Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Incessant Pinging

    Scheduled Pinned Locked Moved General pfSense Questions
    17 Posts 10 Posters 5.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      NOYB
      last edited by

      Configuration:
      WAN enabled and/or not enabled.
      LAN Static IP: 192.168.1.2
      LAN Gateway IP: 192.168.1.1

      Soon as pfSense boots up it starts incessantly pinging the LAN gateway.

      2.0-RC3 (i386)
      built on Tue Aug 30 18:46:28 EDT 2011

      1 Reply Last reply Reply Quote 0
      • ? This user is from outside of this forum
        Guest
        last edited by

        This is by design, its used for graphing the network latency on your WAN interface.

        1 Reply Last reply Reply Quote 0
        • N Offline
          NOYB
          last edited by

          It's overkill.  Anyway to turn it of or at least slow it down?

          1 Reply Last reply Reply Quote 0
          • pttP Offline
            ptt Rebel Alliance
            last edited by

            System: Gateways: Edit gateway

            "Disable Gateway Monitoring"

            or "Advanced" and change "Frequency Probe"

            1 Reply Last reply Reply Quote 0
            • N Offline
              NOYB
              last edited by

              I see not this System : Gateways you mention.  There is a Stats : Gateways, but no means of editing it.

              Found it.  Under System - Routing

              1 Reply Last reply Reply Quote 0
              • B Offline
                BenKenobe
                last edited by

                Glad somebody else thinks it is overkill, the options you seek can be found under the following menu structure :-

                System->Routing

                You will see your gateway there, select the 'e' next to the 'gateway' to be edited and one of the options in the resulting page is 'disable gateway monitoring', whether this works is a debatable point since the application that carries out the ping remains in memory and is loaded when the firewall restarts so if it is running then it will be pinging by default I think, if it isn't why even load it. When you set the gateway monitoring off you will see some status messages in the logs that apinger has exited but if you execute ps -ax | grep 'apinger' at a command prompt with the gateway monitoring disabled you can find apingers processID, it is still there!!, if you keep executing the above command you will see the processID constantly changing - like Apinger doesn't like being told to go away and keeps getting re-started.

                I detest apinger, the first thing I do is disable and delete it because it doesn't pay attention to the setting changes anyhow (at least it didn't), my ISP threatened to do nasty things if I didn't stop the 1 second pings. I was told over a year ago that apinger was going to be dropped in favour of a different application but this hasn't happened, I was also told that the option to turn it off would become available, it still isn't from what I see. It wouldn't be near so bad if Apinger responded to the settings for 'frequency probe', based on my tests it takes no notice whatsoever and continues it's once a second ping. A 1 second ping in itself is an eternity for a network and switch / firewall management internally but for ISP's who may have 100,000+ users it becomes a major issue if they all start once a second pings …. apingers behaviour is inappropriate for a domestic user with a single WAN connection and nothing will change my opinion on that score.

                Despite working from home I too have only one WAN connection so having something 'detecting' the gateway is pointless, if it fails it fails, there is no backup so there is no need for something to say my 'gateway' has failed.

                I don't need or care for the graphing, I believe that this should be a bolt on that can be added if needed, it should not be the norm, alas there are those here who have the time to look at pretty but rather unimportant graphs.

                If you have problems with users there are better tools to see or restrict what bandwidth is used by them.

                If you want to stop the constant pinging then killing Apinger is the only guaranteed way that I have found to date ...

                1 Reply Last reply Reply Quote 0
                • R Offline
                  Rezin
                  last edited by

                  @BenKenobe:

                  You will see your gateway there, select the 'e' next to the 'gateway' to be edited and one of the options in the resulting page is 'disable gateway monitoring', whether this works is a debatable point since the application that carries out the ping remains in memory and is loaded when the firewall restarts so if it is running then it will be pinging by default I think, if it isn't why even load it.

                  Disabling gateway monitoring seems to work for me.  ???

                  Diagnostics > Packet Capture … select the correct interface; and enter in that interface's gateway IP; click Start. That'll quickly show you (after hitting Stop) whether you're still pinging the gateway or not (ICMP echo request/reply).

                  1 Reply Last reply Reply Quote 0
                  • E Offline
                    eri--
                    last edited by

                    I have to laugh at an ISP threats that i am pining to much their router :) whatever the reason behind.

                    Though users sometimes have no choice.
                    IMO so far the option of disabling the monitoring or changing the frequency work as intended.

                    1 Reply Last reply Reply Quote 0
                    • N Offline
                      NOYB
                      last edited by

                      @ermal:

                      IMO so far the option of disabling the monitoring or changing the frequency work as intended.

                      Set the frequency to 10.  Wait awhile, then go have a look at the RRD Quality graph of that interface.

                      Now, one might say that is not the "gateway monitoring".  But that would be splitting it pretty thin.

                      1 Reply Last reply Reply Quote 0
                      • E Offline
                        eri--
                        last edited by

                        I just trust a packet capture saying that the icmp probe is being sent faster than every 10seconds.

                        I am not stating that apinger is honoring it. Just that during my testing it worked as intended.

                        1 Reply Last reply Reply Quote 0
                        • B Offline
                          BenKenobe
                          last edited by

                          I have to laugh at an ISP threats that i am pining to much their router

                          Because you clearly have never managed a large enterprise ….  you wouldn't be laughing in my enterprise ... and yes some users do need to take heed of ISP warnings, actually it is pretty selfish to treat an ISP router in such a way with zero regard for everyone else who also must use it, like it or not pings are not zero bandwidth and do impact on a network - would you like me to come to your place and do a ping flood DOS to prove the point.

                          Regardless of what works for you it is a legitimate requirement to be able to stop or manage any and ALL network traffic however generated, based on what I have seen apinger does not honour settings or being disabled.

                          I am currently doing a clean install, I will approach with an open mind, do some tests and see if the bad behaviour still exists.

                          1 Reply Last reply Reply Quote 0
                          • E Offline
                            eri--
                            last edited by

                            I would not comment on this more than the user education is not always the answer.
                            Since the user is uneducated about his equipment you cannot make him liable for your capacity issues.

                            Though that is even a discussion of business model and budgeting but to me complaining to the user is the last resort and that is only justifiable by unusal behaviour.  
                            To me an icmp packet is legitimate traffic and if you do not want your router to be visible you can provision for this by not allowing such traffic at all.
                            If you feel this is not the right traffic charge the user for this and clearly state this in your policy.

                            But please, don't bullshit the user about what is allowed or not when he clearly is not the knowledgeable on this and these policies are clearly an abuse over your service policy.

                            Because you clearly have never managed a large enterprise ….  you wouldn't be laughing in my enterprise ..

                            Believe me or not i will laugh at this.
                            An enterprise is not an ISP and the policies on an enterprise are 'easily' enforceable in contradiction to an ISP, by whatever the policy and enforcement method.

                            That is my personal stance and do not expect that would converge with any other.

                            1 Reply Last reply Reply Quote 0
                            • johnpozJ Offline
                              johnpoz LAYER 8 Global Moderator
                              last edited by

                              Sure looks like the changes in ping time work to me..

                              Set it to 10 seconds, and that sure looks like what its doing to me.  As suggested do a simple capture.

                              If my ISP complained about the pings, I would suggest they look at the excessive arping that is going on and then I will turn down my pings.  In the bit over a minute trace I did sure there are 36 packets of icmp, but there are 2933 arps..  Seems a bit excessive to me ;)

                              ping.jpg
                              ping.jpg_thumb

                              An intelligent man is sometimes forced to be drunk to spend time with his fools
                              If you get confused: Listen to the Music Play
                              Please don't Chat/PM me for help, unless mod related
                              SG-4860 24.11 | Lab VMs 2.8, 24.11

                              1 Reply Last reply Reply Quote 0
                              • G Offline
                                gloomrider
                                last edited by

                                I appreciate this thread.  While I understand the value of gathering statistics of "link quality", being able to disable this feature is more useful than any debate on its worth.  I disabled it and there is no sign of "apinger" running.

                                "pftop" also confirms the pings have stopped.

                                1 Reply Last reply Reply Quote 0
                                • C Offline
                                  codemarauder
                                  last edited by

                                  Sorry for my ignorance, but where do I set the value for "Frequency Probes" in System -> Advanced settings? I am on 2.0 RC3 21st June.

                                  1 Reply Last reply Reply Quote 0
                                  • stephenw10S Offline
                                    stephenw10 Netgate Administrator
                                    last edited by

                                    I believe it's supposed to be in: System > Routing > Gateways > Edit gateway

                                    However it doesn't appear in the Jun 21st RC3 build for me.

                                    Steve

                                    1 Reply Last reply Reply Quote 0
                                    • E Offline
                                      eri--
                                      last edited by

                                      I will lock this thread now because it is going off-topic.

                                      You need the latest snapshot to have the options described in this thread.

                                      1 Reply Last reply Reply Quote 0
                                      • First post
                                        Last post
                                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.