4. Extreme Latency Resetting States Fixes Happening Every 30-90 Minutes

Extreme Latency Resetting States Fixes Happening Every 30-90 Minutes

  • E

    I have been just recently (last 24 hours) been having issues with my internet connection. I rebooted my firewall after upgrading and noticed that my connection improved. It was taking minutes for websites to load back to the few seconds it normally takes. After the firewall had been up for a few hours I noticed the problem happening again. I looked at my state table I only had about 80-90 of 10000, I decided to reset the state table and viola, my connection improved again. So I waited, and again my connection dropped to a crawl, I started another trace route to www.google.com for testing, each hop was taking about 1400-3300 ms, in the middle of the traceroute I reset the state table again, and the rest of the hops took only 10-20 ms. Just to be on the safe side, I waited until my connection slowed again and tested this theory again and it is the same behavoir each time.

    I am not sure what is going on here, this just started this morning (at least today is the first I have noticed it). I am pretty sure this hasn't been a problem for long, but nothing has changed. I upgraded pfsense today only after I originally saw this problem thinking it might help, but it hasn't. This is becoming a serious problem and I could use all the help I could get.

    I have noticed also that the state count doesn't necessary stay the same.

    Thank you for your time.

    -Erik

    0
  • F

    Try changing your Firewall Optimization to 'aggressive'.  This will expire states faster naturally.  Using aggressive does carry the chance of the firewall expiring states that are still in use, however the chances of this actually happening are slim to none.

    System > Advanced > Traffic Shaper and Firewall Advanced

    0
  • R

    Have a look at the states table and see if they are all originating from one LAN IP. I had an issue with some sort of DoS program on a machine that one morning started sending out thousands of requests to weather.com. Tied up the entire state table. I pulled that machine and all was back to normal.

    0
Locked
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy