Internet Connections fails - Time to time & Low bandwidth



  • Hi

    I'm using pfsense as my loadlancer with two WAN connections, one is a little poor ADSL(2Mb No static ip) & a 256k Leased line. This was working very well but recently it started failing for a about 10-20 minutes very often. Most of the time both Internet connections goes down and come up soon(please see traffic graphs attached). The connections are stable when I checked with ISPs, but my Traffic graphs shows very less values. I didn't notice any problem over the system log. Please find attachments below. When this happens cant even ping to my ISP's router through any of the WAN interfaces.

    Kindly Help me on this issue!

    ======================
    filter log starts like this;
    tcpdump: WARNING: pflog0: no IPv4 address assigned
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on pflog0, link-type PFLOG (OpenBSD pflog file), capture size 96 bytes

    Thanks in advanced

    Manjula









  • Check the monitor IP's.  Ensure that proper static route entries are in place for these monitor IP's and make sure the IP that you are monitoring is really on the paticular network that the link is using.

    IE: Don't use monitor ip's such as google.  Use a next hop router on each of the ISP's networks.



  • Hi,

    Thanks so much for your quick response Sullrich. I checked monitoring IPs they are arranged well. Yesterday I installed pfsense 1.2 release and now its connected to ONLY ONE WAN CONNECTION (main leased line). But still my connection goes down for 15-20mints time to time. though its down  I could successfully traceroute and ping through the shell (traceroute -i rl1 www.google.com).
    Kindly help!

    thanks!

    Manjula



  • You are using unique monitor IPs per WAN right? It won't work if you use the same monitor IP on both WANs.



  • Hi

    I'm not Hoba. I was using my gateway which is my ISPs router IP they are different. But I'm not using LB now. just routing still it goes dwn randomly (in the morning and evening). And I have an ADSL connection which has NO static ip after the reinstall that doesn't wok. Can't connect to the ADSL connection.

    (pls let me know if you need mor details)

    kindly help!

    Manjula



  • Is this an upgraded config from a quite old version? The way we hande and create pools has changed at some point. Please delete all poolmembers from your pools without deleting the pool itself. Then add themnm through the gui again. Maybe that's causing your problems.



  • I have the same problem. My solution was to disable the "Sticky Connection" option and everything works perfectly both the load balancing and failover.



  • HI

    I forgot to do this after the new installation. now it does not go down but sometimes very slow. In the mean time I could clean some Trojans in our LAN as well. Now the situation is under control. Can any one explain this why my Diagnostics: System logs: Firewall has this entry every minute?

    Mar 19 07:12:27  WAN  172.16.0.1:5678  255.255.255.255:5678  UDP

    Thanks!

    Manjula



  • That's some kind of broadcast. I guess it's a program that tries to announce it's availability so other nodes in the network can find it. Probably check what's listening on that port on that client.

    Some googling later and it seems to be related to UPnP.



  • @manjula:

    HI

    I forgot to do this after the new installation. now it does not go down but sometimes very slow. In the mean time I could clean some Trojans in our LAN as well. Now the situation is under control. Can any one explain this why my Diagnostics: System logs: Firewall has this entry every minute?

    Mar 19 07:12:27  WAN  172.16.0.1:5678  255.255.255.255:5678  UDP

    Thanks!

    Manjula

    its coming from WAN so its not your internal network, its coming from the Internet.  like Hoba said, its upnp broadcast so nothing for you to worry about.



  • Hi

    Thanks Hoba & Sai I appreciate your valuable comments. Still my connection is poor. The "Status: Traffic Graph" shows a high utilization but there is no such traffic. LAN side ping request goes up to 3046ms (sometimes 14000,12000) though graphs shows 254 in WAN side. I've noticed a significant Outbound traffic sometimes its more than the Inbound. (at that time most of the users were just using web)

    I need your help further.

    Thasnks

    Manjula



  • I think it's time to do some inspection on the traffic to see what's going on. Watching the pftop from console or ssh will show you some live values. Other option is to sniff the traffic with something like wireshark. I had a similiar situation at work which I only got resolved by using a spanport on the lan uplink of my pfSense and sniffing the traffic.



  • Hi

    Yes Hoba. As you said I did an inspection on my traffic but couldn't find any major problems. So then I just connect the WAN connection to my PC's Firestarter it works fine. I think something wrong with the firewall even my ADSL connection did not work well since it was connected to OPT1(When I use it as WAN1 connection it works fine, though it has a Dynamic IP). Don't know this is a problem with routing/loadbalancing or both.

    I remember I had to skip some steps when installing the pfsense - but now I cant remember exactly what I have ignored.

    Now the problem is more complicated.

    Manjula



  • Can you try running from the livecd and just configure the basic things so we can exclude a broken installation?



  • Thats a good idea. I will try out this. Any idea about why my ADSL connection doesn't work?



  • Hi

    I tried installing this again the only error I had was

    "Exicution of command /sbin/fdisk -v -f /tmp/new.fdisk ad1 failed …..... fdisk warning line1: number of cylinders (19679) may be out of range" must be within 1-1024 for normal Bios opration unless the entire disk is dedicated to freeBSD.... number of sectors must be within (1-63)

    I'm using a Gigabyte mother board and could not find where to set LBA (But when the pc is rebooting it say HDD LBA is On)
    I could proceed by skipping the error. So my question is Will this effect the internal operation like routing in the future though I ignored it? If so any other solution for that?

    thanks

    Manjula



  • I have seen problems with bioses that run AUTO for the disks. Even though they output LBA in the bios and the bootup freebsd is detecting a different geometry when the bios is set to LBA instead of AUTO which leads to different issues. I wouldn't want to live with that situation even though it seems to be working atm. You never know when the filesystem might blow up due to that.



  • When I'm installing the firewall had this problem "/sbin/fdisk -v -f /tmp/new.fdisk ad1" I'm using a 40GB Hard disk and a Gigabite main board. Still I could continue the installation by skipping the error. So will this effect my WAN connection to go down? I found that I have to use LBA for my HDD but I coun't fnd that option on my main board..

    Pls help me!



  • Sorry dint see your comments on the 2nd page..

    Any suggestion for this…?


Locked