1
21.1 Legacy Series / Stalling HTTP downloads after upgrade to 21
« on: February 06, 2021, 03:40:24 pm »
Hi folks,
I'm using opnsense in a virtual environment (xcp-ng / xenserver) with static ip addresses. I recently upgraded to v21 and now I see stalling downloads on my vms. The download rate is falling to zero after some megabytes. After some debugging, I can reproduce this even via curl on the ssh shell of opnsense. The Firewall VM is bridged to an interface (simple 1G Ethernet), which is connected with rfc1918 ips to a router with public ips. On the router the curl is working.
If have no special filtering of IDS running. Just simple packet filters and nat.
When I capture the packets with Wireshark I get many TCP retransmissions and TCP out of order messages.
TCP Offload Engines are turned off.
Can you help me?
Thanks,
floek
I'm using opnsense in a virtual environment (xcp-ng / xenserver) with static ip addresses. I recently upgraded to v21 and now I see stalling downloads on my vms. The download rate is falling to zero after some megabytes. After some debugging, I can reproduce this even via curl on the ssh shell of opnsense. The Firewall VM is bridged to an interface (simple 1G Ethernet), which is connected with rfc1918 ips to a router with public ips. On the router the curl is working.
If have no special filtering of IDS running. Just simple packet filters and nat.
When I capture the packets with Wireshark I get many TCP retransmissions and TCP out of order messages.
TCP Offload Engines are turned off.
Can you help me?
Thanks,
floek