After some hours Internet/LAN slow, LAN Interface ping 3500ms, reboot solves
-
Hello,
i´ve got a pfsense2.022.1.2 installation which was running fine for about 10 month. since 2-3 weeks the device completely slows down. the gui is slow, pinging the internal lan-interface takes about 3500ms.System log shows nothing special. cpu, memory usage is fine, no high load, status of interfaces shows no collisions, no errors. but nearly every day internet usage is very slow (after some hours). i tried to restart service by service, but only a restart solved the issue for some hours.
if i use ping from pfsense gui:
pinging to a lan device, or lan-address about 3000ms, pinging to wan (router) about is fine (1ms). so something in the lan network might be the reason?!?i also changed the NIC. Do you have any ideas, what to check?
thank you, kind regards, kallegr
-
what connects pfsense to network.. Switch I would assume. So if you enable and disable the lan nic on pfsense does this fix the issue. When you say restart fixes the issue are you just restarting pfsense or also the switch on your lan network?
-
what connects pfsense to network.. Switch I would assume. So if you enable and disable the lan nic on pfsense does this fix the issue. When you say restart fixes the issue are you just restarting pfsense or also the switch on your lan network?
hmm, shame on me: i haven't tested enabling and disabling lan nic if the problem occurs.
i just restart pfsense and the problem is gone (for some hours).
-
What happens if you ping LAN client to client, since that doesn't go through pfSense at all? Is it still slow or not? The only sure way to find out why a network is slow is to capture some packets and then analyze them in Wireshark.
-
@KOM:
What happens if you ping LAN client to client, since that doesn't go through pfSense at all? Is it still slow or not? The only sure way to find out why a network is slow is to capture some packets and then analyze them in Wireshark.
pinging other computers inside the local lan network is fine. ok, next time i will try to capture some packets. but i'm not good in analyzing with wireshark, may i post it here?
-
I don't know if a packet capture would be useful in this situation where the general LAN is fine. Slow GUI can also be related to DNS issues, believe it or not. Any reason you're still on an old build? 2.0.2 is 2.5 years old now and full of bugs and security vulns as compared to the latest releases.
-
@KOM:
I don't know if a packet capture would be useful in this situation where the general LAN is fine. Slow GUI can also be related to DNS issues, believe it or not. Any reason you're still on an old build? 2.0.2 is 2.5 years old now and full of bugs and security vulns as compared to the latest releases.
oh, sorry. it is 2.1.2 installation - i've corrected my first post.
could a dns problem result to ping times of 3500ms on LAN interface? because ping from pfsense gui to wan-gateway (router) is still fine.
-
could a dns problem result to ping times of 3500ms on LAN interface?
I have not experienced that whereas I have seen the slow GUI - DNS issue first-hand.
oh, sorry. it is 2.1.2 installation
OK, so I will reiterate… why such an old build? 2.1.2 is 1.5 years old now. The reason I ask is that I find it can often be a big waste of time trying to debug a problem in an older version. You need to keep pfSense up to date.
-
OK, so I will reiterate… why such an old build? 2.1.2 is 1.5 years old now. The reason I ask is that I find it can often be a big waste of time trying to debug a problem in an older version. You need to keep pfSense up to date.
ok, i have to update! ;-) it is a bit complicated, because i use pfsense with some other third-party changes (captive portal addons). afaik the third-party addons are not compatible/not tested with 2.2 builds yet. but the software is running on about more than 50 installations with the same hardware and same pfsense version (2.1.2) - no issues until yet.
-
i found one questionable entry in systemlogs…
(re4 is the LAN interface)
kernel: re4: discard frame w/o leading ethernet header (len 4294967292 pkt len 4294967292)
i don´t know if this has something to do with the problem... any ideas?
Update:
a bit of googling shows me user with a similar problem:
http://freebsd.1045724.n5.nabble.com/Problem-with-nfe-stability-and-throughput-td3905429.htmlbut i only have one error in systemlogs..
maybe the "nic driver" has a problem with higher network load?
-
Did the slowness happen just after that error was logged? If there is only the one instance then I would not think that's the root of your problem.
-
@KOM:
Did the slowness happen just after that error was logged? If there is only the one instance then I would not think that's the root of your problem.
i´m not really sure, if this is the exact starting point of the slowness. someone called me, that internet is slow. i checked the logs and found this entry in systemlog.. maybe it was slow some minutes earlier or later…
yes, only one instance of this message is logged.
-
kernel: re4: discard frame w/o leading ethernet header (len 4294967292 pkt len 4294967292)
4GB Ethernet packet. Increased the bar for "jumbo" frames.
