Connection Losses
-
Hello.
I have my PFSense 1.0.1 box sitting between to LAN's. WAN = 172.x.x.x /24 and LAN = 10.x.x.x /16
I have had the box in place for a few weeks now and have been slowly putting users behind it for testing. I am up to about 30 computers that are behind the PFSense box.
Hardware: Nforce2 board, Athlon XP 2200, 1gb RAM, and 2x 3COM 3C2000 NIC's running at 1Gbit Full
My dilemma:
Connections die randomly. For instance I can be browsing to a file server on the WAN side of PFSense and my browsing will be disrupted until I refresh. I have had reports of this happening with Remote Desktop and FTP as well. In all cases they can immediately reconnect, but this brief disruption has we worried. My states have yet to reach 700. They seem to vary from 300-600. CPU is generally between 0 and 3%, Memory is a constant 6%. I don't see any issues in the System Logs -> Firewall. Is it possible that the state dies? I have no idea where to go from here. What could it be? What can I try to narrow the problem down?
Thanks a million.
-
Do you see collisions or in/out errors at status>interfaces?
-
0 for both Interfaces.
It does say Flag0 and Flag1 on the inside interface though, I am not sure what that means. I attached a screen so you can see what I mean.
-
I just setup a new PFSense box on a much nicer machine, fresh install of 1.0.1. I still have the same problem, what can it be?
When I try and copy a large amount of data through the firewall, the copy dies after a few minutes.
-
Then check cables, switches, etc. Maybe something's wrong there.
-
How can I configure an interface to do 100 or 1000 full, as opposed to auto negotiation?
-
See http://faq.pfsense.com/index.php?action=artikel&cat=10&id=38&artlang=en&highlight=hidden
-
I appreciate your help tons, but I fear I am doing something wrong. In the config file modified my interface to show the following
<media>100baseTX</media>
<mediaopt>full-duplex</mediaopt>But it doesn't seem to actually force it down to 100Mbit Full, its still negotiating 1000Full.
I have been testing a bunch and it seems that when bandwidth is over about 150Mbit this instability is caused, connections die, etc. So I was wanting to force it to 100 and continue testing stability.
-
Did you run a "ifconfig -m" at diegnostics>command to list the media options? depending on nic driver the speeds can be called different. Make sure you have the exact matching item casesensitive in your config.xml. Also make sure your entries go to the right section of the config.xml. You did upload it and reboot, right?
-
Yes to all of your questions.
I did this.
I did a backup from the WebGui
ran ifconfig -m in the webgui
Opened up the xml file
inserted what ifconfig returned as the option for 100 full, as listed above in my previous post, but when i ran ifconfig it did return "media 100baseTX mediaopt full-duplex", so i figured i wouldn't have to include the whole "mediaopt full-duplex" syntax in the config, but that might be where I am wrong.
Then I saved, uploaded the edited config and rebooted. -
So now I am confused. When I run ifconfig -m it reports this:
media: Ethernet 100baseTX <full-duplex>(1000baseTX <full-duplex>)</full-duplex></full-duplex>
-
i've not had the best of experiences with the 3c2000 cards. regardless it should work.
Did you reboot your box to enforce the ifconfig settings?
a manual ifconfig sk0 media 100baseTX full-duplex should work anyhow.
From the console menu, the webgui or ssh, pick one.