Packetloss on all interfaces
-
Hey Guys,
Im having some packetloss problems, the pfsense box is running fine for a couple of hours. Then it suddenly starts to have allot of packetloss.
If i reboot the box, everything is back to normal. It is currently not loadbalancing, because i thought it would cause the packetloss.
We have a monitoring system on the lan interface wich starts to complain about the lan interface being unreachable.
I cant discover anything weird on the CPU usage or memory load. Any thoughts about this problem?
-
Anything in the systemlogs? Are you running snort?
-
i have been running snort indeed, i removed the package. So if im right im not using snort at the moment. I cannot find anything in the systemlogs for now.
-
Can you verify that snort got removed correctly? Maybe it's still running and detecting an attack and starts to block traffic.
-
I had the same thought, thats why i removed the package. It doesnt show up at the installed packages, it does show up at the packages im able to install. So if im right it should be gone.
I rebooted the box a couple of times, so i dont think it's still running in a background process.
-
Another strange thing is, the loadbalancer marks the ip's as down while they are not.. This goes paired with the lan interface not being reachable.
-
And there are realy no logentries that point to a problem? What hardware are you running on? Also what kernel (embedded, smp, uni, developer)?
-
Well i changed the states to 20 000 and it seems to be running oke now, do you recognize this? The cpu usage is about 20%, its a 2 ghz box.
But i noticed that the states where at their max whole the time, i think that caused the packetloss. Will keep you updated on this.
-
That will absolutely do it. What kind of network do you have behind your pfSense? 10k states sounds heavy. If it seems abnormal I would start investigating the traffic.
-
We have a zabbix monitoring server behind it, that causes the abnormal states ;-) For now its still working great!
-
This definitely solved the problem! Thanks for your help.
-
Good to hear :)
-
I ran into exactly this problem too. My connections were all physically stable, and established connections (downloads, VoIP calls, etc) were reliable. But new connections were intermittently flaky, and packet loss was appearing while pinging the router's internal addresses.
A quick look at the RRD graphs showed that I was hovering around the 10k default state limit. So I doubled the state table size (in System / Advanced).
Thanks for the thread. Love those graphs.