I've installed 3 pfsense boxes with WAN/LAN/DMZ and everything works fine most of the time, except for some strange 5 minutes episodies: navigation becomes slow, database client programs and putty sessions closed, etc. When this happens I get high latency ping responses from pfsense LAN interface (1000-2000 ms), even lost packets.
NOTE: I verified low cpu/memory usage, nics normal operation. Everythings seems to be fine.
Some clue about this problem? Someone experiences something like this?
Generally speaking, is it normal to get high latency from LAN interface when a router handles considerable amount of traffic from Internet?
Thanks in advance.
We need some more info about your setup. Please let us know what hardware you are running on, what packages you have installed, what condition triggers this (high load, specific timeinterval, specific time,…) and also check your logs at status>systemlog to see what the system is performing during that time. A look at the RRD-Graphs (States, CPU-Usage, ...) might help too.
Same problem here.
Interesting observation on ping time - I have not tested to verifiy your claim, but will if I experience it again…
My situation is that I have a few hosts in the DMZ running Debian Etch. Sometimes I loose connection from the Putty SSH client on the mahine running on the LAN. However, when I connect through the WAN interface - for instance from work, the connection is rock solid.
By an odd chance I noticed that when booting the Linux hosts in the DMZ, starting the Appletalk network took very long time. I did not need appletalk, so I removed it by doing
aptitude remove netatalk
and presto - the Putty connection from the LAN side seemed much more stable, I could have it open for hours.
Strange, as I have no explanation for this behavior, but I do believe it made a difference...
By the way - you would not happen to have any 3Com 100Mbps unmanaged switches on your network? I have found them to really kill the network. I have had about 10 of them on various places inside my LAN side, and every one of them have at some point blocked the network with bad traffic. All other switches seems to behave nicely, so now the 3Coms are banned...
Do you have the traffic shaper on?!
If yes can you please give the model of you network cards.
If you are using pppoe or pptp and are shaping on the pppoe interface?
What is the config of you shaper like bandwidth settings etc