Hi all, I'm testing pfSense for a client, looking to put it into an existing production network some time in the next month or two. (Some background at [1], if anyone cares...) In terms of features and interface it is a win, but we're having massive problems with stability that seem to be related to the NIC driver for Broadcom bce cards.
pfSense version: 2.0.1 amd64, one additional package installed: OpenOSPFd Server hardware: IBM x3550, Xeon E5405 2 GHz, 2 GB RAM, 2 x 300 GB 10K RPM SAS HD in hardware RAID 1, 2 x Broadcom NetXtreme II BCM5708 1000Base-T (B2) The basic symptom of the problem is that the box stops responding to ping and SNMP, and sometimes HTTP/S, after about 4 hours. Some graphs from our NMS showing this can be found at [2] and [3]. When this happens, the console is still fully operational, and i can log in and do normal shell stuff, including looking at the logs. There's corruption at the end of each syslog file (see [4], [5], and [6]). The firewall itself can ping out [7], but apinger thinks that the LAN gateway is dead [5] even though our smokeping installation says that it's fine [8]. Thanks to databeestje on the ##pfsense IRC channel, who pointed me to the wiki instructions for NIC troubleshooting [9]. I tried the first set of boot loader parameters last night. The result of this was that ping & SNMP still stopped after about 4 hours, but HTTP was still OK this morning. I've implemented the parameters in the "Packet loss with many (small) UDP packets" section this morning, and the system is still up, but we're only just getting up to the 5 hour mark, and one of the crashes was after about 12 hours. Hope that all makes sense. My gut/experience tells me this is a NIC driver bug/deficiency. This hardware is 100% stable on Linux, but there really aren't any Linux distributions that will do what we want without some customisation, so the client would prefer to get pfSense working. Any suggestions on where to go next? Thanks in advance, Paul [1] http://libertysys.com.au/content/experimenting-with-pfsense [2] https://picasaweb.google.com/113106441554518621156/StrangePfSenseNetworkHang#5759246924791982882 [3] https://picasaweb.google.com/113106441554518621156/StrangePfSenseNetworkHang#5759246877106452754 [4] https://picasaweb.google.com/113106441554518621156/StrangePfSenseNetworkHang#5758981314745894850 [5] https://picasaweb.google.com/113106441554518621156/StrangePfSenseNetworkHang#5758981689439502626 [6] https://picasaweb.google.com/113106441554518621156/StrangePfSenseNetworkHang#5758982141852764962 [7] https://picasaweb.google.com/113106441554518621156/StrangePfSenseNetworkHang#5758983473295303378 [8] https://picasaweb.google.com/113106441554518621156/StrangePfSenseNetworkHang#5758983828538086034 [9] http://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards _______________________________________________ List mailing list List@lists.pfsense.org http://lists.pfsense.org/mailman/listinfo/list
