Pingin PFSense box has a bit of delay sometimes….normal?



  • Hi guys…

    I got a freshly deployed pFsense on atom PC 80GB HDD and 2GB RAM
    no package installed except for the bandwidthd ...

    i have been pinging it constantly to check for connectivity and response time..

    however I find it strange because while one must expect <1ms response time for a router on a local network, w/c i do get 90% of the time, i cant help but get bothered of the random >1ms responses

    sometimes i even get >10ms response time!! (not that common but say a few times in a minute)..

    While this has not caused me any problems really in actualy internet usage, but i can't help but be bothered because this is the same scenario i get when i used to run Wingate on WIndows platform, w/c when bombarded w/ 15 or more clients, results in terrible network performance and clients timing out or getting slow internet connection

    Right now my PFSense box is handling 3 computers only..
    Bandwidth usage isnt an issue because wethere i'm downloading something heavy or not, the ping delays are just really random..

    my LAN setup is:
    PFSENSE – Switch -- my PC pingng the router
    Distance between these machines are a mere 1-2 meters..

    My Pfsense box has GIGABIT LAN to the switch... overkill, yeah..

    system status of the router is very good

    So question is, WHY is this? when i simultaneously ping my other home router, on the same switch,  on 192.168.1.2 it gets a perfect <1ms ping..

    is this normal and to be expected on Pfsense firewall/router boxes???  given that my hardware isnt underpowerd, and my pfsense is fresh w/ just 1 package installed..



  • i just tried removing bandwidthD package and connecting my PC direct to the PFSense box .. and i still get the occasional >1ms response times :(


  • Rebel Alliance Developer Netgate

    Do you have traffic shaping enabled?

    Ping isn't always the best measure of true latency, especially if it's given a lower priority by something like traffic shaping.



  • @jimp:

    Do you have traffic shaping enabled?

    Ping isn't always the best measure of true latency, especially if it's given a lower priority by something like traffic shaping.

    umm this is a fresh install of PFSense and I have not messed around w/ the traffic shaping department yet.. is it ON on default? How do i know if it's on or off.. i've looked everywhere there's no stat info for this.. and when i go to  FIREWALL>Traffic Shaper , it doesnt say, but rather gives me the configuration wizard >:(

    Umm, how do I set ping as normal priority then?

    and do YOU sir (or any of you guys) get this kind of delay?

    I know it isnt the best measure but through the years , for me, this has been an easy way of telling how responsive the router or the network is.. i setup routers almost every other day (im in the PC sales and servicing business).. and i remember back in the days we had latency problems w/ a 50 seater office setup, and we ended up bombarding 5 different routers w/o filtering and ruels,  w/ large ping packets from all the computers and surely we were getting local RTO (return time outs) ..  w/ 1 of the routers beeing the least affected, we were able to figure out that it wasnt the NETWORK cables and switches or anything else that was causing the issue, but the ROUTER's performance , specially in its limited processor power..

    so i guess old habits dont die easy, specially when it's a quick and dirty way to measure things.. not the most reliable but it does tell me something hehhee.



  • If you get the wizard, the traffic shaper is not on.

    There's no telling why that is with what you've said. Get a packet capture of ICMP on the LAN interface and see the delta between getting the echo request and sending the echo reply, I suspect you won't see that difference there (i.e. it's not the firewall).

    That's far from normal, you'll see some variance on a healthy network but around 0.1 ms diff at most, more than Windows will even show you. You should be steady under 1 ms assuming a sane switch (I've seen cheap ones do bad things) and PCs, and that you aren't overloading the firewall, which would take a few hundred Mbps on an Atom so I doubt that.



  • @cmb:

    If you get the wizard, the traffic shaper is not on.

    There's no telling why that is with what you've said. Get a packet capture of ICMP on the LAN interface and see the delta between getting the echo request and sending the echo reply, I suspect you won't see that difference there (i.e. it's not the firewall).

    That's far from normal, you'll see some variance on a healthy network but around 0.1 ms diff at most, more than Windows will even show you. You should be steady under 1 ms assuming a sane switch (I've seen cheap ones do bad things) and PCs, and that you aren't overloading the firewall, which would take a few hundred Mbps on an Atom so I doubt that.

    Hi CMB

    Thanks for your thoughts…

    yeah, something's up w/ my PFsense deployment then.. coz I'm not trying ClearOS on the same box.. where clearOS is heavier than Pfsense, and the network has not changed.. same switch (DLINK DGL 4500 Gigabit Router , Gigabit NIC, etc).. while i do get th occasional >1ms pings, not as bad as in Pfsense... today i've been running ping on it for 2 hours and it's a perfect <1ms response till about a while ago when i got a 14ms response lolz.. but just once.. hmm

    oh and by the way on the PFSense side , as i mentioned i tried directly connecting the PFS box to my PC and same ping patterns.. and while on the switch, i was simultaneously pinging 1 of my other devices and i do get a perfect <1ms ping from those. so it's deifnitely the pfsense box..

    I was hoping to hear some of you guys experiencing the same pattern and tell me it's normal/ok. but if you guys are getting perfect <1ms pings on your boxes then i feel "alone" lol



  • Are you using a modem that you can ping?

    What are you using as a switch?

    Have you tried different ports on the switch?

    wiggled wires during ping?



  • @chpalmer:

    Are you using a modem that you can ping?

    What are you using as a switch?

    Have you tried different ports on the switch?

    wiggled wires during ping?

    yep as w/ my example everything is OK w/ another box, network situation same xcept for the router (PFsesne or ClearOS)

    I have, to make sure, tried wiggling the wires and they're pretty stable…
    switch im using is a DGL-4500 gaming router w/ DHCP and other routing features turned off.. just used as switch during my tests..and yes no conflicting IPs w/ it too


Log in to reply