On 07/06/25 22:14, H. Hartzer wrote: > > Hello, > > Trying to replace my existing Linux firewall with OpenBSD and PF and > > noticed that I am seeing random ping spikes to anything on my existing > > network: > > > > # ping 10.255.255.2 > > PING 10.255.255.2 (10.255.255.2): 56 data bytes > > 64 bytes from 10.255.255.2: icmp_seq=0 ttl=64 time=13.024 ms > > 64 bytes from 10.255.255.2: icmp_seq=1 ttl=64 time=8.367 ms > > 64 bytes from 10.255.255.2: icmp_seq=2 ttl=64 time=3.442 ms > > 64 bytes from 10.255.255.2: icmp_seq=3 ttl=64 time=0.873 ms > > 64 bytes from 10.255.255.2: icmp_seq=4 ttl=64 time=0.796 ms > > 64 bytes from 10.255.255.2: icmp_seq=5 ttl=64 time=0.752 ms > > 64 bytes from 10.255.255.2: icmp_seq=6 ttl=64 time=4.074 ms > > 64 bytes from 10.255.255.2: icmp_seq=7 ttl=64 time=0.661 ms > > 64 bytes from 10.255.255.2: icmp_seq=8 ttl=64 time=0.698 ms > > 64 bytes from 10.255.255.2: icmp_seq=9 ttl=64 time=1.002 ms > > > > Doing some light research it seems that some hardware has an issue with the > > inteldrm driver, especially when it is headless[1], however my hardware > > does not use this. My hardware is as follows: > > > > Motherboard: Supermicro X10SDV-4C-TLN2F > > CPU: Intel Xeon processor D-1521 > > NIC: em0/1 (the devices I???m using) Intel I350 > > Graphics: Aspeed AST2400 BMC > > > > This board does have integrated graphics with its BMC from ASPEED. I also > > tried hooking up a VGA monitor to the port but the issues still occur. Is > > there something else I should be looking at here? Is the graphics driver a > > red herring in my case? Any one else using a Supermicro XeonD based system > > without issues? > > > > Thanks, > > Jarod > > > > [1]: > > https://www.reddit.com/r/openbsd/comments/105c0zk/issues_with_openbsd_72_on_protectli/jg4aq13/ > > Hi Jarod, > > This is interesting. > > The Reddit posting had much more substantial spikes than what you are > seeing. > > "random pikes to anything on my existing network" -- Are you saying that > from your OpenBSD host, to other hosts, you have this higher latency? > Is other traffic going on at the same time? > > Do you not have this latency from other hosts? > > Is it all on one ethernet switch? Is wifi involved? > > Do you still have the Linux firewall in place? Can you have a third > machine ping both and see what the latency differences are? > > -Henrich >
I've just checked my system again because I remember seeing something similar, but never really bothered to get to the bottom of it. I have an USG-PRO-4 running OpenBSD 7.7 (octeon) as my firewall. I have a stable ping time to the internet from its console: --- 8.8.8.8 ping statistics --- 28 packets transmitted, 28 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 1.277/1.407/2.327/0.227 ms But when I ping through that router, the ping times are unstable: PING 8.8.8.8 (8.8.8.8): 56 data bytes 64 bytes from 8.8.8.8: icmp_seq=0 ttl=119 time=3.467 ms 64 bytes from 8.8.8.8: icmp_seq=1 ttl=119 time=4.557 ms 64 bytes from 8.8.8.8: icmp_seq=2 ttl=119 time=3.062 ms 64 bytes from 8.8.8.8: icmp_seq=3 ttl=119 time=2.789 ms 64 bytes from 8.8.8.8: icmp_seq=4 ttl=119 time=2.535 ms 64 bytes from 8.8.8.8: icmp_seq=5 ttl=119 time=15.862 ms 64 bytes from 8.8.8.8: icmp_seq=6 ttl=119 time=2.412 ms 64 bytes from 8.8.8.8: icmp_seq=7 ttl=119 time=4.835 ms 64 bytes from 8.8.8.8: icmp_seq=8 ttl=119 time=3.064 ms 64 bytes from 8.8.8.8: icmp_seq=9 ttl=119 time=6.468 ms 64 bytes from 8.8.8.8: icmp_seq=10 ttl=119 time=2.968 ms 64 bytes from 8.8.8.8: icmp_seq=11 ttl=119 time=2.670 ms 64 bytes from 8.8.8.8: icmp_seq=12 ttl=119 time=3.017 ms 64 bytes from 8.8.8.8: icmp_seq=13 ttl=119 time=3.374 ms 64 bytes from 8.8.8.8: icmp_seq=14 ttl=119 time=3.082 ms 64 bytes from 8.8.8.8: icmp_seq=15 ttl=119 time=8.898 ms 64 bytes from 8.8.8.8: icmp_seq=16 ttl=119 time=3.568 ms 64 bytes from 8.8.8.8: icmp_seq=17 ttl=119 time=2.793 ms 64 bytes from 8.8.8.8: icmp_seq=18 ttl=119 time=14.768 ms 64 bytes from 8.8.8.8: icmp_seq=19 ttl=119 time=10.134 ms 64 bytes from 8.8.8.8: icmp_seq=20 ttl=119 time=2.249 ms 64 bytes from 8.8.8.8: icmp_seq=21 ttl=119 time=2.403 ms ^C --- 8.8.8.8 ping statistics --- 22 packets transmitted, 22 packets received, 0.0% packet loss round-trip min/avg/max/stddev = 2.249/4.953/15.862/3.849 ms That ping was conducted from a Mac connected to the network over Ethernet. The situation is similar regardless which host or operating system I ping from. The ping times between nodes on the same network segment is fast so the latency isn't introduced by my switch. Cheers, Jon
