[Solved] In/out errors on LAN

Derelict

Everything should be auto-negotiate with gigabit but check for something on one side being 100-half and the other side being 100-full.

And bridging all your gigabit pfsense ports just takes all your extra, expensive, gigabit router ports and turns them into cheap, gigabit switch ports.  Not sure why you would want to do that.

0x10C

I do have two devices on my switch which are 100Mb and not 1Gb (Server IPMI and CCTV Camera Hub). And then I have two computers also on it at 1Gb/s

Could that be the cause of it?

Also the reason I bridged the LAN to create a switch is because that's how I wanted it. I'm not using VLAN's or multiple subnets. The card wasn't very expensive, cost me less than a single port card due to a good deal.

Derelict

Ok.  Bridging is a waste of ports but it's your network.

You need to be sure that every interface on your network is connected to a port in the same mode.  That's the first thing I would verify if I was seeing errors like that.

And not just what the settings say it should be, but what the port has actually negotiated.

0x10C

When you say the same mode are you referring to half / full duplex?

My setup is like so.

Modem -> 1Gb/s Full Duplex -> PFSense

Then it goes PFSense -> 1Gb/s Full Duplex -> Switch/AP

Then from there it goes:
Switch/AP -> 1Gb/s Full Duplex -> Desktop
Switch/AP -> 1Gb/s Full Duplex -> Home Server
Switch/AP -> 1Gb/s Full Duplex -> Server IPMI (I thought this was 100Mb but it's actually 1Gb)
Switch/AP -> 100Mb/s Full Duplex -> CCTV Hub

So far I've tried changing the ports being used for the PFSense -> Switch connection on both sides and changed the cable. None of this affected the rate of the errors.

Any ideas at all? Maybe I should remove the lan bridge and see if that changes the situation since I'm not using the four ports anyway only one.

Derelict

If that's the case and you have verified that all ports are actually negotiated as you describe, then you need to look at cables and ports/NICs as possible points of errors.

Mode:

100-full
100-half
gigabit

0x10C

Thank you for your time. Just to confirm In/Out errors of any kind like this is unusual right? I'm having 0.87% of all packets fail only on the Lan Bridge, that's not normal for Bridges or anything like that?

I'm thinking perhaps it's my 4 port Intel Nic, luckily I do have another Nic I can try.

Derelict

No.  it's not normal.  Screenshot is a bridge0.  Get iinto the shell and look at the bridge member interfaces too.  ifconfig -a

ETA: Nevermind.  ifconfig doesn't show errors. Have cisco on the brain.


0x10C

Ok I've done that command in the shell and I've got a lot of information back. I'm not exactly sure what parts I should take note of. Nothing is sticking out to me.

Here is the screenshot. The only thing I've removed is the IPv4 WAN address for privacy.

Derelict

Sorry.  Have cisco on the brain.  ifconfig doesn't show errors.

Derelict

Do a Diagnostics > Command Prompt then enter netstat -i.

That way you can just cut and paste into a post.

0x10C

Here is that result.

$ netstat -i
Name               Mtu Network       Address              Ipkts Ierrs Idrop    Opkts Oerrs  Coll
igb0              1500 <link#1>00:1b:21:a6:56:80  6099743     0     0  3997337     0     0
igb0                 - fe80::21b:21f fe80::21b:21ff:fe        0     -     -        2     -     -
igb1              1500 <link#2>00:1b:21:a6:56:81 20438108     0     0 10787381     0     0
igb1                 - fe80::21b:21f fe80::21b:21ff:fe        0     -     -        1     -     -
igb2              1500 <link#3>00:1b:21:a6:56:82        0     0     0        0     0     0
igb2                 - fe80::21b:21f fe80::21b:21ff:fe        0     -     -        1     -     -
igb3              1500 <link#4>00:1b:21:a6:56:83        0     0     0        0     0     0
igb3                 - fe80::21b:21f fe80::21b:21ff:fe        0     -     -        2     -     -
em0               1500 <link#5>00:1b:63:f1:10:9b 14848095     0     0 26496640     0     0
em0                  - fe80::21b:63f fe80::21b:63ff:fe        0     -     -        4     -     -
em0                  - 94.174.70.0   cpc14-enfi16-2-0-    70129     -     -    20091     -     -
pflog0           33144 <link#6>0     0     0    96767     0     0
pfsync0           1500 <link#7>0     0     0        0     0     0
lo0              16384 <link#8>3352954     0     0  3352953     0     0
lo0                  - your-net      localhost          3365820     -     -  3352952     -     -
lo0                  - localhost     ::1                      0     -     -        0     -     -
lo0                  - fe80::1%lo0   fe80::1%lo0              0     -     -        0     -     -
enc0              1536 <link#9>0     0     0        0     0     0
bridge0           1500 <link#10>02:fe:4a:c8:9c:00 26548908     0     0 14809533 133170     0
bridge0              - 192.168.0.0   pfSense              48622     -     -    54149     -     -
bridge0              - fe80::1:1%bri fe80::1:1%bridge0     1519     -     -     4682     -     -</link#10></link#9></link#8></link#7></link#6></link#5></link#4></link#3></link#2></link#1> 

0x10C

One thing I don't understand, it's showing 10787381 packets out on igb1 which is my PFSense box's port that I'm using to connect to my Switch (I switched it from igb0 when trying to test if it was the port at fault). But it shows 0 Errors igb1 and igb0.

But then on the bridge, it shows the traffic and errors. Does that mean the errors are isolated in my Bridge and not the networking hardware or are the errors for individual nics suppressed and shown on the bridge instead? Hmm

jahonix

Try a different Cat cable and a different switch-port after that.

0x10C

I already tried that. Same amount of errors. I think what I'll try tomorrow is removing the LAN Bridge and if that doesn't work I'll change the NIC.

Derelict

That is strange.

I would expect to see errors on the bridge member but maybe it doesn't work that way.  Either way, if you delete the bridge since you're only using one port, that will tell you something.

I don't think you have to delete it.  Just remove igbX from the bridge, then assign LAN to igbX.

0x10C

Okay I've resolved the problem.

First thing I did today was get a proper Ethernet cable tester. I tested all my cables, they are all wired correctly and have excellent frequency response with no outside foreign frequencies detected.

Then I fitted a brand new switch. Problem still there.

So I'd ruled out my switch, my cables, and all four individual ports on my PFSense box. I'm using an Intel i340-T4 by the way.

So now it came time to remove the bridge. I did that and guess what? no more in/out errors. Completely gone. I tested every port on the i340-T4 individually by changing the LAN to each port and none of them shows any errors of any kind. Then I put the bridge back as it was before and the errors instantly came back.

I'm not sure if this is an igb driver issue, a pfsense issue or something along those lines. If anyone wants more information about the way I was running this setup feel free to ask.

Thank you Derelict and jahonix for your help. The forum is a great resource with people like yourselves willing to answer peoples questions.

cmb

Did it actually cause any issues? Might just be cosmetic. Haven't seen that, that's a pretty common type of configuration. Might also want to try on 2.2.

0x10C

I'm on 2.2 RC. Have been the entire time.

It didn't seem to cause any problems. Network speed was consistent, everything worked fine. Just the errors kept climbing at a steady pace.

As I say though, removed the bridge, errors gone. Perhaps it was my fault in the way I set the bridge up?

Hakker

I found the issue. It gives out errors because you have unused ports. I had the exact same issue but when I removed the 2 nics which didn't had a cable in them I stopped receiving those errors. So it seems to be a cosmetic thing.

Derelict

Ahh..  File that one away.  Thanks.