I mean. Your net connection is dripping packets...is your gateway going down?
Your ISP should do something...your WAN connection is going down...unless you have a bad VM config. pfSense does do SOMETHING when a gateway goes down...do you have failover internet setup? When pfSense marks a connection as down and then back up, some of the things your are describing, I think, are supposed to happen. You can adjust latency settings in the advanced settings of the gateway. You can adjust loss settings too. Some ISP QoS configs I think are known to drop ICMP in favor of higher priority things. In that case it is usually better to do your own QoS. For some reason every T1 I have ever used had latent ICMP when loaded. I tried so many different QoS configs but I could only get it so good. On May 19, 2017 7:56 AM, "Ugo Bellavance" <[email protected]> wrote: Hi, We sometimes experience what looks like service interruptions on our pfSense firewall. The first symptom was that we came in the office in the morning and found that all the ssh sessions that were opened and going through the firewall would be disconnected. I searched the pfsense logs and I found that: May 19 04:35:48 fw1 dpinger: ISP 206.55.90.97: Alarm latency 2231us stddev 1209us loss 21% May 19 04:36:01 fw1 dpinger: ISP 206.55.90.97: Clear latency 2253us stddev 1266us loss 15% May 19 04:54:24 fw1 dpinger: ISP 206.55.90.97: Alarm latency 2021us stddev 1042us loss 22% May 19 04:54:39 fw1 dpinger: ISP 206.55.90.97: Clear latency 2564us stddev 6028us loss 19% May 19 05:13:05 fw1 dpinger: ISP 206.55.90.97: Alarm latency 2203us stddev 1345us loss 21% May 19 05:13:17 fw1 dpinger: ISP 206.55.90.97: Clear latency 2044us stddev 870us loss 17% I opened a ticket with mi ISP, but I don't think that they'll find anything. I must say they they're not the most knowledgeable. According to the logs, everytime that happens, pfSense tries to do a few things: - Update dyndns - Restart VPN tunnels - Reload filters I'll keep on searching but I really wonder wether the post-clear-latency actions cause the SSH disconnects (and possibly other network cuts) or if it's the firewall that is too busy to receive the ICMP packets. The firewall runs on a VMWare VM, Intel(R) Xeon(R) CPU E5-2640 0 @ 2.50GHz 3 CPUs: 1 package(s) x 3 core(s) 1 GB RAM The host is not cpu-bound. Any advice would be appreciated. Thanks, Ugo _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
