Hi folks, Using 7.3 on a HA gateway ("redgatea" and "redgateb", one external network, 2 internal networks, carp on all interfaces) I see a high network latency for incoming network traffic every couple of seconds. Trying to ping redgatea from redgateb over the pfsync interface, for example:
redgateb # ping 192.168.23.2 PING 192.168.23.2 (192.168.23.2): 56 data bytes 64 bytes from 192.168.23.2: icmp_seq=0 ttl=255 time=0.585 ms 64 bytes from 192.168.23.2: icmp_seq=1 ttl=255 time=48.559 ms 64 bytes from 192.168.23.2: icmp_seq=2 ttl=255 time=153.323 ms 64 bytes from 192.168.23.2: icmp_seq=3 ttl=255 time=0.233 ms 64 bytes from 192.168.23.2: icmp_seq=4 ttl=255 time=0.230 ms 64 bytes from 192.168.23.2: icmp_seq=5 ttl=255 time=0.227 ms 64 bytes from 192.168.23.2: icmp_seq=6 ttl=255 time=1.001 ms 64 bytes from 192.168.23.2: icmp_seq=7 ttl=255 time=1.253 ms 64 bytes from 192.168.23.2: icmp_seq=8 ttl=255 time=0.224 ms 64 bytes from 192.168.23.2: icmp_seq=9 ttl=255 time=0.229 ms 64 bytes from 192.168.23.2: icmp_seq=10 ttl=255 time=0.231 ms 64 bytes from 192.168.23.2: icmp_seq=11 ttl=255 time=0.228 ms 64 bytes from 192.168.23.2: icmp_seq=12 ttl=255 time=0.267 ms 64 bytes from 192.168.23.2: icmp_seq=13 ttl=255 time=259.893 ms 64 bytes from 192.168.23.2: icmp_seq=14 ttl=255 time=364.299 ms 64 bytes from 192.168.23.2: icmp_seq=15 ttl=255 time=0.228 ms 64 bytes from 192.168.23.2: icmp_seq=16 ttl=255 time=0.230 ms 64 bytes from 192.168.23.2: icmp_seq=17 ttl=255 time=0.231 ms 64 bytes from 192.168.23.2: icmp_seq=18 ttl=255 time=1.349 ms 64 bytes from 192.168.23.2: icmp_seq=19 ttl=255 time=1.113 ms 64 bytes from 192.168.23.2: icmp_seq=20 ttl=255 time=0.232 ms 64 bytes from 192.168.23.2: icmp_seq=21 ttl=255 time=0.232 ms 64 bytes from 192.168.23.2: icmp_seq=22 ttl=255 time=0.225 ms 64 bytes from 192.168.23.2: icmp_seq=23 ttl=255 time=0.223 ms 64 bytes from 192.168.23.2: icmp_seq=24 ttl=255 time=0.224 ms 64 bytes from 192.168.23.2: icmp_seq=25 ttl=255 time=469.175 ms 64 bytes from 192.168.23.2: icmp_seq=26 ttl=255 time=571.747 ms 64 bytes from 192.168.23.2: icmp_seq=27 ttl=255 time=0.253 ms 64 bytes from 192.168.23.2: icmp_seq=28 ttl=255 time=0.225 ms 64 bytes from 192.168.23.2: icmp_seq=29 ttl=255 time=0.229 ms 64 bytes from 192.168.23.2: icmp_seq=30 ttl=255 time=0.227 ms 64 bytes from 192.168.23.2: icmp_seq=31 ttl=255 time=1.222 ms 64 bytes from 192.168.23.2: icmp_seq=32 ttl=255 time=0.995 ms 64 bytes from 192.168.23.2: icmp_seq=33 ttl=255 time=0.238 ms 64 bytes from 192.168.23.2: icmp_seq=34 ttl=255 time=0.238 ms 64 bytes from 192.168.23.2: icmp_seq=35 ttl=255 time=0.230 ms 64 bytes from 192.168.23.2: icmp_seq=36 ttl=255 time=0.230 ms 64 bytes from 192.168.23.2: icmp_seq=37 ttl=255 time=679.469 ms 64 bytes from 192.168.23.2: icmp_seq=38 ttl=255 time=781.050 ms 64 bytes from 192.168.23.2: icmp_seq=39 ttl=255 time=0.221 ms 64 bytes from 192.168.23.2: icmp_seq=40 ttl=255 time=0.240 ms ^C --- 192.168.23.2 ping statistics --- 41 packets transmitted, 41 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.221/81.489/781.050/195.848 ms There is no switch involved in this pfsync connection, just a single cable from NIC to NIC. I see the same performance problem for incoming traffic on all other network interfaces of redgatea and redgateb, MASTER and BACKUP, even on the external connection. For outgoing traffic (eg if I try to ping a 3rd host *from* redgateb) there is a performance impact, too, but it is much lower: redgateb# ping 10.100.100.101 PING 10.100.100.101 (10.100.100.101): 56 data bytes 64 bytes from 10.100.100.101: icmp_seq=0 ttl=64 time=0.291 ms 64 bytes from 10.100.100.101: icmp_seq=1 ttl=64 time=0.241 ms 64 bytes from 10.100.100.101: icmp_seq=2 ttl=64 time=0.235 ms 64 bytes from 10.100.100.101: icmp_seq=3 ttl=64 time=0.246 ms 64 bytes from 10.100.100.101: icmp_seq=4 ttl=64 time=1.176 ms 64 bytes from 10.100.100.101: icmp_seq=5 ttl=64 time=1.479 ms 64 bytes from 10.100.100.101: icmp_seq=6 ttl=64 time=0.220 ms 64 bytes from 10.100.100.101: icmp_seq=7 ttl=64 time=0.231 ms 64 bytes from 10.100.100.101: icmp_seq=8 ttl=64 time=0.228 ms 64 bytes from 10.100.100.101: icmp_seq=9 ttl=64 time=0.229 ms 64 bytes from 10.100.100.101: icmp_seq=10 ttl=64 time=0.242 ms 64 bytes from 10.100.100.101: icmp_seq=11 ttl=64 time=0.230 ms 64 bytes from 10.100.100.101: icmp_seq=12 ttl=64 time=0.244 ms 64 bytes from 10.100.100.101: icmp_seq=13 ttl=64 time=0.236 ms 64 bytes from 10.100.100.101: icmp_seq=14 ttl=64 time=0.236 ms 64 bytes from 10.100.100.101: icmp_seq=15 ttl=64 time=0.231 ms 64 bytes from 10.100.100.101: icmp_seq=16 ttl=64 time=1.465 ms 64 bytes from 10.100.100.101: icmp_seq=17 ttl=64 time=1.089 ms 64 bytes from 10.100.100.101: icmp_seq=18 ttl=64 time=0.220 ms 64 bytes from 10.100.100.101: icmp_seq=19 ttl=64 time=0.220 ms 64 bytes from 10.100.100.101: icmp_seq=20 ttl=64 time=0.233 ms 64 bytes from 10.100.100.101: icmp_seq=21 ttl=64 time=0.222 ms ^C --- 10.100.100.101 ping statistics --- 22 packets transmitted, 22 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.220/0.429/1.479/0.418 ms This is a tremendous problem. The internal networks connected to this gateway are used for interactive work (desktop and laptop hosts, IP telephony, zoom, etc.). I haven't had this problem on my test setup, but that was just a single node. No carp. Every helpful comment is highly appreciated. Regards Harri
messages.gz
Description: application/gzip