Packet Loss with IPS

flavio99 · May 06, 2017, 10:14:32 PM

Hi Community

I have packet loss when i enable the IPS mode on the Firewall. Does anyone know this problem and how can i solve it.

My Setup:
Hetzner Dedicater Server with Proxmox VE
OPNsense Firewall with E1000 NIC's

Thanks for Reply,

Flavio

bartjsmit · May 06, 2017, 10:58:42 PM

Hi Flavio,

Do you mean packet loss in ping?

Most likely solution is to allocate more resources to the OPNsense virtual machine.

Bart...

flavio99 · May 07, 2017, 12:03:32 AM

Hi Bart,

Yes, i mean packet loss in ping.

Current resources:
4 vCPU
4 GB of RAM dynamic

How much resources should I allocate?

Best regards,

Flavio

bulmaro · May 07, 2017, 12:44:41 AM

I have 4 network interface, I happen with a network interface Packetloss 46%

bartjsmit · May 07, 2017, 11:10:39 AM

Hi Flavio,

On paper, that is sufficient for low to moderate use. I've seen reports on this forum about speeds dropping with IPS, but not the degradation that will lose ping packets. What latency are you seeing to 8.8.8.8?

I'm not familiar with Proxmox or Hetzner but it may be fixable with PCI pass-through NIC's rather than using the (para) virtualised interfaces. This also depends on your throughput, to decide if it is worthwhile.

Bart...

elfrom · May 07, 2017, 02:13:31 PM

If you look in "system" -> "log file". Do you see errors about interface(s) going down and up shortly after?

franco · May 08, 2017, 08:57:11 AM

> a network interface Packetloss 46%

That sounds like checksums are broken either in the guest or host.

Cheers,
Franco

Packet Loss with IPS

flavio99

May 06, 2017, 10:14:32 PM

bartjsmit

May 06, 2017, 10:58:42 PM #1

flavio99

May 07, 2017, 12:03:32 AM #2

bulmaro

May 07, 2017, 12:44:41 AM #3

bartjsmit

May 07, 2017, 11:10:39 AM #4

elfrom

May 07, 2017, 02:13:31 PM #5

franco

May 08, 2017, 08:57:11 AM #6