PfSense - CP after 20 hours or so, sometimes the LAN just stops talking.



  • pfSense - CP after 20 hours or so, sometimes the LAN just stops talking.

    The problem:  I have several busy i386 pfSence 2.0-RC3 (July through current August releases) and sometimes the LAN traffic just stops or grinds down to a really really really slow network.  The only solution I have found is to reboot pfSense.

    My network is the following:

    • several i386 pfSence 2.0-RC3 (July through current August releases)
    • 30 to 150 MAC clients
    • Captive Portal, No NAT (Live IPs on WAN and LAN), Per-user bandwidth restriction
    • Radius MAC authentication, Re-Auth connected users every minute

    To duplicate the issue:
    Place about 100 MAC clients on the LAN customer network.  All MAC clients are using radius bandwidth control.  Allow the busy production network to run for a day or more.  Somewhere between a day or up to a week, some MAC clients loose the ability to get out to the Internet.

    I can still ping through the CP WAN to the customer on the LAN and talk to the MAC device on the LAN - but the MAC device on the LAN just no longer gets out on the Internet.

    I am using Cacti (bandwidth graphing) and I can usually tell there is a problem when the LAN traffic drops to less than 10 percent of what it would normally be running at.  A reboot of the CP will get all customer traffic back to normal.

    This is happening on my busy pfSense CP systems that have around 100 MAC clients on the LAN.

    The only option I can think of is to auto-reboot the  CP every night to avoid this problem which will repeat again and again day or week after day or week.
    Any ideas?

    Tom Jones
    A wireless ISP (WISP) up in North Idaho



  • You are sure that no limit is reached on states?
    Also can you show if the cpu is busy doing something?


Locked