Interfaces "dying" at high traffic



  • Hello everyone,

    lately we have seen interfaces "dying" when there is too much traffic going through them eg. 1Gb/s (the interfaces are 1Gb/s). To be exact SMB file transfer between two zones on the firewall (two interfaces).
    We have first seen this with pfSense (2.2.3-RELEASE) virtualized in Hyper-V (Windows server 2012 R2) and thought that it was happening because of virtualization. But then started seeing this on physical hardware installations. There is pretty much nothing in the logs and the whole firewall has to be restarted for the issue to be resolved. Sometimes it has to be restarted multiple times. Updating to the latest version hasn't resolved this.

    Has anyone else experienced this?

    Cheers



  • What kind of NICs? My box at home works just fine NATing with a sustained 1.5Gb/s full duplex, which is the fastest my other test machine can reach.



  • Interfaces are Hyper-V network interfaces, Marvell E8053 and Realtek 8111CP.



  • I was doing some testing of 2.2.x under ESXi with iPerf a couple of months ago and I pounded the linsk at max without any issue.  This was between two VMs, on on LAN and one on DMZ (OPT1).



  • Realtek is pretty bad in general. Not sure about Marvell.


  • LAYER 8 Netgate

    Could this be mbufs? What's Status > RRD Graphs, System tab Graphs: Mbuf show for a period where it croaked?



  • I doubt that it would show in the "mbuf" graph since it happens a few seconds after a SMB file transfer is initiated.
    Here are some graphs:

    This one is interesting since it shows some changes:

    I think that a recent update is causing this.
    These graphs are from a pfSense running on a COMMELL LV-674:
    http://www.commell.com.tw/Product/SBC/LV-674.HTM



  • I am also having the same issue with latest release 2.2.5. On excess load my lan interface stop responding.
    on status > inerface I can see lot of in/out and collision on my lan interface , mbufs are just fine.
    I am using Intel gig Nic for lan interface.
    With same load on my ubuntu machine work as a nat router there is not any issue on lan.
    what should be causing the lan to stop responding in excess load?



  • Come on guys this is a real problem. It hasn't been a problem before on the same hardware, so it must have come with a recent update.
    Isn't anyone else experiencing the same issue?



  • @tehnikk:

    Come on guys this is a real problem. It hasn't been a problem before on the same hardware, so it must have come with a recent update.
    Isn't anyone else experiencing the same issue?

    Well a couple of posters above indicated they aren't seeing the issue, I'm not seeing the issue, frankly, there isn't a whole lot of information provided to try and help.

    What kind of configuration do you have?  Extra packages, rules, etc?
    What do network stats say; one of the posters above talks about collisions.  Collisions are often caused by a duplex mismatch between the two ends of a physical link.  Set both ends to autonegotiate or set both ends to the same fixed settings.

    What about CPU utilization when the problem occurs?


  • LAYER 8 Netgate

    There should be 0 collisions on a switched, gig-e network.


Log in to reply