Jump to content
RESET Forums (homeservershow.com)
Sign in to follow this  
storeybored

Interesting WAN packet loss

Recommended Posts

storeybored

I came home from Christmas and was surprised to log into my Netgate pfsense router to see major WAN packet loss. I was gone for a week and my soon to be mother in law had been coming over to the house to watch HULU and Netflix, but I don't believe them to be related. I came home two days ago and the packet loss is a constant thing even with no LAN traffic. I unplugged the cable modem and let it come back up. I'm not sure if I didn't wait long enough after the lights came back on the cable modem or if I had to reset the router anyways to get a new IP from comcast, but I didn't get internet back until the router reset. Has anyone had constant packet loss on the WAN to your ISP and have no noticeable impact on your speed with no LAN packet loss even without traffic. Seems very odd, I'll keep monitoring it.

pfsense.localdomain - Status: RRD Graphs.pdf

Share this post


Link to post
Share on other sites
ikon

Not sure why you think packet loss on your WAN link should be related to packet loss on your LAN. I'm not surprised you had to reset the router. In fact, I was wondering if resetting the router might stop the WAN packet loss. Apparently not.

Share this post


Link to post
Share on other sites
jmwills

I came home from Christmas and was surprised to log into my Netgate pfsense router to see major WAN packet loss. I was gone for a week and my soon to be mother in law had been coming over to the house to watch HULU and Netflix, but I don't believe them to be related. I came home two days ago and the packet loss is a constant thing even with no LAN traffic. I unplugged the cable modem and let it come back up. I'm not sure if I didn't wait long enough after the lights came back on the cable modem or if I had to reset the router anyways to get a new IP from comcast, but I didn't get internet back until the router reset. Has anyone had constant packet loss on the WAN to your ISP and have no noticeable impact on your speed with no LAN packet loss even without traffic. Seems very odd, I'll keep monitoring it.

 

I'd be more concerned about some sort of malware on your LAN.  Can you see what is going out and where it is going?  BTW, my Comcast WAN IP Address hasn't changed in almost two years.

Share this post


Link to post
Share on other sites
Jason

I once had that happen with pfsense. Was reporting high latency and packet loss on WAN interface. Turns out it was a known bug related to the Gateway monitor. Seemed to compound when the WAN interface was saturated. Ultimately developers suggested disabling. The gateway monitor.

Share this post


Link to post
Share on other sites
storeybored

My reasoning for linking packet loss across LAN to WAN is non of the clients are experiencing packet loss on the LAN. It just appears to be a constant rate of packet loss on the WAN without a major change to my normal average latency.  Resetting both the cable modem and my router has fixed whatever was being reported. I looked into the gateway monitor and started reading a little more, I still get an delay alarm in the logs for the WAN_DHCP. Is this quality graph showing the response of pings to the WAN DHCP server from the ISP or is it showing an average latency of traffic outbound on the WAN? Time for more digging on the pfsense forum... I don't think its malware because of the incredibly low traffic on my LAN while I was gone. I only had my 2011 server and an iMac both running idle and they weren't calling out to the WAN. If it is just latency from pings to the WAN DHCP server, why is this graph useful to me?

Share this post


Link to post
Share on other sites
jmwills

How is your WAN to LAN connected?  Modem to switch or ar eyou using ports off the router as a switch?

Share this post


Link to post
Share on other sites
ikon

^^^ That and, also, do you find that the packet loss gets greater over time?

Share this post


Link to post
Share on other sites
oj88

The gateway monitor uses ICMP echo request (ping) to check if the router on the ISP's side is still alive. The way most ISP routers work is that, in the event that they get loaded passed a preset threshold, they will start dropping non-essential traffic (ie. ICMP-request/replies, most likely in this case). This is also one of the mechanisms used to prevent the router from being overwhelmed with ping requests (because routers utilize some CPU cycles to respond to pings) such as that from ping of death or simillar DDoS attacks.

 

That said, the packet loss depicted on the gateway monitor statistics does not necessarily mean that your actual data is being dropped. It could just as well mean that ICMP ping requests from gateway monitor are being dropped or ignored.

Share this post


Link to post
Share on other sites
ikon

Not that any router can stop a determined DDOS attack.... just want to make that clear ;)

 

Also, you may not lose data because TCP/IP is designed to resend dropped packets after a certain period of time with no acknowledgement packet.

Share this post


Link to post
Share on other sites
storeybored

A week later, and I have new data. All was good for about a week, then this afternoon WAN packet loss came back and now is worse than before. I'm convinced this is packet loss to the ISP DHCP server because it is not effecting my client connections. I disabled  the Gateway monitor for about 30 min and the packet loss is gone again. I think it is either a reporting problem/bug or Comcast is actively dropping the pings from the gateway monitor. I changed the probe interval to once every 60 seconds instead of every 1 second. Maybe that will keep Comcast from dropping the pings. I'm still not sure if this information is of any use for a home user like myself. I'm considering turning it off. I tried to attach more screenshots of my graphs but it was too big.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  



×
×
  • Create New...