4. PFSense freezes when traffic passing through

PFSense freezes when traffic passing through

  • G

    Installed PFSense 1.2.3 on several different hardware boxes now.. I've taken out all the extra packages just incase but no matter what I do the system seems to freeze requiring a power reset when I try to pass traffic from WAN to LAN.

    The system has multiple interfaces, WAN, WANBridge, LAN, and 2x DMZ.  While it's not doing much it's quite happy.. will stay on-line for weeks without issue.. As soon as I try to say pull a large file down through the LAN interface the system freezes… Can't connect to it via SSH, or even on the console.  I get no errors in the logs or on the VGA screen.

    The WAN is connected via a CISCO router to a 10Mb Fiber leased line.

    Does anyone have any ideas on what I can check or better yet what the issue might be and how to fix it??

    Cheers,
    ---Guy

    0

  • What kind of NICs do you have in there?
    Are your "different hardware boxes" completly different, or are some parts the same?

    0
  • G

    The hardware boxes are completely different systems, all different hardware.

    The systems have dual Gb NICs on the motherboards (which I'm using for WAN and LAN), and I installed a dual 10/100 NIC card to a PCI slot to get the additional NICs.

    After making this post I Was doing further tests… and when I plug my laptop in to the WANBridge side, I'm able to download traffic without issue.. I pulled a 3Gb file down and flat lined the 10Mb line for the duration.

    I think it's something specific inside pfsense... maybe the NATTing.  Though this is very odd as I have pfsense running in other places with bigger pipes and smaller hardware without issue.

    Currently the pfsense configuration is very small.. nothing is coming into the LAN side and I'm only allowing specific ports outbound, port 80 and the like.

    0
  • Rebel Alliance Developer Netgate

    Are you applying NAT to a CARP VIP on the WAN side by chance?

    0
  • G

    @jimp:

    Are you applying NAT to a CARP VIP on the WAN side by chance?

    I am indeed…

    the WAN IP is defined as a CARP for failover... and the outbound NAT configuration uses this...

    I have this same configuration working at another site?

    0
  • Rebel Alliance Developer Netgate

    The exact same setup? Including the WAN bridge?

    http://redmine.pfsense.org/issues/910

    0
  • G

    yup same thing… darn...I was searching all over this forum thinking I can't be the only one.. and didn't find that...

    Thanks for the info..

    --Guy

    0
  • Rebel Alliance Developer Netgate

    It's kind of an odd combination that is required to trigger the problem, and as far as I know you're only the third person to report the issue, all within a couple weeks of each other, even though the problem has existed for years. :-)

    Funny how that happens.

    I'll add a reference to this thread in the ticket. Any additional information you have about that setup would be helpful as well.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy