Slower over time

Started by dcol, June 18, 2023, 12:44:24 AM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
June 21, 2023, 03:43:00 PM #15
Quote from: dcol on June 21, 2023, 12:13:46 AM
As far as the state table size, I actually reduced it to 250000 to see if it has an effect.  I don't know how to tell if it is full. Best I can tell there are about 1100 entries in there now. I also changed the Firewall Optimization from

The stats are in Firewall: Diagnostics: Statistics: Info
Possible reasons for the state table to become full are DDOS-like situations, or someone downloading torrents, or someone performing network scans either from the outside or the inside. Anything that makes lots of connections.
In theory there is no difference between theory and practice. In practice there is.
June 22, 2023, 05:17:54 PM #16
Was even worse this morning. Took 2 minutes to load up WebGUI. But finally got to reset state tables and back to normal.
This time I looked at how many entries there were and it didn't look like enough to cause this issue. Maybe there were about 1500 entries. Seems to happen mostly at night. Resetting the state table seem to be good all day, so what I am going to do is run a cron job to reset the state tables at 8AM every morning. At this point it is the only thing I can think of to do. Now I just have to figure out how to setup the cron job.

No one is downloading torrents or doing network scans. This issue started when I put in the new box a week ago.
I also thoroughly checked the config file and nothing is in there that shouldn't be. The only hardware difference between the new box and old box is changing to igc from igb Intel NIC's, and a newer processor, J1900 to J4125.
Using the same new box at another location with no issues.

The other interesting thing I noticed is resetting the state tables happens instantly and doesn't seem to actually change the list of states. I noticed it does this on the other firewalls too. Resetting use to take 10-30 seconds. Now it doesn't seem to do anything except bring back the speed.
June 23, 2023, 05:31:37 PM #17
Nothing I tried helped. The only thing I could do is setup a cron job to exectue pfctl -F state every 4 hours.
See attached pics for the state info while the issue was at its worse. Does anything look off here?
June 28, 2023, 05:03:19 PM #18
Still living with this issue. I execute a state table reset every morning at 8AM and it seems to get the users through the day, but this can't be right. Why would resetting the state table make this difference? This morning there were only 650 entries in there. What else does resetting the state table do? Maybe this is a clue.
June 29, 2023, 04:56:52 PM #19
This issue has been resolved with the update to 23.1.11.
The old box was at 23.1.6 and worked. The new box was at 23.1.9 and had the slowdown issue. After update to 23.1.11 problem went away. So it was an OPNsense issue all along.
Print
Go Up Pages 1 2
User actions