Apinger problem
-
Hello,
I have the following problem with apingeron 1 special WAN interface, apinger will report a wrong RTT after some houres of uptime. (it will drop from the normal ~12ms to ~1-2ms)
Of course the delay ist still 12ms when you do a manual ping.
When I restart apinger service, RTT is back to normal.Sometimes I will get 100% packet loss as well, and the gateway is marked as down.
But it is still up and running fine when I manually check it.
I need to restart apinger service, then the interface is marked as up again and the RTT is back to the right value. But the interface is not used again for traffic until I force it to disabled and enable it again.
I only have this behaviour on one special interface. It is a WAN interface with a "private" IP as there is a cable router doing the internet connection. Gateway monitor IP is a google DNS server.
Again, the internet connection is fine and working at the time apinger marks it as down.
Can I do something?
Thanks a lot!
-
apinger is better in 2.2 (but still not great). You didn't specify what version you're using.
-
Sorry, I am using the 2.2-RELEASE 64bit.
-
Apinger is way worse 2.2 for me than it ever was in 2.1.5 bad enough that cant do fail over on latency or packetloss any longer which is what brought me to pfsense in the first place
really hope apinger gets some love before 2.3 -
Are there any positive news on the issue?
I'm experiencing the exact same behavior on different machines (APUs, Atoms) with different Releases (2.2-RC, 2.2-Release, 2.2.1-Release)
In each setup I have two WANs, where one is a cable router where pfS is the NATed "Exposed Host" on the LAN of the router. There is no option to change the router to act as a modem and as the routers are mandatory and provided by the cable provider there is no way to replace them.Apinger marks the cable connections sporadically (at least I find no logic in that) as down after a few days or weeks (period varies) and never brings them up again until I restart apinger.
I never had a case, where the connection really didn't work when apinger marked it as down.That makes the use of gateway groups totally senseless as it generates way more problems as not using them.
This problem seems to persist since several releases, and in my case seems to have gotten worse with 2.2.
Is there any real solution to the problem (at least in sight)?
Thanks for any info,
Harry -
-
"Apinger marks the cable connections sporadically"
Well why don't you just disable monitoring of the gateway, so its listed as always up? Or use different IP to ping for your monitor?
-
Because that's the opposite of the behavior it was configured for.
2 WANs with Gateway Groups only make any sense if there is a failover in case one goes down.
If I configure one or all as always being up, then there never would be any failover…Which IPs would you propose to ping instead of googles 8.8.8.8 and 8.8.4.4?
Especially with the cable router having the private LAN IP as gateway on the pfS it makes no sense to ping that, as I only would monitor if the router is up, but not if there is a connection to the internet. -
How about pinging your isp gateway? I agree pinging lan side of your natting gateway is of little use.
The worse issue I have seen with apinger is that shows my gateway responding much faster than is possible. I would love it my isp gateway was that responsive, shoot love it if my he tunnel was even better than my isp connection.. But that is not really possible - normally see 8 to 10ms as realistic values when pinging that.
-
from my experience i would not use isp gateway cause most of the internet problems are with my isp's connection to the internet not the local connection
and yes Apinger can't get replaced quick enough if it happened today -
Then traceroute out and pick something that reliably responds to pings.
-
I'm experiencing the apinger problem since I got in touch with pfS on any hardware with any release.
With some releases it seemed to have improved a bit, but never really was reliable.
As the forum shows, I was/am not the only one…I can't understand, why this has not been addressed properly and resolved for good as I consider it crucial for the use of Multi-WAN.
Also, I wonder, why to rely on only one IP to check if a connection is up. I would at least check two, to eliminate sole problems with the checked IP.With each release I'm hoping for the relief.
What a pity - as the rest of pfS works pretty good for me. -
If I had to guess all the devs are are good to excellent internet and the us that are having problems are not what some of us have can hardly be called high speed internet.
the ONLY reason i came to Pfsense was for multi-wan fail over to replace a depreciated xincom router heck it had way better multi wan monitoring in 2009 than we have today
I think we need to start a multi-wan monitoring wish list need for people with poor internet
