Hugh packet loss via pfsense

arun_cdm

Hi,
My setup,

ISP –>ADSL2+ Router (Digisol DG-BG4300N) –-> pfSense 2.2.6 (in AMD Athlon Machine)–->Netgear 24 Port un-managed switch

I'm facing huge pasket loss in WAN approx. 20-45% when connecting via pfSense, if i directly connect my ADSL router to Switch, there is no packet loss.

Note: ADSL Router in Bridge Mode.
I've tried Netgear DGN2200 ADSL2+ router too.

How can i solve this issue.

chpalmer

We need a whole lot more information to be able to even try and guess.  But guessing- you could have a bad interface, bad cable, bad hair day, ect.

Are you seeing any errors on your interface from the dashboard widget?

arun_cdm

Thanks for your support  :),

I too have changed the NIC's and new cables,  :(

Ref the screen shot.

Derelict

Status > Interfaces

in/out errors?

arun_cdm

Hi,
in/out errors : 0/0

Ref. Screen shot

Derelict

Diagnostics > Packet Capture

Interface: WAN
Protocol: ICMP
Count: 100

Download the pcap and attach after it stops (Should only run for about a minute.)

Derelict

What do you get if you ssh into pfSense and:

ping -i .25 -c 100 122.165.128.1

FWIW I get about 30% packet loss there too:

–- 122.165.128.1 ping statistics ---
100 packets transmitted, 70 packets received, 30.0% packet loss
round-trip min/avg/max/stddev = 224.001/234.627/272.539/8.829 ms

Looks like you're in a pretty dark corner of the internet.

arun_cdm

Thanks for ur support, i'll check and update

marvosa

Same results here.  I'm currently seeing 34-42% packet loss from your default gateway (122.165.128.1).

Use PingPlotter to gather evidence on exactly where the packet loss is and take it to your ISP (Assuming the issue is downstream).

You also are using DSL in India, which may or may not be an issue in and of itself, but I would switch broadband technologies if possible.

Derelict

if i directly connect my ADSL router to Switch, there is no packet loss.

Something tells me this is unreliable. Frustrating.

arun_cdm

Thank U  all for giving support  :), i'll use the pinplotter.

If i connect any node directly to ISP' router and trigger continuous PING, there is no loss in packets.
That's what i tried to convey earlier.

Earlier, I raised issue to ISP provider, they came and checked the physical line, then hard reset the ASDL router and tried to ping, result= success without firewall (pfSense). couple of minutes later after connecting pfSense tried to ping, result=loss (partial).  :o

Now, i'll use this PinPlotter in both cases with/without pfSense and get back.

Derelict

Your internet sucks, friend. It's not pfSense.

chpalmer

2 hops away from your gateway-

Ping statistics for 182.79.220.190:
    Packets: Sent = 100, Received = 99, Lost = 1 (1% loss),
Approximate round trip times in milli-seconds:
    Minimum = 243ms, Maximum = 260ms, Average = 245ms

your gateway-

Ping statistics for 122.165.128.1:
    Packets: Sent = 100, Received = 61, Lost = 39 (39% loss),
Approximate round trip times in milli-seconds:
    Minimum = 244ms, Maximum = 375ms, Average = 249ms

Your gateway router is hammered!  Last time I saw pings like that the site had been struck by lightning.

marvosa

Thank U  all for giving support  :), i'll use the pinplotter.

If i connect any node directly to ISP' router and trigger continuous PING, there is no loss in packets.
That's what i tried to convey earlier.

Earlier, I raised issue to ISP provider, they came and checked the physical line, then hard reset the ASDL router and tried to ping, result= success without firewall (pfSense). couple of minutes later after connecting pfSense tried to ping, result=loss (partial).  :o

Now, i'll use this PinPlotter in both cases with/without pfSense and get back.

My guess is when the ASDL router is in use, it's using a different route (or gateway) to the internet, which is why everything appears fine when using their router.  Gather your evidence via PingPlotter and go from there.

mer

Something connected to the router, do you have a switch in between the router and the client?  Client doing DHCP so it's getting address/gateway/DNS from the router or beyond?  If so, and the pfSense box is also doing DHCP you should be able to compare those values.  Don't forget to check link state;  make sure everything matches on Speed, Duplex and MTU.

Guest

Note: ADSL Router in Bridge Mode.
I've tried Netgear DGN2200 ADSL2+ router too.

Sometimes peoples are meaning that there ISP router is in the so called "bridge mode" and it is
working likes an ordinary and pure modem and then also really often some other peoples are meaning
they was bridging the WAN port of their pfSense box to that ISP router and also really then the goal or
"benefit" is;

• packet loss
• packet drops
• port flapping
• unstable connection

But all in all if the pfSense box is doing actively DHCP and the ISP router in front of this pfSense is also
doing DHCP it could produce also this behaviors or creating this issues. And this is not rarely seen.

sos

My question: who is "Hugh", and why is he worried about packet loss via pfSense?