Gateway WAN keeps on having packet lost
-
@stephenw10, look at the capture and I am seeing windows update In Execution, in my case this has come to cause a problem
-
@silence But half of this morning no one was online and even when my computer was the only thing connected.
And then it still doesn't explain that I don't get ping timed out when I bypass the offense box
-
Took the Xfiniti router out fo bridge mode and let the whole house run off of it. no time on out ping to any external IP's. it also resolved the issue MyQ not staying online.
So I've factory reset the PFsense box to default no fix, tested all ports for both wan and lan and only would fail when pinging outside so that means my NIC is good and all ports or good or else I would be singing failed pings when I ping the gateway as well and not just external IP's.
really leaves it to being a software issue.
Do you guys think if I completely reinstall the image is any different than doing a factory reset from the device?
-
With a fresh install and zero changed to the default setting, it would first boot up with everything looking good but about 5 minutes it would start dropping packet on IPv4 again.
At this point is it picking up a new NIC to see if the problem is still there?
What would be a good NIC?
I currently have the NIC below
https://www.amazon.com/IBM-39Y6138-1000-Server-Adapter/dp/B016YK2NAY -
I would look for something newer that uses igb based NICs at least. em NICs only use a single queue so don't utilise your CPU as well as igb devices would.
Steve
-
@stephenw10 I spent a good 6 or 7 hours migrating all my static IP devices to the Xfinity gateway. It was a PITA I hate anything provided by the ISP but this time, it is the only thing that works. :(
I've spent enough time on this, going to power down PFsens. everything that I need to work is currently working. Going to go enjoy new years.
I might get a 10gbe NIC if I do decide to spin up the PFsense box again.
BTW wanted to add that I ran part of this morning with the onboard NIC as wan and still experience the symptoms. I doubt a new NIC will fix my issues.
Thanks you for everyone's efforts
-
Hi,
I don't want to hijack your post but I'm having very similar if not identical issues as you. I'd like to add that I have noticed when I run a continuous ping from a pc on my LAN to say 8.8.8.8, I get about perfect 50% packet loss, about every other packet comes thru. If i keep the ping running and reboot the pfsense box, it'll go down for a minute while pf reboots. funny thing is it will start pinging 100% for about a minute or so, I'm assuming until pf fully finishes booting and then starts doing whatever it is that causes the issue. I'm running intel Pro/1000 4-port cards, also tried the onboard, same thing. 2 Different, default (fresh) installs on 2 different boxes with different hardware. Also, I ran a winmtr test and this is what I got. Seems like it's making it to the cable modem (Spectrum for me), but dying as soon as it gets into their network. The first hop is the spectrum router I tossed in line to see if it was hardware. Another funny quirk I've found, is if I run a laptop on the Spectrum router without the pfsense box connected, I can ping all day long. As soon as the network port for the pfsense box comes up, give it 5-30 seconds and it goes right back to misbehaving, both on the laptop and the pfbox/LAN. Thanks
-
@t309 sucks for you, l but I'm glad I'm not the only one. I've been running over the Xfinity modem/router all day long without skipping a bit. I can't remember when was the last time my IOT devices are this stable. I have not received a "something went wrong" with google home throughout the day.
I really hope we can get to the bottom of this because as I've mentioned, I hate ISP provided equipment and prefer not to use off the ship routers, i have enough of those.
If we can keep this thread open maybe some smart people can figure it out.
-
Mmm, I can't really see it being the NIC either to be honest. Hard to see what it could be though. If I hit that here I'd probably swapping out the hardware entirely to confirm it's not something there.
Steve
-
@stephenw10
i have a few delll 990 at work might have to bring one home to test or another option is to spin up a VM -
@cheapie408 I've tried 2 different machines, albeit old ones, with this. The really old one, was/is my original pfsense router I've used for quite some time (years), and was on version 2.4.4. The newer one is running the current release and is a fresh install. The frustrating part is that the second WAN is running just fine, as it should. That's why I am nearly certain it has SOMETHING to do with the way the cable network works. The second LAN is DSL, and the gateway reporting works, internet is solid, etc no issues whatsoever. I run them in failover. I guess I bear responsibility for never testing it as thoroughly as I did this time around (after Cable modem swap and speed increase), and who knows, maybe it never really worked well. Also, I HAVE tried just swapping the network cables around and let the DSL port on pfsense think it's connected to cable, and the problem follows the modem/service/cabling. Meaning the DSL port shows the errors in pfsense when I do that. That's why I don't believe it is hardware, except in maybe the sense that whatever is going on down the line is causing the issue with the specific hardware.
-
@t309 Oh, and as I've said before, it seems to ping just fine for the first ~20-30 seconds or so, so I really feel like its a service in pfsense at least contributing to the problem. But I digress, I am not even remotely close to a linux or coding expert. Just an observation to spark a thought for someone who might actually know.
-
@t309 said in Gateway WAN keeps on having packet lost:
Another funny quirk I've found, is if I run a laptop on the Spectrum router without the pfsense box connected, I can ping all day long. As soon as the network port for the pfsense box comes up, give it 5-30 seconds and it goes right back to misbehaving, both on the laptop and the pfbox/LAN.
Hmm, that's with both the laptop and pfSense connected to the cable modem dircetly? Like the pings from the laptop are not going through pfSense at all but mearly having it connected at the same time affects laptop traffic?
That's very odd if so.Has this just started for you also? Like maybe a modem firmware update that changed the way it reacts to something pfSense is doing?
Exactly 50% packet loss sounds like some conflict, MAC or IP address. Did you spoof a MAC anywhere?
Steve
-
@stephenw10 Yes, very odd indeed.
Connected like this Modem>Cable Company-provided Router.
Cable-Company Router>port 1 laptop, port 2 pfsense.port 1 laptop pings solid as long as you like. Connect port 2 up (pfsense WAN-side), laptop pings almost perfect 50%(literally).
I'm no expert by any means, but i've worked with a lot of networks (as an installer of networked devices) and never seen anything quite like this.And as far as spoofing, I may have tried that initially in my quest to find what was wrong, that was on the first pf box (2.4.4), but have not done anything but the most basic items to get the new box 2.5.2 up and running.
-
Mmm, that really does seem like an IP or MAC conflict. Or maybe the router not in routing mode, like restricted to one client only somehow.
-
The new/current box is a flat default installation beside the fact it has 2 wan connections. I added the 2 wans to a gateway group, and then broke it after the 1 interface kept going up and down. I have just been enabling and disabling the interfaces to test and/or have usable internet. When you say conflict, are you meaning external to pfsense box on the wan side or in the pf config or where? Just for context, the pf box does still ping the same without the laptop as well. I just added the laptop to see if the cable internet was acutally the culprit or not as part of my troubleshooting. Thanks.
-
@t309 said in Gateway WAN keeps on having packet lost:
Connected like this Modem>Cable Company-provided Router.
Cable-Company Router>port 1 laptop, port 2 pfsense.port 1 laptop pings solid as long as you like. Connect port 2 up (pfsense WAN-side), laptop pings almost perfect 50%(literally).
Please reboot the cable-co router. I suspect that that device is caching MAC addresses or otherwise engaging in ARP misbehavior, thus causing packets to get misrouted when you connect pfSense. Also examine system/general setup/hostname for whether it's a dupe of your laptop's hostname. Try changing it to something that doesn't include the string "pfSense", then rebooting everything.
-
@t309 said in Gateway WAN keeps on having packet lost:
When you say conflict, are you meaning external to pfsense box on the wan side or in the pf config or where?
I mean in the layer 2 segment that is common to the laptop, the ISP router and the pfSense WAN.
So, for example, if you had spoofed the laptop MAC address in pfSense because the modem was locked to that and forgotten then connecting the laptop at the same time would be a conflict.
Steve
-
@stephenw10 Ok, thats what I thought. Verified the hostnames are different. I also disconnected the laptop, and the pf box still behaves the same (only thing on the lan side of the cable-co router). After Rebooting pfsense, the PC's on the lan side of pf box ping 100%, for the first 20-30 replies, then back to 50%.
-
@stephenw10 Any other ideas or things to try, logs, etc? The only thing currently on that physical segment is the pfsense WAN port. Another thing I noticed now is that the download speeds are also roughly half, I'm assuming due to the loss.
