 ports. this networkcard is not bridged its passed through to the VM.
i´ve posted a picture of what unraid is passing through to the VM.
This is the networkcard i´ve bought:
Kalea Informatique Netzwerkkarte PCIe 2.0 4 x 4 Ports Quad Gigabit Ethernet – Chipsatz Intel 82576 – mit Low und High Profile – Windows Rücken Linux Novell UnixWare OpenUnix Novell Freebsd
https://www.amazon.de/gp/product/B083ST3TVZ/ref=ppx_yo_dt_b_asin_title_o07_s00?ie=UTF8&psc=1and why would you say i would not give info?
i´ve posted every information i thought are needed and my tests that i did. (screenshots)i´ve people need more info, they have to tell me what info so i can give it to them. im new to pfsense so i dont really know that info is relevant ;)
-
As I understand it from that you are seeing >400ms pings from a local client to the pfSense interface IP?
That's like 400x higher than it should be! Something is broken in the local network there or VM hosting is doing something very weird. I have never tried Unraid personally.
Steve
-
i know that this is a weird behaviour. thats why im posting here hoping to find out how i might be able to solve this.
is there a way to find out what kind of hardware pfsense is picking up from unraid or a way to see what driver pfsense is using and maybe update it to another intel driver? -
Look at the boot log.
There probably isn't another driver available unless raid is presenting something truly exotic, which I highly doubt!
The best virtual performance is almost always by choosing paravitualised hardware.But 400ms is so far out it's very unlikely to be poor driver. Something like that is almost always a shaper of some kind. Possibly very bad congestion somewhere.
Steve
-
Well i´ve posted here in hopes of finding whatever is causing this issue.
is there no way to troubleshoot where the misstake is?
something like a log or what ever to see the errors that i can post?you mentioned the bootlog. how can i find that?
i dont need anyone telling me that a 400 ping is way to high i need help on figuring out what is wrong with the system.
so please pfSense gurus could you please help me to find the error? :)
-
Check the system log, check the boot log.
Try pinging in/out of each interface involved, see if it's one particular NIC that seems to be assign the delay.
I assume you're running 2.4.5p1? There was a bug in 2.4.5 that could present as serious lag like that. Though not continually.
Steve
-
im Running the newest version that i could download from the pfsense homepage.
is there a way to downgrade somehow? or do i need to reinstall everything?
-
No, there's no way to downgrade without re-installing. But you would not want to anyway.
You might try running a 2.5 snapshot instead: https://www.pfsense.org/snapshots/
Did you find anything in the logs? Did you try switching to paravirtualised NIC type? (if you weren't already).
Steve
-
i dont see anything fishy in the logs. but im really unexperienced in reading logs :-/ is there a way i can post them here, to see if you find something obviouse?
and what do you mean with "Did you try switching to paravirtualised NIC type?"?
and that snapshot thing. there are so many downloads that i dont really know what to download :-/
-
You should just be able to post the logs here directly. I would always suggest putting them in code tags so they don't spam the thread.
Otherwise you could post them as a txt attachment or link to pastebin etc.You can upgrade to 2.5 from the gui directly by choosing the development branch in Sys > Update > Settings.
Steve
-
installing 2.5 did not help.
i´ll post some logs later when there is time.
-
Hey,
here are the logs. i´ll test Virtualizing the Networkcard tonight i think.
System/General:
https://pastebin.com/6QmqESpRSystem/Gateway:
https://pastebin.com/RG6Nmk9pSystem/Routing:
https://pastebin.com/MXucZ6tRSystem/DNS:
https://pastebin.com/RAgXNDdhSystem/GuiService:
https://pastebin.com/teFt1kZ9System/OSboot:
https://pastebin.com/E6RYtKQi -
Yeah, you are using igb NICs but unless you're passing them through directly you should use paravirtualised (whatever that is in Unraid).
There was a really odd issue a while back where having virtual mouse attached would kill performance. I forget what hypervisor that was but remove that if you can. Same with the CDS-ROM drive.The full
dmesgoutput might have more, including any errors.Steve
-
What do you mean with paravirtualised? just virtualizing the networkcard and pass the bridge through?
Here is the dmesg :)
https://pastebin.com/pw5Xm0my -
As I understand it Unraid uses KVM as a hypervisor so that means you will almost certainly get best performance using vtnet NICs (virtio).
https://en.wikipedia.org/wiki/Paravirtualization
By not having to emulate an e1000 device you take load of the hypervisor and potentially increase the performance.It looks like you have one NIC set to virtio and the others as e1000.
Is the CPU shown there the same as the real CPU in the system? Passing through the real CPU type will also give you performance gains.
Steve
-
i upgraded to the newest version of that beta thing... now im stuck in a boot loop :(
i´ve reinstalled the whole box. i will try all that stuff this weekend. i hope i have time for it xD
