Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    latency on all WAN Connections

    Scheduled Pinned Locked Moved General pfSense Questions
    13 Posts 3 Posters 959 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      rahim
      last edited by

      Hi Team.

      I am facing latency issue from last couple of days on my WAN Interfaces . I have 4 WAN links and 1 is my internal interface for routing purpose. In every 5 to 10 mints my ping is broken and all the interfaces shows the latency warning and offline error for 10 to 15 secs. I read couple of blogs but not found any solution. Can some one guide me how can I resolve this issue.
      I am attaching the snapshot of my Gateway Status here. If you need any further information let me I will provide.
      I test all my ISP links individually by plugin cable directly and it working fine.

      Thanks in advance.Gateway Status.png Gateway Status 2.png Gateway Status3.png

      ? 1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        What pfSense version are you running?

        If you watch Diag > System Activity do you have something using all avaialble CPU when the latency spikes?

        Did anything change when this started?

        Steve

        R 1 Reply Last reply Reply Quote 0
        • ? Offline
          A Former User
          last edited by

          @rahim, do you have any open ports on your wan?

          R 1 Reply Last reply Reply Quote 0
          • R Offline
            rahim @stephenw10
            last edited by

            Hi @stephenw10 Thank you so much.
            I am using 2.5.2-RELEASE (amd64). I am not changing any thing from last week but facing this issue from last 2 Days. The CPU utilization is gone to 60% when this latency comes.

            CPU Type Intel(R) Xeon(R) CPU X5650 @ 2.67GHz
            4 CPUs: 4 package(s) x 1 core(s)
            AES-NI CPU Crypto: Yes (inactive)
            QAT Crypto: No

            RAM: 16 GB
            CPU Cores: 4

            I created Pfsense on Virtual Machine based on Esxi 6.0 Dell Power Edge 710. If works fine from last 2 year I never face this issue during this whole period.

            1 Reply Last reply Reply Quote 0
            • R Offline
              rahim @Guest
              last edited by

              Hi @silence Thank you so much.

              Yes I have some 5 to 6 ports on my 2 WAN interfaces for my on-preme Kaspersky Antivirus server.
              Source : any
              Destination: Port 14000 & 13000 to

              Source: single host alias
              Destination: 3389.

              These port are open from last 2 year. In last couple of weeks I just install PfBlocker Dev package in my firewall and its work fine just facing this issue from last 2 to 3 days.

              ? stephenw10S 2 Replies Last reply Reply Quote 0
              • ? Offline
                A Former User @rahim
                last edited by

                @rahim, you can start by increasing the security on your wan (changing the origin of any) to trusted source ...

                and then use pfblocker to detect any unauthorized port scan attempts in the last 3 weeks.

                R 1 Reply Last reply Reply Quote 0
                • ? Offline
                  A Former User @rahim
                  last edited by

                  @rahim, Anyway I would like to see an internal ping log go through your pfsense without problem, can you perform these tests? Simultaneously with this ping 8.8.8.8 to confirm that it is not a Broken NIC.

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S Offline
                    stephenw10 Netgate Administrator @rahim
                    last edited by

                    @rahim said in latency on all WAN Connections:

                    Yes I have some 5 to 6 ports on my 2 WAN interfaces for my on-preme Kaspersky Antivirus server.

                    Those are port forwards to the internal server?

                    @rahim said in latency on all WAN Connections:

                    The CPU utilization is gone to 60% when this latency comes.

                    What is using that CPU? What jumps to the top of the list in System Activity?

                    Steve

                    R 1 Reply Last reply Reply Quote 0
                    • R Offline
                      rahim @Guest
                      last edited by

                      @silence its not possible for me to changing the origin of any to trusted one because Antivirus Server talks to its endpoint agents which are installed on our users laptops and their IP are dynamic. For the RDP port I only allow my trusted IPs but for other ports its not possible for me.
                      Can you please guide me how can I detect any unauthorized port scan using pfblocker.

                      I just restart my pfsense server after my office hours now the ping is look fine. But I am not sure is this the solution. Because currently their is no user in our office and no bandwidth load at this time. @Silence can you guide me is it possible that due that when users connect to it in morning this cause appears again ?

                      1 Reply Last reply Reply Quote 0
                      • R Offline
                        rahim @stephenw10
                        last edited by

                        @stephenw10 Yes those are port forwards to the internal servers. Currently I restart my Pfsense server and every thing looks like fine but if this appears again I morning I will check the activity logs and send you the snapshot of it. Meanwhile if you have any idea what casuse this let me know I will try to fix it if this not fix than I will let you know.

                        Thank you so much @Silence & @stephenw10

                        R 1 Reply Last reply Reply Quote 0
                        • R Offline
                          rahim @rahim
                          last edited by

                          @Silence , @stephenw10 Facing this issue again. Can you guys please help me out to resolve this issue.
                          Issue.png

                          1 Reply Last reply Reply Quote 0
                          • stephenw10S Offline
                            stephenw10 Netgate Administrator
                            last edited by

                            I assume you were not seeing the same 60% total CPU usage when that shot was taken?

                            The only thing of any significance there is ntop-ng. You might try disabling that as a test.

                            Steve

                            R 1 Reply Last reply Reply Quote 0
                            • R Offline
                              rahim @stephenw10
                              last edited by

                              @stephenw10 Yes after restarting I am not seeing 60% of CPU utilization. OK thanks I will stop the ntopng and than check if this work than I will find any way around for this.

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.