Webgui is very slow mostof the time, randomly will be normal, but mostly not



  • Hey all,

    New to this forum today. I just set up PFsense on a box here at home today. My internet is working, got all my port forwarding set up and working for my home server and its good to go.

    I played around with the DNS a little bit on the DHCP and on the general setup page. Somewhere along the line, the webgui response time came to a screeching halt. Often times I will get a 504 error, other times it just spins 1, 2, 3, 4 minutes before loading. On a rare occasion I'll click and it'll work instantly.

    I have read some other posts out on the net about this problem and a lot of people said it was DNS issues.

    Does anyone have any pointers as to where my DNS settings should be set?

    Currently, under general setup, I have 2 DNS servers set up. One is my home server(domain controller) and the other is Google's (8.8.8.8) DNS.

    On that same page, I have the DNS Override box unchecked and the disable DNS forwarder unchecked.

    I have tried a few variations of those settings and the results are intermittent at best (they will seem to be better for a minute and then slow down again).

    Can anyone help point me in the right direction here? Running the latest (2.3) version of PFSense.

    Thanks!

    Kyle



  • I think I (tentatively) fixed it. Some of the tabs are a little slow to load, but most of them are pretty zippy now.

    I did a diagonstics on a handful of sites for the DNS resolution time.

    My domain controller was VERY slow in comparison at resolving IPs from hostnames.

    I removed that, and added OPENdns's and the other Google DNS IP in the mix and did a few more tests, one of the OpenDNS had the most consistently fast response times.

    Hopefully that will fix it.
    HOWEVER….. I do have another question if anyone happens to read this in regards to speed. It took about 20 minutes!!! to reboot it earlier today, is that normal and to be expected or is there something I can do to improve that as well?



  • 20 minutes is extremely excessive. Is there one spot in particular that it sits at for a while on the console during bootup?



  • I had this problem recently and had set the log file size too large (Status > System Logs > Settings), reducing this size and resetting the log files immediately resolved the issue.



  • We saw the same issue. >60 second page loads if it didn't time out entirely just moving around the WebUI to any old page.

    I suspect that it's the DNS resolver's fault. Since it's by default enabled that gives pfSense 127.0.0.1 as a default DNS server. So when it goes to check for update status, or whatever, it tries to resolve against itself. Which hits the unbound service. Which sends requests out all interfaces by default. Which includes the pfSync interface. Which has no DNS servers. :(

    This causes slow performance and timeouts.

    I didnt have time to fully test this, but disabling unbound in the DNS resolver menu completely and instantly fixed the problem. I suspect that, properly configured, it wouldnt be a problem.



  • @coachmark2:

    ….  it tries to resolve against itself. Which hits the unbound service. Which sends requests out all interfaces by default. Which includes the pfSync interface. Which has no DNS servers. :( ....

    It will also hit your WAN which should have a link to all these 12 (13 ?) root DNS servers ….
    Normally, from what I understood, you should inform unbound which interface(s) are outbound, and which are 'local' or 'LAN' or inside (inbound)- so things will work right away.
    Also, the WAN I use, pppoe, when connecting, will attribute 2 DNS servers from my ISP which unbound uses right away.

    Anyway, whatever 'WAN' connection you offer to pfSense, unbound will do the job as advertised. To explain the "60 sec delay", you need something really bad in your network setup.


Log in to reply