High - aperiodic- latency and connection problems with Opnsense

afk · April 17, 2021, 02:29:16 AM

Hi,

I've installed OpnSense 21.1 and I got high - non-periodically - problems with the latency.
Additionally, all of my LAN traffic was blocked with my last setup of OpnSense.
But when i did a reinstall, then the LAN traffic wasn't blocked - although i didn't change my settings before.

I have the following connection: PC -- AP -- OpnSense -- Router -- Internet

My WAN-Port regarding OpnSense is connected to the LAN-Port of the router.

And the ping looks like this (PC ---> Internet):

64 Bytes von 142.250.185.227: icmp_seq=1 ttl=118 Zeit=29.6 ms
64 Bytes von 142.250.185.227: icmp_seq=2 ttl=118 Zeit=190 ms
64 Bytes von 142.250.185.227: icmp_seq=4 ttl=118 Zeit=22.6 ms
64 Bytes von 142.250.185.227: icmp_seq=5 ttl=118 Zeit=23.1 ms
64 Bytes von 142.250.185.227: icmp_seq=6 ttl=118 Zeit=41.2 ms
64 Bytes von 142.250.185.227: icmp_seq=7 ttl=118 Zeit=19.1 ms
64 Bytes von 142.250.185.227: icmp_seq=8 ttl=118 Zeit=22.7 ms
64 Bytes von 142.250.185.227: icmp_seq=9 ttl=118 Zeit=21.3 ms
64 Bytes von 142.250.185.227: icmp_seq=10 ttl=118 Zeit=25.5 ms
64 Bytes von 142.250.185.227: icmp_seq=11 ttl=118 Zeit=21.7 ms
64 Bytes von 142.250.185.227: icmp_seq=12 ttl=118 Zeit=99.2 ms
64 Bytes von 142.250.185.227: icmp_seq=13 ttl=118 Zeit=168 ms
64 Bytes von 142.250.185.227: icmp_seq=14 ttl=118 Zeit=25.5 ms
64 Bytes von 142.250.185.227: icmp_seq=15 ttl=118 Zeit=21.7 ms

--> It's google

the traceroute to the AP looks like this:

64 Bytes von 192.168.1.2: icmp_seq=1 ttl=64 Zeit=200 ms
64 Bytes von 192.168.1.2: icmp_seq=2 ttl=64 Zeit=10.2 ms
64 Bytes von 192.168.1.2: icmp_seq=3 ttl=64 Zeit=6.83 ms
64 Bytes von 192.168.1.2: icmp_seq=4 ttl=64 Zeit=5.21 ms
64 Bytes von 192.168.1.2: icmp_seq=5 ttl=64 Zeit=9.03 ms
64 Bytes von 192.168.1.2: icmp_seq=6 ttl=64 Zeit=5.94 ms
64 Bytes von 192.168.1.2: icmp_seq=7 ttl=64 Zeit=5.96 ms
64 Bytes von 192.168.1.2: icmp_seq=8 ttl=64 Zeit=2.33 ms
64 Bytes von 192.168.1.2: icmp_seq=9 ttl=64 Zeit=5.81 ms
64 Bytes von 192.168.1.2: icmp_seq=10 ttl=64 Zeit=40.7 ms
64 Bytes von 192.168.1.2: icmp_seq=11 ttl=64 Zeit=222 ms
64 Bytes von 192.168.1.2: icmp_seq=12 ttl=64 Zeit=17.9 ms
64 Bytes von 192.168.1.2: icmp_seq=13 ttl=64 Zeit=5.19 ms

--> Yes, i thought it could be a problem with my AP but it isn't. The AP works fine if it's directly connected to the router.

Now, you see the latency of the LAN interface, if i ping from my PC:

PING 192.168.1.1 (192.168.1.1) 56(84) Bytes Daten.
64 Bytes von 192.168.1.1: icmp_seq=1 ttl=64 Zeit=24.6 ms
64 Bytes von 192.168.1.1: icmp_seq=2 ttl=64 Zeit=2.05 ms
64 Bytes von 192.168.1.1: icmp_seq=3 ttl=64 Zeit=10.8 ms
64 Bytes von 192.168.1.1: icmp_seq=4 ttl=64 Zeit=5.41 ms
64 Bytes von 192.168.1.1: icmp_seq=5 ttl=64 Zeit=5.27 ms
64 Bytes von 192.168.1.1: icmp_seq=6 ttl=64 Zeit=5.38 ms
64 Bytes von 192.168.1.1: icmp_seq=7 ttl=64 Zeit=4.80 ms
64 Bytes von 192.168.1.1: icmp_seq=9 ttl=64 Zeit=209 ms
64 Bytes von 192.168.1.1: icmp_seq=10 ttl=64 Zeit=7.87 ms
64 Bytes von 192.168.1.1: icmp_seq=11 ttl=64 Zeit=5.71 ms
64 Bytes von 192.168.1.1: icmp_seq=12 ttl=64 Zeit=5.37 ms
64 Bytes von 192.168.1.1: icmp_seq=13 ttl=64 Zeit=4.69 ms
64 Bytes von 192.168.1.1: icmp_seq=13 ttl=64 Zeit=5.24 ms (DUP!)
64 Bytes von 192.168.1.1: icmp_seq=14 ttl=64 Zeit=5.33 ms
64 Bytes von 192.168.1.1: icmp_seq=15 ttl=64 Zeit=5.36 ms
64 Bytes von 192.168.1.1: icmp_seq=16 ttl=64 Zeit=6.30 ms
64 Bytes von 192.168.1.1: icmp_seq=17 ttl=64 Zeit=12.6 ms

Now, you see the routing table of OpnSense (WAN) when its try to connect to google.

# /sbin/ping -S '192.168.0.143' -c '10' '142.250.185.227'
PING 142.250.185.227 (142.250.185.227) from 192.168.0.143: 56 data bytes
64 bytes from 142.250.185.227: icmp_seq=0 ttl=119 time=16.459 ms
64 bytes from 142.250.185.227: icmp_seq=1 ttl=119 time=16.107 ms
64 bytes from 142.250.185.227: icmp_seq=2 ttl=119 time=16.416 ms
64 bytes from 142.250.185.227: icmp_seq=3 ttl=119 time=16.794 ms
64 bytes from 142.250.185.227: icmp_seq=4 ttl=119 time=16.379 ms
64 bytes from 142.250.185.227: icmp_seq=5 ttl=119 time=16.308 ms
64 bytes from 142.250.185.227: icmp_seq=6 ttl=119 time=17.875 ms
64 bytes from 142.250.185.227: icmp_seq=7 ttl=119 time=17.599 ms
64 bytes from 142.250.185.227: icmp_seq=8 ttl=119 time=16.238 ms
64 bytes from 142.250.185.227: icmp_seq=9 ttl=119 time=15.693 ms

--> The ping looks okay.

Well, It's also curious when i did a reinstall of OpnSense and the connection to the internet came back without changing anything.

Thank you for your help in advance.

opnfwb · April 17, 2021, 02:40:40 AM

The fact that you are able to consistently ping from the OPNsense WAN interface (which is wired) and have no latency spikes indicates that the AP actually is the cause of your latency woes. What happens if you use a wired connection between the PC and the OPNsense LAN interface?

Does your AP have a diagnostics menu? I assume the AP is wired back to the OPNsense LAN interface. Perhaps trying running some ping tests from the AP if it has a diag page.

afk · April 17, 2021, 11:59:57 AM

Hi and thank you very much for your help.

You are right - the problem is because of my AP.
After a while, the same problem occurs when I connect to my AP which is in turn directly connected to the router.

I figuerd out, that there r some issues with my AP serie regarding OpenWrt-Software.

Thank you for your help.
I'll close this case now.

High - aperiodic- latency and connection problems with Opnsense

afk

April 17, 2021, 02:29:16 AM Last Edit: April 17, 2021, 02:33:58 AM by afk

opnfwb

April 17, 2021, 02:40:40 AM #1

afk

April 17, 2021, 11:59:57 AM #2