ALIX 2D13: Performance problems?
-
I've been running pfSense on an ALIX 2D13 board for almost 4 years now. It's been a pretty stable board, except for a board replacement I had to do earlier this year due to a hardware failure. Up until this year, I was only using the LAN and WAN ports for my home network uplinked to a cable modem for internet access. Earlier this year I added a Lab network via the OPT port. Even then pfSense still performed decently for the most part. Today I was testing a system in my lab. I started a transfer of approx. 20GB of files from the LAN (on the LAN port) to the lab network (via the OPT port) just before leaving the house to run errands. I came back about 2 hours later, and noticed that my notebook on wi-fi nor another computer on my LAN was not able to resolve DNS entries for at least 10 minutes (pfSense is a DNS server as well). I was also unable to get to the web gui for pfSense (I didn't think to SSH into it at the time). After that period of time, finally I could reach pfSense, resolve DNS, and actually get to websites. I checked the pfSense logs and noticed the following entries:
Dec 20 15:15:10 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 15:14:58 pfSctl: could not finish connect in a reasonable time. Action of event might not be completed. Dec 20 15:11:51 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 15:07:36 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 15:04:49 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 15:04:34 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 15:00:28 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 14:59:47 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 14:52:02 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 14:47:19 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 14:43:50 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 14:43:32 pfSctl: could not finish read in a reasonable time. Action of event might not be completed. Dec 20 14:42:53 kernel: sonewconn: pcb 0xc4c5f2f4: Listen queue overflow: 8 already in queue awaiting acceptance (1 occurrences) Dec 20 14:41:21 check_reload_status: updating dyndns GW_WAN Dec 20 14:40:23 pfSctl: could not finish read in a reasonable time. Action of event might not be completed.I'm assuming that the transfer of over 20GB of files from the LAN to the OPT port on the ALIX's 100Mb ports was choking the pfSense box. Am I correct in my assumptions, or are there other logs/settings I need to check?
I know the ALIX 2D13 was discontinued this year, so if I am indeed having performance problems I need to find a replacement. I'm looking at the Netgate RCC-VE 2440 (I need 3 ports minimum), but if anyone has any other suggestions let me know.
-
Any insight from anyone on this?
-
Any insight from anyone on this?
I was running pfSense <= 2.0 on Alix 2D13 and replaced it with a more powerful hardware. But transferring 20GB between two LAN ports should be no problem. Do you have things like Snort or Traffic Shaper running?
-
No Snort, but I do have the Traffic Shaper. There are some limits on the WAN and LAN, but none on the VLANs running on the OPT port. I might try disabling the Traffic Shaper to see if that helps, but it's not like the pfSense box was readily available and just throttling traffic at the time. The pfSense box at the time was totally inaccessible. The other factor that concerns me is that the ALIX 2D13 has 100Mb ports, and even if pfSense can handle the traffic it's still going to be pretty slow transferring large amounts of data between those interfaces.
-
ALIX 2D13
- Single core CPU
- 100 MBit/s ports
- RealTek based LAN Ports
- a little bit to old as I see it right
PC Engines APU, ADIs RCC or pfSense Sg units would be coming with;
- Intel based LAN Ports
- Multi core CPUs
- 1 GBit/s LAN Ports
Would be better to go with the newer hardware
-
I've noticed that mine gets sluggish when pushing more than 20Mbps of internet traffic. The GUI takes forever to load however most of the devices on the network do not experience any issues with accessing the internet.
LoboTiger
-
@BlueKobold:
ALIX 2D13
- Single core CPU
- 100 MBit/s ports
- RealTek based LAN Ports
- a little bit to old as I see it right
PC Engines APU, ADIs RCC or pfSense Sg units would be coming with;
- Intel based LAN Ports
- Multi core CPUs
- 1 GBit/s LAN Ports
Would be better to go with the newer hardware
I kept looking at the bump in specs on the RCC-VE 2440, especially getting to 1Gb on the interfaces, and placed an order on Netgate. Once get the new box up and running, I'll resume my tests again. I'm assuming it will be much better.
-
I'm assuming it will be much better.
I am pretty sure it will be much better! But one thing please, take the ADI pfSense image and install it on the
eMMC storage if you don´t need Squid! If you want to use Squid it would be better to go with a mSATA.- Enable TRIM (if not set by default)
- Enable PowerD (Hi adaptive) (if not set by default)
- Set the mbuf size higher (250.000 or 500.000 if needed)
-
@BlueKobold:
I'm assuming it will be much better.
I am pretty sure it will be much better! But one thing please, take the ADI pfSense image and install it on the
eMMC storage if you don´t need Squid! If you want to use Squid it would be better to go with a mSATA.- Enable TRIM (if not set by default)
- Enable PowerD (Hi adaptive) (if not set by default)
- Set the mbuf size higher (250.000 or 500.000 if needed)
Thanks for the tips! I don't need squid, and did not purchase an additional msata as I plan on installing pfsense on the embedded 4GB. I intend on looking through the forums and the web for best practices on the RCC-VE 2440. Is it possible to import the config.xml file from my ALIX system to the new ADI RCC-VE system?
-
Is it possible to import the config.xml file from my ALIX system to the new ADI RCC-VE system?
it might be possible, but you should also rename the NIC names! In older versions and/or on other hardware
they were named vr0,… and now they are named re0 so this might be a problem for the config backup file.But you can easily edit a copy of this file and then you may try it out until it matches the new harware right.
Please only use a copy of this backup xml.file if it will not match exactly you can then easily wipe it, but the
original is not gone!Good move over to 2016!
-
I was thinking the exact same thing about renaming the NICs. And yes, for my current ALIX 2D13 the connections are vr0, vr1, etc. I'll just try different things once I get the new router. Thanks.
@BlueKobold:
Is it possible to import the config.xml file from my ALIX system to the new ADI RCC-VE system?
it might be possible, but you should also rename the NIC names! In older versions and/or on other hardware
they were named vr0,… and now they are named re0 so this might be a problem for the config backup file.But you can easily edit a copy of this file and then you may try it out until it matches the new harware right.
Please only use a copy of this backup xml.file if it will not match exactly you can then easily wipe it, but the
original is not gone!Good move over to 2016!
-
I was reading the pfSense docs on mbuf (https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards) and it mentions:
On 64 bit systems with multiple GB of RAM, set it to 1 million (1000000).
So maybe mbuf should be set to 1000000?
@BlueKobold:
I'm assuming it will be much better.
I am pretty sure it will be much better! But one thing please, take the ADI pfSense image and install it on the
eMMC storage if you don´t need Squid! If you want to use Squid it would be better to go with a mSATA.- Enable TRIM (if not set by default)
- Enable PowerD (Hi adaptive) (if not set by default)
- Set the mbuf size higher (250.000 or 500.000 if needed)
-
So maybe mbuf should be set to 1000000?
On boards with soldered onBoard RAM or memory you could not go higher in the amount of RAM,
because it is soldered on the boards!!! So be careful with this number (1.000.000) perhaps you
might be beginning with 100.000 or less, for not ending in a booting loop if the RAM amount is
to small after changing the mbuf size. On boards with an DIMM or S0-DIMM socket this would
be not a problem, because you will be able to change or high up also the amount of the entire RAM.