MTU not changeable & RRD: WAN :: Quality
-
I have installed pfSense on 2 completely different systems with the same unwanted behaviour.
The MTU for PPPoE on WAN is not changeable for all interfaces on both machines.
Neither manually nor automatically by pfSense for PPPoEOne has 3 Intel NICs whereas the other has 3 Realteks.
System with Intel NICs
fxp0: flags=8843 <up,broadcast,running,simplex,multicast>mtu 1500
options=48 <vlan_mtu,polling>inet6 fe80::230:5ff:fe09:897e%fxp0 prefixlen 64 scopeid 0x1
ether 00:30:05:09:89:7e
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
fxp1: flags=8843 <up,broadcast,running,simplex,multicast>mtu 1500
options=48 <vlan_mtu,polling>inet 192.168.2.3 netmask 0xffffff00 broadcast 192.168.2.255
inet6 fe80::250:8bff:feb2:a627%fxp1 prefixlen 64 scopeid 0x2
ether 00:50:8b:b2:a6:27
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active</full-duplex></vlan_mtu,polling></up,broadcast,running,simplex,multicast></full-duplex></vlan_mtu,polling></up,broadcast,running,simplex,multicast>System with Realtek NICs
rl0: flags=8843 <up,broadcast,running,simplex,multicast>mtu 1500
options=48 <vlan_mtu,polling>inet6 fe80::210:f3ff:fe03:4cc3%rl0 prefixlen 64 scopeid 0x1
ether 00:10:f3:03:4c:c3
media: Ethernet autoselect (10baseT/UTP)
status: active
rl1: flags=8843 <up,broadcast,running,simplex,multicast>mtu 1500
options=48 <vlan_mtu,polling>inet 192.168.100.99 netmask 0xffffff00 broadcast 192.168.100.255
inet6 fe80::210:f3ff:fe03:4cc2%rl1 prefixlen 64 scopeid 0x2
ether 00:10:f3:03:4c:c2
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active</full-duplex></vlan_mtu,polling></up,broadcast,running,simplex,multicast></vlan_mtu,polling></up,broadcast,running,simplex,multicast>And I get this for WAN::Quality in RRD graph. On both systems. 100% loss isn't too bad, is it? ;D
-
You don't see the MTU settings for the PPPoE interface on this output. For PPPoE the used interface is ng0. The real nic will stay at 1500. Is your WAN gateway actually pingable? Some won't respond to pings which will lead to this graphs. You can override the RRD gateway with a hidden config.xml setting ( see http://faq.pfsense.com/index.php?action=artikel&cat=10&id=38&artlang=en&highlight=hidden )
-
Yes, WAN is pingable.
I am using it ATM.If your admin role enables you to see my IP then go for it and ping it from WAN side.
-
Your WAN Gateway (ISP Gateway) has to be pingable, not your WAN.
-
If you are running Snort put the WAN Gateway into your whitelist. I had your problem as well when I didn't have my Gateway entered into my whitelist.
-
For PPPoE the used interface is ng0. The real nic will stay at 1500.
Got me, MTU for NG0 is set correctly:
ng0: flags=88d1 <up,pointopoint,running,noarp,simplex,multicast>mtu 1492Is your WAN Gateway (ISP Gateway) actually pingable? Some won't respond to pings which will lead to this graphs.
Well, you are right as well here. It is a German Telekom DSL and their Gateway is not pingable.
Is that usual behavior for T-Com?Thanks alot, going to dig through the hidden config.xml settings later on.</up,pointopoint,running,noarp,simplex,multicast>
-
OK, tried to locate a default config.xml with hidden features from the FAQs link.
The link in there (http://pfsense.com/cgi-bin/cvsweb.cgi/pfSense/conf.default/config.xml?rev=1.19;content-type=text%2Fplain) is broken and I am not smart enough to locate it on my own. :-\From searching the forum I read that there were RRD issues in the recent past. Have they been solved so far? Most posts were affecting a pingable ISPs WAN gateway and not using the extra XML flag.
I have found hints on <use_rrd_gateway>and inserted it as follows:
@config.xml:
<pfsense><version>2.8</version>
<lastchange><theme>corporate</theme>
<system><use_rrd_gateway>217.5.100.222</use_rrd_gateway>
<optimization>normal</optimization>
…</system></lastchange></pfsense>but still my WAN quality RRD graph shows 100% packet loss.
This might be due to the fact that -even after a couple of changes & reboots- the shell script updaterrd.sh still references my not pingable ISP's WAN gateway which is set dynamically by PPPoE on each connect:@updaterrd.sh:
…
get_quality_stats_wan () {
packetloss_wan=100
roundtrip_wan=0
local out_wan
out_wan=ping -c 5 -q 217.5.98.186
if [ $? -eq 0 ]; then
…Any ideas on why <use_rrd_gateway>217.5.100.222</use_rrd_gateway> is not used?
Before experimenting with the config.xml I upgraded to: pfSense-Full-Update-1.0.1-SNAPSHOT-02-09-2007.tgzThanks for your input (and this great software, of course!)</use_rrd_gateway>