Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Network limits

    General pfSense Questions
    3
    11
    5.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      breese
      last edited by

      While looking into why I am having delay issues with Skype, I discovered the following and am intrested it knowing if this is needed, helpfull or do I need to look elsewhere?

      http://www.psc.edu/networking/projects/tcptune/

      All system parameters can be read or set with 'sysctl'. E.g.:
      sysctl [parameter]
      sysctl -w [parameter]=[value]
      You can raise the maximum socket buffer size by, for example:
      sysctl -w kern.ipc.maxsockbuf=4000000
      FreeBSD 7.0 implements automatic receive and send buffer tuning which are enabled by default. The default maximum value is 256KB which is likely too small. These should likely be increased, e.g. with follows:
          net.inet.tcp.sendbuf_max=16777216
          net.inet.tcp.recvbuf_max=16777216
      You can also set the TCP and UDP default buffer sizes using the variables
      net.inet.tcp.sendspace
      net.inet.tcp.recvspace
      net.inet.udp.recvspace
      When using larger socket buffers, you probably need to make sure that the TCP window scaling option is enabled. (The default is not enabled!) Check 'tcp_extensions="YES"' in /etc/rc.conf and ensure it's enabled via the sysctl variable:
              net.inet.tcp.rfc1323
      FreeBSD's TCP has a thing called "inflight limiting" turned on by default, which can be detrimental to TCP throughput in some situations. If you want "normal" TCP behavior you should
              sysctl -w net.inet.tcp.inflight_enable=0
      You may also want to confirm that SACK is enabled: (working since FreeBSD 5.3):
              net.inet.tcp.sack.enable
      MTU discovery is on by default in FreeBSD. If you wish to disable MTU discovery, you can toggle it with the sysctl variable:
              net.inet.tcp.path_mtu_discovery
      Contributors: Pekka Savola and David Malone.
      Checked for FreeBSD 7.0, Sept 2008

      –------------------------------------------------------------------------------

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        pfSense 2.0 is based on FreeBSD 8.1 so that guide is likely to be out of date.
        Try changing the settings and see if it makes any difference. Unless you set them in the system tunables page in the gui they will reset to default when you reboot anyway.

        What problems are you having with skype?

        Steve

        1 Reply Last reply Reply Quote 0
        • B
          breese
          last edited by

          I am seeing large delays and missing updates.
          One of the tests I ran told me that I packet out of order issues.

          With that I have been using a program on a desktop windows box called MyconnectionPC
          They also offer and on-line test.
          It has also indicated droped frames or what they are calling excess jitter.

          Next I moved on to namebench… While I do have a FBSD version, I do not know how to install it so, I ran the Windows version and it recommened different internet DNS servers to use and in what order... That did help.

          I am on an Elite AT&T DSL line with 6m down and 768k up.
          All these tests were done thru my pfSense firewall that is release 2 and with the latest updates.

          1 Reply Last reply Reply Quote 0
          • Cry HavokC
            Cry Havok
            last edited by

            What hardware?

            1 Reply Last reply Reply Quote 0
            • B
              breese
              last edited by

              Just so happens the Windows box and the pfSense box use the same type of hardware

              Sep 5 11:57:48 kernel: Copyright © 1992-2010 The FreeBSD Project.
              Sep 5 11:57:48 kernel: Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
              Sep 5 11:57:48 kernel: The Regents of the University of California. All rights reserved.
              Sep 5 11:57:48 kernel: FreeBSD is a registered trademark of The FreeBSD Foundation.
              Sep 5 11:57:48 kernel: FreeBSD 8.1-RELEASE-p4 #1: Mon Sep 5 04:07:15 EDT 2011
              Sep 5 11:57:48 kernel: root@FreeBSD_8.0_pfSense_2.0-snaps.pfsense.org:/usr/obj./usr/pfSensesrc/src/sys/pfSense_SMP.8 i386
              Sep 5 11:57:48 kernel: Timecounter "i8254" frequency 1193182 Hz quality 0
              Sep 5 11:57:48 kernel: CPU: Intel(R) Pentium(R) 4 CPU 2.80GHz (2800.11-MHz 686-class CPU)
              Sep 5 11:57:48 kernel: Origin = "GenuineIntel" Id = 0xf25 Family = f Model = 2 Stepping = 5
              Sep 5 11:57:48 kernel: Features=0xbfebfbff <fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,htt,tm,pbe>Sep 5 11:57:48 kernel: Features2=0x4400 <cnxt-id,xtpr>Sep 5 11:57:48 kernel: real memory = 1073741824 (1024 MB)
              Sep 5 11:57:48 kernel: avail memory = 1027579904 (979 MB)
              Sep 5 11:57:48 kernel: ACPI APIC Table: <asus p4pe-x="">Sep 5 11:57:48 kernel: FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
              Sep 5 11:57:48 kernel: FreeBSD/SMP: 1 package(s) x 1 core(s) x 2 HTT threads
              Sep 5 11:57:48 kernel: cpu0 (BSP): APIC ID: 0
              Sep 5 11:57:48 kernel: cpu1 (AP/HT): APIC ID: 1
              Sep 5 11:57:48 kernel: ioapic0 <version 2.0="">irqs 0-23 on motherboard
              Sep 5 11:57:48 kernel: netisr_init: forcing maxthreads to 1 and bindthreads to 0 for device polling
              Sep 5 11:57:48 kernel: wpi: You need to read the LICENSE file in /usr/share/doc/legal/intel_wpi/.
              Sep 5 11:57:48 kernel: wpi: If you agree with the license, set legal.intel_wpi.license_ack=1 in /boot/loader.conf.
              Sep 5 11:57:48 kernel: module_register_init: MOD_LOAD (wpi_fw, 0xc0988330, 0) error 1
              Sep 5 11:57:48 kernel: ipw_bss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
              Sep 5 11:57:48 kernel: ipw_bss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
              Sep 5 11:57:48 kernel: module_register_init: MOD_LOAD (ipw_bss_fw, 0xc0789370, 0) error 1
              Sep 5 11:57:48 kernel: ipw_ibss: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
              Sep 5 11:57:48 kernel: ipw_ibss: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
              Sep 5 11:57:48 kernel: module_register_init: MOD_LOAD (ipw_ibss_fw, 0xc0789410, 0) error 1
              Sep 5 11:57:48 kernel: ipw_monitor: You need to read the LICENSE file in /usr/share/doc/legal/intel_ipw/.
              Sep 5 11:57:48 kernel: ipw_monitor: If you agree with the license, set legal.intel_ipw.license_ack=1 in /boot/loader.conf.
              Sep 5 11:57:48 kernel: module_register_init: MOD_LOAD (ipw_monitor_fw, 0xc07894b0, 0) error 1
              Sep 5 11:57:48 kernel: wlan: mac acl policy registered
              Sep 5 11:57:48 kernel: kbd1 at kbdmux0
              Sep 5 11:57:48 kernel: cryptosoft0: <software crypto="">on motherboard
              Sep 5 11:57:48 kernel: padlock0: No ACE support.
              Sep 5 11:57:48 kernel: acpi0: <asus p4pe-x="">on motherboard
              Sep 5 11:57:48 kernel: acpi0: Overriding SCI Interrupt from IRQ 9 to IRQ 22
              Sep 5 11:57:48 kernel: acpi0: [ITHREAD]
              Sep 5 11:57:48 kernel: acpi0: Power Button (fixed)
              Sep 5 11:57:48 kernel: acpi0: reservation of 0, a0000 (3) failed
              Sep 5 11:57:48 kernel: acpi0: reservation of 100000, 3ff00000 (3) failed
              Sep 5 11:57:48 kernel: Timecounter "ACPI-fast" frequency 3579545 Hz quality 1000
              Sep 5 11:57:48 kernel: acpi_timer0: <24-bit timer at 3.579545MHz> port 0xe408-0xe40b on acpi0
              Sep 5 11:57:48 kernel: cpu0: <acpi cpu="">on acpi0
              Sep 5 11:57:48 kernel: cpu1: <acpi cpu="">on acpi0
              Sep 5 11:57:48 kernel: acpi_button0: <power button="">on acpi0
              Sep 5 11:57:48 kernel: pcib0: <acpi host-pci="" bridge="">port 0xcf8-0xcff on acpi0
              Sep 5 11:57:48 kernel: pci0: <acpi pci="" bus="">on pcib0
              Sep 5 11:57:48 kernel: agp0: <intel 82845g="" host="" to="" agp="" bridge="">on hostb0
              Sep 5 11:57:48 kernel: pcib1: <acpi pci-pci="" bridge="">at device 1.0 on pci0
              Sep 5 11:57:48 kernel: pci1: <acpi pci="" bus="">on pcib1
              Sep 5 11:57:48 kernel: uhci0: <intel 82801db="" (ich4)="" usb="" controller="" usb-a="">port 0xd800-0xd81f irq 16 at device 29.0 on pci0
              Sep 5 11:57:48 kernel: uhci0: [ITHREAD]
              Sep 5 11:57:48 kernel: uhci0: LegSup = 0x2f00
              Sep 5 11:57:48 kernel: usbus0: <intel 82801db="" (ich4)="" usb="" controller="" usb-a="">on uhci0
              Sep 5 11:57:48 kernel: uhci1: <intel 82801db="" (ich4)="" usb="" controller="" usb-b="">port 0xd400-0xd41f irq 19 at device 29.1 on pci0
              Sep 5 11:57:48 kernel: uhci1: [ITHREAD]
              Sep 5 11:57:48 kernel: uhci1: LegSup = 0x2f00
              Sep 5 11:57:48 kernel: usbus1: <intel 82801db="" (ich4)="" usb="" controller="" usb-b="">on uhci1
              Sep 5 11:57:48 kernel: uhci2: <intel 82801db="" (ich4)="" usb="" controller="" usb-c="">port 0xd000-0xd01f irq 18 at device 29.2 on pci0
              Sep 5 11:57:48 kernel: uhci2: [ITHREAD]
              Sep 5 11:57:48 kernel: uhci2: LegSup = 0x2f00
              Sep 5 11:57:48 kernel: usbus2: <intel 82801db="" (ich4)="" usb="" controller="" usb-c="">on uhci2
              Sep 5 11:57:48 kernel: ehci0: <intel 82801db="" l="" m="" (ich4)="" usb="" 2.0="" controller="">mem 0xf7000000-0xf70003ff irq 23 at device 29.7 on pci0
              Sep 5 11:57:48 kernel: ehci0: [ITHREAD]
              Sep 5 11:57:48 kernel: usbus3: EHCI version 1.0
              Sep 5 11:57:48 kernel: usbus3: <intel 82801db="" l="" m="" (ich4)="" usb="" 2.0="" controller="">on ehci0
              Sep 5 11:57:48 kernel: pcib2: <acpi pci-pci="" bridge="">at device 30.0 on pci0
              Sep 5 11:57:48 kernel: pci2: <acpi pci="" bus="">on pcib2
              Sep 5 11:57:48 kernel: bfe0: <broadcom bcm4401="" fast="" ethernet="">mem 0xf6800000-0xf6801fff irq 20 at device 5.0 on pci2
              Sep 5 11:57:48 kernel: miibus0: <mii bus="">on bfe0
              Sep 5 11:57:48 kernel: bmtphy0: <bcm4401 10="" 100basetx="" phy="">PHY 1 on miibus0
              Sep 5 11:57:48 kernel: bmtphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
              Sep 5 11:57:48 kernel: bfe0: [ITHREAD]
              Sep 5 11:57:48 kernel: vgapci0: <vga-compatible display="">port 0xb800-0xb8ff mem 0xf5000000-0xf5ffffff,0xf4800000-0xf4800fff irq 22 at device 10.0 on pci2
              Sep 5 11:57:48 kernel: fxp0: <intel 100="" 82559="" pro="" ethernet="">port 0xb400-0xb43f mem 0xf4000000-0xf4000fff,0xf3800000-0xf38fffff irq 23 at device 11.0 on pci2
              Sep 5 11:57:48 kernel: miibus1: <mii bus="">on fxp0
              Sep 5 11:57:48 kernel: inphy0: <i82555 10="" 100="" media="" interface="">PHY 1 on miibus1
              Sep 5 11:57:48 kernel: inphy0: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
              Sep 5 11:57:48 kernel: fxp0: [ITHREAD]
              Sep 5 11:57:48 kernel: fxp1: <intel 100="" 82550="" pro="" ethernet="">port 0xb000-0xb03f mem 0xf3000000-0xf3000fff,0xf2800000-0xf281ffff irq 20 at device 12.0 on pci2
              Sep 5 11:57:48 kernel: miibus2: <mii bus="">on fxp1
              Sep 5 11:57:48 kernel: inphy1: <i82555 10="" 100="" media="" interface="">PHY 1 on miibus2
              Sep 5 11:57:48 kernel: inphy1: 10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
              Sep 5 11:57:48 kernel: fxp1: [ITHREAD]
              Sep 5 11:57:48 kernel: isab0: <pci-isa bridge="">at device 31.0 on pci0
              Sep 5 11:57:48 kernel: isa0: <isa bus="">on isab0
              Sep 5 11:57:48 kernel: atapci0: <intel ich4="" udma100="" controller="">port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0xf000-0xf00f irq 18 at device 31.1 on pci0
              Sep 5 11:57:48 kernel: ata0: <ata 0="" channel="">on atapci0
              Sep 5 11:57:48 kernel: ata0: [ITHREAD]
              Sep 5 11:57:48 kernel: ata1: <ata 1="" channel="">on atapci0
              Sep 5 11:57:48 kernel: ata1: [ITHREAD]
              Sep 5 11:57:48 kernel: pci0: <multimedia, audio="">at device 31.5 (no driver attached)
              Sep 5 11:57:48 kernel: atrtc0: <at realtime="" clock="">port 0x70-0x73 irq 8 on acpi0
              Sep 5 11:57:48 kernel: fdc0: <floppy drive="" controller="">port 0x3f2-0x3f5,0x3f7 irq 6 drq 2 on acpi0
              Sep 5 11:57:48 kernel: fdc0: [FILTER]
              Sep 5 11:57:48 kernel: fd0: <1440-KB 3.5" drive> on fdc0 drive 0
              Sep 5 11:57:48 kernel: ppc0: <parallel port="">port 0x378-0x37f,0x778-0x77b irq 7 drq 3 on acpi0
              Sep 5 11:57:48 kernel: ppc0: SMC-like chipset (ECP/EPP/PS2/NIBBLE) in COMPATIBLE mode
              Sep 5 11:57:48 kernel: ppc0: FIFO with 16/16/16 bytes threshold
              Sep 5 11:57:48 kernel: ppc0: [ITHREAD]
              Sep 5 11:57:48 kernel: ppbus0: <parallel port="" bus="">on ppc0
              Sep 5 11:57:48 kernel: plip0: <plip network="" interface="">on ppbus0
              Sep 5 11:57:48 kernel: plip0: [ITHREAD]
              Sep 5 11:57:48 kernel: lpt0: <printer>on ppbus0
              Sep 5 11:57:48 kernel: lpt0: [ITHREAD]
              Sep 5 11:57:48 kernel: lpt0: Interrupt-driven port
              Sep 5 11:57:48 kernel: ppi0: <parallel i="" o="">on ppbus0
              Sep 5 11:57:48 kernel: uart0: <16550 or compatible> port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0
              Sep 5 11:57:48 kernel: uart0: [FILTER]
              Sep 5 11:57:48 kernel: uart1: <16550 or compatible> port 0x2f8-0x2ff irq 3 on acpi0
              Sep 5 11:57:48 kernel: uart1: [FILTER]
              Sep 5 11:57:48 kernel: atkbdc0: <keyboard controller="" (i8042)="">port 0x60,0x64 irq 1 on acpi0
              Sep 5 11:57:48 kernel: atkbd0: <at keyboard="">irq 1 on atkbdc0
              Sep 5 11:57:48 kernel: kbd0 at atkbd0
              Sep 5 11:57:48 kernel: atkbd0: [GIANT-LOCKED]
              Sep 5 11:57:48 kernel: atkbd0: [ITHREAD]
              Sep 5 11:57:48 kernel: psm0: <ps 2="" mouse="">irq 12 on atkbdc0
              Sep 5 11:57:48 kernel: psm0: [GIANT-LOCKED]
              Sep 5 11:57:48 kernel: psm0: [ITHREAD]
              Sep 5 11:57:48 kernel: psm0: model IntelliMouse, device ID 3
              Sep 5 11:57:48 kernel: pmtimer0 on isa0
              Sep 5 11:57:48 kernel: orm0: <isa option="" roms="">at iomem 0xc0000-0xc7fff,0xc8000-0xc97ff,0xcc000-0xccfff,0xd0000-0xd17ff pnpid ORM0000 on isa0
              Sep 5 11:57:48 kernel: sc0: <system console="">at flags 0x100 on isa0
              Sep 5 11:57:48 kernel: sc0: VGA <16 virtual consoles, flags=0x300>
              Sep 5 11:57:48 kernel: vga0: <generic isa="" vga="">at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
              Sep 5 11:57:48 kernel: p4tcc0: <cpu frequency="" thermal="" control="">on cpu0
              Sep 5 11:57:48 kernel: p4tcc1: <cpu frequency="" thermal="" control="">on cpu1
              Sep 5 11:57:48 kernel: Timecounters tick every 1.000 msec
              Sep 5 11:57:48 kernel: IPsec: Initialized Security Association Processing.
              Sep 5 11:57:48 kernel: usbus0: 12Mbps Full Speed USB v1.0
              Sep 5 11:57:48 kernel: usbus1: 12Mbps Full Speed USB v1.0
              Sep 5 11:57:48 kernel: usbus2: 12Mbps Full Speed USB v1.0
              Sep 5 11:57:48 kernel: usbus3: 480Mbps High Speed USB v2.0
              Sep 5 11:57:48 kernel: ad0: 76319MB <wdc wd800aajb-00j3a0="" 01.03e01="">at ata0-master UDMA100
              Sep 5 11:57:48 kernel: ugen0.1: <intel>at usbus0
              Sep 5 11:57:48 kernel: uhub0: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus0
              Sep 5 11:57:48 kernel: ugen1.1: <intel>at usbus1
              Sep 5 11:57:48 kernel: uhub1: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus1
              Sep 5 11:57:48 kernel: ugen2.1: <intel>at usbus2
              Sep 5 11:57:48 kernel: uhub2: <intel 1="" 9="" uhci="" root="" hub,="" class="" 0,="" rev="" 1.00="" 1.00,="" addr="">on usbus2
              Sep 5 11:57:48 kernel: ugen3.1: <intel>at usbus3
              Sep 5 11:57:48 kernel: uhub3: <intel 1="" 9="" ehci="" root="" hub,="" class="" 0,="" rev="" 2.00="" 1.00,="" addr="">on usbus3
              Sep 5 11:57:48 kernel: SMP: AP CPU #1 Launched!
              Sep 5 11:57:48 kernel: uhub0: 2 ports with 2 removable, self powered
              Sep 5 11:57:48 kernel: uhub1: 2 ports with 2 removable, self powered
              Sep 5 11:57:48 kernel: uhub2: 2 ports with 2 removable, self powered
              Sep 5 11:57:48 kernel: Root mount waiting for: usbus3
              Sep 5 11:57:48 kernel: Root mount waiting for: usbus3
              Sep 5 11:57:48 kernel: uhub3: 6 ports with 6 removable, self powered
              Sep 5 11:57:48 kernel: Trying to mount root from ufs:/dev/ad0s1a
              Sep 5 11:57:48 kernel: pflog0: promiscuous mode enabled
              Sep 5 11:57:48 php: : Could not find gateway for interface(wan).
              Sep 5 11:57:48 php: : Could not find gateway for interface(wan).
              Sep 5 11:57:48 php: : Could not find gateway for interface(wan).
              Sep 5 11:57:50 check_reload_status: Linkup starting bfe0
              Sep 5 11:57:50 kernel: bfe0: link state changed to UP
              Sep 5 11:57:50 apinger: Starting Alarm Pinger, apinger(422)
              Sep 5 11:57:50 apinger: No usable targets found, exiting
              Sep 5 11:57:51 check_reload_status: Updating all dyndns
              Sep 5 11:57:51 dnsmasq[483]: started, version 2.55 cachesize 10000
              Sep 5 11:57:51 dnsmasq[483]: compile time options: IPv6 GNU-getopt no-DBus I18N DHCP TFTP
              Sep 5 11:57:51 dnsmasq[483]: reading /etc/resolv.conf
              Sep 5 11:57:51 dnsmasq[483]: using nameserver 8.8.8.8#53
              Sep 5 11:57:51 dnsmasq[483]: using nameserver 68.94.156.1#53
              Sep 5 11:57:51 dnsmasq[483]: using nameserver 68.94.157.1#53
              Sep 5 11:57:51 dnsmasq[483]: using nameserver 8.8.4.4#53
              Sep 5 11:57:51 dnsmasq[483]: ignoring nameserver 127.0.0.1 - local interface
              Sep 5 11:57:51 dnsmasq[483]: ignoring nameserver 127.0.0.1 - local interface
              Sep 5 11:57:51 dnsmasq[483]: read /etc/hosts - 2 addresses
              Sep 5 11:57:51 php: : Could not find gateway for interface(wan).
              Sep 5 11:57:51 php: : Could not find gateway for interface(wan).
              Sep 5 11:57:51 php: : Could not find gateway for interface(wan).
              Sep 5 11:57:56 php: : DynDns: updatedns() starting
              Sep 5 11:57:57 php: : ROUTING: setting default route to 99.144.195.254
              Sep 5 11:57:58 check_reload_status: Reloading filter
              Sep 5 11:57:58 apinger: Starting Alarm Pinger, apinger(565)
              Sep 5 11:57:58 php: : DynDns: updatedns() starting
              Sep 5 11:58:01 php: : DynDns debug information: 99.141.1xx.xxx extracted from checkip.dyndns.org
              Sep 5 11:58:02 php: : DynDns: Current WAN IP: 99.141.1xx.xxx Cached IP: 99.141.xxx.xxx
              Sep 5 11:58:02 php: : DynDns debug information: DynDns: cacheIP != wan_ip. Updating. Cached IP: 99.141.xxx.xxx WAN IP: 99.141.1xx.xxx
              Sep 5 11:58:02 php: : DynDns: DynDns _update() starting.
              Sep 5 11:58:02 dnsmasq[483]: reading /etc/resolv.conf
              Sep 5 11:58:02 dnsmasq[483]: using nameserver 8.8.8.8#53
              Sep 5 11:58:02 dnsmasq[483]: using nameserver 68.94.156.1#53
              Sep 5 11:58:02 dnsmasq[483]: using nameserver 68.94.157.1#53
              Sep 5 11:58:02 dnsmasq[483]: using nameserver 8.8.4.4#53
              Sep 5 11:58:02 dnsmasq[483]: ignoring nameserver 127.0.0.1 - local interface
              Sep 5 11:58:02 dnsmasq[483]: ignoring nameserver 127.0.0.1 - local interface
              Sep 5 11:58:02 check_reload_status: Syncing firewall
              Sep 5 11:58:05 check_reload_status: Syncing firewall
              Sep 5 11:58:07 php: /pkg_mgr_install.php: Beginning package installation for darkstat.
              Sep 5 11:58:07 php: : OpenNTPD is starting up.
              Sep 5 11:58:07 php: : DynDns: DynDns _checkStatus() starting.
              Sep 5 11:58:07 php: : DynDns: Current Service: zoneedit
              Sep 5 11:58:07 php: : DynDns debug information: 99.141.1xx.xxx extracted from checkip.dyndns.org
              Sep 5 11:58:07 php: : phpDynDNS: updating cache file /conf/dyndns_wanzoneedit'User Edit…'.cache: 99.141.1xx.xxx
              Sep 5 11:58:07 php: : phpDynDNS: (Success) IP Address Updated Successfully!
              Sep 5 11:58:08 php: : DynDns debug information: 99.141.1xx.xxx extracted from checkip.dyndns.org
              Sep 5 11:58:08 php: : DynDns: Current WAN IP: 99.141.1xx.xxx Cached IP: 99.141.1xx.xxx
              Sep 5 11:58:08 php: : phpDynDNS: No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
              Sep 5 11:58:08 php: : DynDns: updatedns() starting
              Sep 5 11:58:08 check_reload_status: Reloading filter
              Sep 5 11:58:09 php: : DynDns debug information: 99.141.1xx.xxx extracted from checkip.dyndns.org
              Sep 5 11:58:09 php: : DynDns: Current WAN IP: 99.141.1xx.xxx Cached IP: 99.141.xxx.xxx
              Sep 5 11:58:09 php: : DynDns debug information: DynDns: cacheIP != wan_ip. Updating. Cached IP: 99.141.xxx.xxx WAN IP: 99.141.1xx.xxx
              Sep 5 11:58:09 php: : DynDns: DynDns _update() starting.
              Sep 5 11:58:09 check_reload_status: Restarting ipsec tunnels
              Sep 5 11:58:09 php: : DynDns: updatedns() starting
              Sep 5 11:58:11 php: : Creating rrd update script
              Sep 5 11:58:11 php: : miniupnpd: Starting service on interface: lan
              Sep 5 11:58:11 miniupnpd[741]: HTTP listening on port 2189
              Sep 5 11:58:11 miniupnpd[741]: HTTP listening on port 2189
              Sep 5 11:58:11 miniupnpd[741]: Listening for NAT-PMP traffic on port 5351
              Sep 5 11:58:11 miniupnpd[741]: Listening for NAT-PMP traffic on port 5351
              Sep 5 11:58:11 php: : Restarting/Starting all packages.
              Sep 5 11:58:12 php: : DynDns: DynDns _checkStatus() starting.
              Sep 5 11:58:12 php: : DynDns: Current Service: zoneedit
              Sep 5 11:58:12 php: : DynDns debug information: 99.141.1xx.xxx extracted from checkip.dyndns.org
              Sep 5 11:58:12 php: : phpDynDNS: updating cache file /conf/dyndns_wanzoneedit'User Edit….....'.cache: 99.141.1xx.xxx
              Sep 5 11:58:12 php: : phpDynDNS: (Success) IP Address Updated Successfully!
              Sep 5 11:58:13 php: : DynDns debug information: 99.141.1xx.xxx extracted from checkip.dyndns.org
              Sep 5 11:58:13 php: : DynDns: Current WAN IP: 99.141.1xx.xxx Cached IP: 99.141.1xx.xxx
              Sep 5 11:58:13 php: : phpDynDNS: No change in my IP address and/or 25 days has not passed. Not updating dynamic DNS entry.
              Sep 5 11:58:14 php: : IPSEC: One or more IPsec tunnel endpoints has changed its IP. Refreshing.
              Sep 5 11:58:15 login: login on ttyv0 as root
              Sep 5 11:58:15 sshlockout[934]: sshlockout/webConfigurator v3.0 starting up
              Sep 5 11:58:16 check_reload_status: Reloading filter
              Sep 5 11:58:19 php: : Resyncing OpenVPN instances for interface WAN.
              Sep 5 11:58:19 php: : Creating rrd update script
              Sep 5 11:58:19 php: : The command '/usr/bin/killall 'ntpd'' returned exit code '1', the output was 'killall: warning: kill -TERM 512: No such process'
              Sep 5 11:58:19 php: : OpenNTPD is starting up.
              Sep 5 11:58:19 php: : pfSense package system has detected an ip change 99.141.xxx.xxx -> … Restarting packages.
              Sep 5 11:58:19 check_reload_status: Starting packages
              Sep 5 11:58:24 php: : Restarting/Starting all packages.
              Sep 5 11:58:58 apinger: Error while feeding rrdtool: Broken pipe
              Sep 5 11:59:58 apinger: /usr/local/bin/rrdtool respawning too fast, waiting 300s.</intel></intel></intel></intel></intel></intel></intel></intel></wdc></cpu></cpu></generic></system></isa></ps></at></keyboard></parallel></printer></plip></parallel></parallel></floppy></at></multimedia,></ata></ata></intel></isa></pci-isa></i82555></mii></intel></i82555></mii></intel></vga-compatible></bcm4401></mii></broadcom></acpi></acpi></intel></intel></intel></intel></intel></intel></intel></intel></acpi></acpi></intel></acpi></acpi></power></acpi></acpi></asus></software></version></asus></cnxt-id,xtpr></fpu,vme,de,pse,tsc,msr,pae,mce,cx8,apic,sep,mtrr,pge,mca,cmov,pat,pse36,clflush,dts,acpi,mmx,fxsr,sse,sse2,ss,htt,tm,pbe>

              1 Reply Last reply Reply Quote 0
              • Cry HavokC
                Cry Havok
                last edited by

                Your hardware is easily capable of handling that bandwidth - I had a much lower spec box (single core, 1 GHz, maybe 1 GB of RAM, RealTek NICs) handled a 20 Mb/s link without any issues - including full Skype videoconferencing. This also suggests that neither pfSense or the basic hardware is the problem.

                I assume you've swapped it for something else to check that the problem isn't your modem or network cable?

                1 Reply Last reply Reply Quote 0
                • B
                  breese
                  last edited by

                  My Toshiba Satellite shows the same issues.

                  The pfSense box is healthy.
                  Funny thing is I do not recall having these types of issues when the same box was setup as a Wingate firewall system.
                  All I did was swap the HD with a new one and installed pfSense.
                  As for network cables…. 3 foot or less between all the major hardware in my rack.

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    Have you enabled UPNP?

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • B
                      breese
                      last edited by

                      Yep… Anything else you need?

                      9412 keep state udp 10.0.0.101 NAT-PMP 110976
                      9412 keep state tcp 10.0.0.101 NAT-PMP 110976

                      1 Reply Last reply Reply Quote 0
                      • B
                        breese
                        last edited by

                        I started using some of the settings I posted with the first post.

                        This first one appears to have helped with my Skype issues…
                        Tested with a friend was much better

                        You can raise the maximum socket buffer size by, for example:
                          sysctl -w kern.ipc.maxsockbuf=4000000

                        Adding this caused all sorts of issue including not being able to get to my web server behind the pfSense firewall. removing it and rebooting the firewall fixed it

                        The default maximum value is 256KB which is likely too small. These should likely be increased, e.g. with follows:
                            net.inet.tcp.sendbuf_max=16777216
                            net.inet.tcp.recvbuf_max=16777216

                        More to come

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S
                          stephenw10 Netgate Administrator
                          last edited by

                          Interesting.
                          On my 2.0 box kern.ipc.maxsockbuf is already set to 4262144.
                          The -w option on the sysctl command is not needed. See here.

                          My own experience is that skype is far from perfect and below what I expect from my connection. Anything you find will be useful.

                          Steve

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.