Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    High traffic on WAN interface

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A Offline
      anishpsla
      last edited by

      After upgrading to latest version of Pfsense, I am facing a strange problem. The WAN interface face high in Traffic. It use almost 100% of available bandwidth. The strange is, it does not have same amount of LAN traffic. The system was working without any problem. But after the upgrade, it started to show the problem. At present, the system is not usable. We are using the system as web proxy using Squid3. It does not using ClamAV or any type of filtering. See the screenshot.

      pfsense.png
      pfsense.png_thumb

      1 Reply Last reply Reply Quote 0
      • DerelictD Offline
        Derelict LAYER 8 Netgate
        last edited by

        If you click on Current WAN Traffic You'll get the same info but also get the IP addresses generating the traffic.  That show anything useful?  Could be a DDoS.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • A Offline
          anishpsla
          last edited by

          Now the problem is seems to be solved. Can we get any information from system log ?

          1 Reply Last reply Reply Quote 0
          • DerelictD Offline
            Derelict LAYER 8 Netgate
            last edited by

            Depends on what it was.  Looks like a DDoS.  There might have been a bunch of firewall logs at the time.  Not that they would do you much good.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.