Packet loss on LAN interface



  • Before I yank the NIC out of the pfsense box - maybe someone knows of a configuration issue that may be contributing to this problem.

    Pfsense connected to the network via a switch. Everything on the switch can ping everything else. When pinging the Lan interface on the pfsense we get 1-2% packet loss.
    Logged into the pfsense and ran a ping the other way and got the same result - packet loss to other computers on the Lan:

    278 packets transmitted, 274 packets received, 1.4% packet loss
    round-trip min/avg/max/stddev = 0.065/0.167/13.414/0.807 ms

    CARP is disabled

    This has just become a problem and I am not aware of any other network changes that have been made recently

    thanks



  • Have you checked whether auto-negotiate is enabled on the switch port the PFS is using, or whether the speed/duplex has been set statically? Have you tried plugging the PFS into a different port on the switch? Have you checked the traffic levels on the PFS LAN Nic - could high traffic be having a negative effect on your return pings?



  • Thanks for the reply…

    @muswellhillbilly:

    Have you checked whether auto-negotiate is enabled on the switch port the PFS is using, or whether the speed/duplex has been set statically? Have you tried plugging the PFS into a different port on the switch? Have you checked the traffic levels on the PFS LAN Nic - could high traffic be having a negative effect on your return pings?

    Autoselect is enabled on the speed/duplex
    Yes tried different port switch. It's a managed switch and have also checked packet errors - none.
    Traffic doesn't seem particularly high - nothing spiking > 10Mbps and generally around a few hundred Kbps in and out.
    This problem has just started and no config has changed which is why I suspect hardware.

    Would you suggest manually setting duplex?



  • Just attaching my Networking settings - I can't recall if these are defaults or I have altered them in the past for some reason….



  • LAYER 8 Netgate

    Would you suggest manually setting duplex?

    No. If both sides are auto-neg you should be fine. People run into trouble when both sides are hard-set differently or one side is hard-set and the other side is auto-neg.

    If you want to dig deeper you can run a packet capture on LAN and see if the echo requests are being received and responded to. You can configure a mirror port on the switch and see if they are being sent/received there.



  • If there will be really a mirrored port you could try out sniffing with WireShark and capture
    and store this traces to inspect them later.



  • @Derelict:

    Would you suggest manually setting duplex?

    No. If both sides are auto-neg you should be fine. People run into trouble when both sides are hard-set differently or one side is hard-set and the other side is auto-neg.

    If you want to dig deeper you can run a packet capture on LAN and see if the echo requests are being received and responded to. You can configure a mirror port on the switch and see if they are being sent/received there.

    With all respects Derelict, i have seen many times situations where "Auto-neg" seems to work well on both ends but it really does not!

    Robatwork, try to FORCE 100Mbps full duplex on both ends and check it again…

    Pedreter.


  • LAYER 8 Netgate

    Maybe ages ago. Sort of like VLAN hopping. No matter what a duplex mismatch will show as errors on at least one interface.



  • Still got packet loss despite all software tweaking so this morning I replaced the LAN card.

    So far so good - 0 packets lost during a few hours so hardware problem was the diagnosis for this one.

    Thanks for all your input!


Log in to reply