How to test pfSense after previous problems
-
Hello,
I've been running pfSense (latest stable release) on an HP DL380 G5, the HP box was bringing us huge problems due to the NICs (broadcoms) were having troubles with pfSense.
So I thought like:
VMWare ESXi emulates Intel e1000 NICs, so in theory I would be able to run pfSense just fine under ESXiBut now i'm looking for a way to test if it runs just fine, there are the problems we've had before.
-
HIGH Ping
-
Bandwith not getting higher then 2Mbit (even when only a single device was connected to pfSense, connecting the same, single device to the modem gave us 120Mbit)
-
DNS Names not resolving with nameserver due to high ping.
Now i'd expect these problems to be solved with ESXi as I stated before, but can I rely on this theory? And how can I put it to the test, without having to put all 400 devices behind the pfSense firewall? (Those devices need 24/7 working internet access)
Thanks :)
aTastyAim -
-
Those problems sound like an interface duplex mismatch or bad cable (or both ;)).
You should check for errors on the interface. That is usually caused by a negotiation problem between the two ends of the link which can a result of one end not set to auto-negatioate speed/duplex or a bad cable.Steve
-
I already swapped cables, no result, and set the interface to 100Mbit on both ends, which also, gave me no result.
-
Hmm, well since they are Broadcom NICs did you try the advise here:
http://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards#Broadcom_bce.284.29_CardsI would expect it work fine under ESXi though. It should be easy to test that you're not restricted to 2Mbps on a 120Mbps connection.
Steve
-
Hmm, well since they are Broadcom NICs did you try the advise here:
http://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards#Broadcom_bce.284.29_CardsI would expect it work fine under ESXi though. It should be easy to test that you're not restricted to 2Mbps on a 120Mbps connection.
Steve
Yes, I tried that, for me it didn't make the diffrence. And well, the issue is, when running unvirtualised on the broadcom NICs it ran fine for a few days, from then i'd only go downhill.
-
Ah well that's more difficult to test if you have to wait 2 days for it to show up. ;)
That does sound similar to the problem that is addressed by the tweaks in the wiki. The system eventually runs out of mbufs due to a driver issue and the NICs start throwing errors. However usually when that happens the logs are full of errors and the traffic stops almost entirely.Steve
-
That's exactly what happened.
So, if I get this straight, it shouldn't happen when I run pfSense virtualized with ESXi (because ESXi emulates Intel PRO/1000 NICs)? -
Exactly. The Broadcom NICs are handled by ESXi so the issue is mute. Theoretically! :)
If it was that problem I would have expected you to see many many errors in the logs.Steve
-
Well I could recall many errors thrown into the log. Couldn't recall what it was about.
-
I may have remebered incorrectly about the errors, I can't now find a example of it. However:
http://forum.pfsense.org/index.php/topic,35895.0.htmlSteve
