How to test pfSense after previous problems

aTastyAim

Hello,

I've been running pfSense (latest stable release) on an HP DL380 G5, the HP box was bringing us huge problems due to the NICs (broadcoms) were having troubles with pfSense.

So I thought like:
VMWare ESXi emulates Intel e1000 NICs, so in theory I would be able to run pfSense just fine under ESXi

But now i'm looking for a way to test if it runs just fine, there are the problems we've had before.

• HIGH Ping

• Bandwith not getting higher then 2Mbit (even when only a single device was connected to pfSense, connecting the same, single device to the modem gave us 120Mbit)

• DNS Names not resolving with nameserver due to high ping.

Now i'd expect these problems to be solved with ESXi as I stated before, but can I rely on this theory? And how can I put it to the test, without having to put all 400 devices behind the pfSense firewall? (Those devices need 24/7 working internet access)

Thanks :)
aTastyAim

stephenw10

Those problems sound like an interface duplex mismatch or bad cable (or both  ;)).
You should check for errors on the interface. That is usually caused by a negotiation problem between the two ends of the link which can a result of one end not set to auto-negatioate speed/duplex or a bad cable.

Steve

aTastyAim

I already swapped cables, no result, and set the interface to 100Mbit on both ends, which also, gave me no result.

stephenw10

Hmm, well since they are Broadcom NICs did you try the advise here:
http://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards#Broadcom_bce.284.29_Cards

I would expect it work fine under ESXi though. It should be easy to test that you're not restricted to 2Mbps on a 120Mbps connection.

Steve

aTastyAim

@stephenw10:

Hmm, well since they are Broadcom NICs did you try the advise here:
http://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards#Broadcom_bce.284.29_Cards

I would expect it work fine under ESXi though. It should be easy to test that you're not restricted to 2Mbps on a 120Mbps connection.

Steve

Yes, I tried that, for me it didn't make the diffrence. And well, the issue is, when running unvirtualised on the broadcom NICs it ran fine for a few days, from then i'd only go downhill.

stephenw10

Ah well that's more difficult to test if you have to wait 2 days for it to show up.  ;)
That does sound similar to the problem that is addressed by the tweaks in the wiki. The system eventually runs out of mbufs due to a driver issue and the NICs start throwing errors. However usually when that happens the logs are full of errors and the traffic stops almost entirely.

Steve

aTastyAim

That's exactly what happened.
So, if I get this straight, it shouldn't happen when I run pfSense virtualized with ESXi (because ESXi emulates Intel PRO/1000 NICs)?

stephenw10

Exactly. The Broadcom NICs are handled by ESXi so the issue is mute. Theoretically!  :)
If it was that problem I would have expected you to see many many errors in the logs.

Steve

aTastyAim

Well I could recall many errors thrown into the log. Couldn't recall what it was about.

stephenw10

I may have remebered incorrectly about the errors, I can't now find a example of it. However:
http://forum.pfsense.org/index.php/topic,35895.0.html

Steve