4. Crazy Graphs?

Crazy Graphs?

  • B

    Hi, i got SG-8860 1U pfSense® Security Gateway Appliance running a standart office network, and everything is cool but it shows 20G througput and millions of packets.
    on the graphs trouble started when i enabled vlans. I had Flat network, and changed it to vlans separated.
    there are no bridges configured, and to the LAN port i got Ubiquity TOUGHTSwitch connected, that is not showing so high packet rate










    ![Screenshot from 2015-09-22 16:51:45.png](/public/imported_attachments/1/Screenshot from 2015-09-22 16:51:45.png)
    ![Screenshot from 2015-09-22 16:51:45.png_thumb](/public/imported_attachments/1/Screenshot from 2015-09-22 16:51:45.png_thumb)

    0
  • H

    You could possibly have a network loop. Your firewall has an Intel i350, which has a build in switch where if the destination MAC address from one port is to another MAC of the same network card, it will switch in the network card itself, so the packet doesn't need to go through the GBE interface, and it switches at full PCIe rates, which is VERY fast.

    0
  • B

    that what i tried to find,
    but correct me if i wrong, this should be loop in the firewall itself, right?

    0
  • C

    Even a loop within itself shouldn't exceed 1 Gbps in pf's counters. Check the output of 'pfctl -vvsr' to see the counters.

    Probably best to open a support case with us, you won't get an incident docked for any software issues which that seems to be. Please attach the status_output.tgz from status.php, so we can see the relevant back end data.

    0
  • H

    @cmb:

    Even a loop within itself shouldn't exceed 1 Gbps in pf's counters. Check the output of 'pfctl -vvsr' to see the counters.

    Probably best to open a support case with us, you won't get an incident docked for any software issues which that seems to be. Please attach the status_output.tgz from status.php, so we can see the relevant back end data.

    Why wouldn't it exceed 1Gbps?

    0
  • B

    Thanks @cmd, will do.
    i restarted the firewall, and looks like it stopped.  I got status tgz before and after, will open the ticket when i'll have more info

    0
  • C

    @Harvy66:

    Why wouldn't it exceed 1Gbps?

    With the nature of how those counters work, it isn't possible to exceed the link speed of the interface if you're getting sane values.

    @burdandrei:

    Thanks @cmd, will do.
    i restarted the firewall, and looks like it stopped.  I got status tgz before and after, will open the ticket when i'll have more info

    Thanks, curious to see that.

    0
  • H

    @cmb:

    @Harvy66:

    Why wouldn't it exceed 1Gbps?

    With the nature of how those counters work, it isn't possible to exceed the link speed of the interface if you're getting sane values.

    @burdandrei:

    Thanks @cmd, will do.
    i restarted the firewall, and looks like it stopped.  I got status tgz before and after, will open the ticket when i'll have more info

    Thanks, curious to see that.

    So even if the actual link speed is faster than the reported link speed? It's not a common situation, but this is one of them.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy