I’ve recently switched my router to pfsense and I’m starting to get random spikes in the game. My ping will stay low however sometimes I would see all the heroes freeze for a second or two (except my hero) and then everything would resume back.
Look under Status > System Logs > Gateways (tab)
It will tell you if you’re having latency issues or packet loss, should be setup to use dns for ping refrence.
Should look something like this.
GW_WAN 8.8.8.8: Alarm latency 29224us stddev 8856us loss 25%
First number is the ip it pinged, second number is average latency, third is deviation in latency (jitter), fourth is packet loss.
This is just to determine if the gateway (modem) is the issue and not pfsense.
Then switch to the genral tab and see if any errors popup there.
Second thing I would do is just check the cpu/memory performance stats in system information on the pfsense home page and the state table size.
Finally if you can’t find a reason for it check your hardware to see if it’s one of the known nics to be a problem, some have TSO/LRO or checksum or hardware offloading bugs in their firmware and to fix that is to tell pfsense to turn it off in system tuneables.
Look on the net for pfsense troubleshooting for further clarification.
I’ve checked the Status > System Logs > Gateways (tab) and I don’t see anything unusual. No logs shown with today’s date so no packet loss or ping spikes.
Under general tab I don’t see anything unusual either. My CPU Performance is 9% and Memory is at 47%. I have hardware offloading disabled as well so that shouldn’t be the issue. Do you think it could be my ubiquiti switch/access point that I’m using? I don’t see anything unusual in overwatch when I press ctrl + shift + n. No ping spikes or anything…
I’ve ran the WinMTR stats while playing OW so hopefully someone here can read it and help me out.
I’ve checked the Status > System Logs > Gateways (tab) and I don’t see anything unusual. No logs shown with today’s date so no packet loss or ping spikes.
Under general tab I don’t see anything unusual either. My CPU Performance is 9% and Memory is at 47%. I have hardware offloading disabled as well so that shouldn’t be the issue. Do you think it could be my ubiquiti switch/access point that I’m using? I don’t see anything unusual in overwatch when I press ctrl + shift + n. No ping spikes or anything…
I’ve ran the WinMTR stats while playing OW so hopefully someone here can read it and help me out.
|------------------------------------------------------------------------------------------|
| WinMTR statistics |
| Host - % | Sent | Recv | Best | Avrg | Wrst | Last |
|------------------------------------------------|------|------|------|------|------|------|
| pfsense.localdomain - 0 | 337 | 337 | 0 | 0 | 13 | 0 |
| 99.229.112.1 - 0 | 337 | 337 | 5 | 15 | 193 | 13 |
| 8083-dgw02.mtnk.rmgt.net.rogers.com - 0 | 337 | 337 | 4 | 13 | 191 | 13 |
| 3201-cgw01.wlfdle.rmgt.net.rogers.com - 0 | 337 | 337 | 5 | 14 | 188 | 11 |
| 209.148.230.26 - 0 | 337 | 337 | 20 | 28 | 53 | 26 |
| eqix-dc2.blizzard.com - 0 | 337 | 337 | 20 | 30 | 195 | 43 |
| ae1-br01-eqdc2.as57976.net - 0 | 337 | 337 | 21 | 31 | 120 | 28 |
| et-0-0-2-br01-eqch2.as57976.net - 0 | 337 | 337 | 30 | 45 | 558 | 44 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
| No response from host - 100 | 68 | 0 | 0 | 0 | 0 | 0 |
|________________________________________________|______|______|______|______|______|______|
WinMTR v0.92 GPL V2 by Appnor MSP - Fully Managed Hosting & Cloud ProviderI don’t see anything out of the ordinary.
Keep an eye on the state table, I’ve noticed lag issues when they get close to their max define and membuff on nics can get overwhelm especially if you’re using hypervisor and virtio.
Check the ubiqiti switch and pfsense and see if it’s got some sort of QoS running. It shouldn’t but I’ve see weird things before. You could try running a straight line to the pfsense box and remove the switch from the equation and see if it behaves the same.
Are you connect to a ubquiti access point? is it the AC-lite? I’ve been having some issues with my AC-HD?
I tried connecting directly to my pfsense box and I still have the same issue so I don’t think it’s my switch. I do connect to AP-AC Pro. I do have ntopng running but I’m not sure how to use it to troubleshoot lag issues with Overwatch. I don’t have any QoS but I’m thinking maybe I should add one to set higher priority on Overwatch or games. Is that possible?
Check Status > Interfaces
see if there are any in/out errors or collisions on any of the interfaces.
also,
Have you tried connecting to the modem directly?
Is the modem a real modem, not one of those combo router-wifi/modem handed out by the isp. I’m thinking maybe a double nat issue going on here. But it sounds like you know what you’re doing.
If you connect to the modem directly and test and don’t have a problem, I would test again through pfsense and turn off the firewall on pfsense and see if that has an effect, if it does then we know it’s a firewall issue, if it doesn’t then it’s a nat or routing issue.
Just be sure the condom is “on” on all your machines when you do this.
To me it sounds like you’re sending but not receiving, almost like dropped packets at the wan interface, which makes me think it’s a firewall issue or nat issue on pfsense blocking incoming packets from blizzard for some odd reason.
As for me, I run pfsense 2.4.3 in a kvm hypervisor with intel nics passthrough, and run a complex vlan structure with a hybrid outbound nat. I average 80 ms in all my matches and haven’t had a lag or connectivity issue.
So I’m a bit baffled.
So I haven’t tried connecting to modem directly because in my previous setup I had my modem set to bridge mode (it also has router/wireless capabilities) and connect my modem to my router which was Asus ac68u. I never had any issues with overwatch with this setup so that isolates any possibility that could be happening at the modem level.
With my new setup the modem is still in bridge mode but it connects to my pfsense server (This has 4 NIC Ports, 1 which is WAN and 3 physical nics that are bridged together as 1 LAN (I label these physical ports as OPT1/OPT2/OPT3).
The firewall rules are set at the LAN interface (Bridge).
OPT1 -> Unifi Switch -> Wireless AP and some local devices, and IoT devices on a separate VLAN, Guestnetwork also on a separate VLAN (This is a separate SSID)
OPT2 -> PC
So I don’t think the issue is with my unifi gear because even my PC that is connected to OPT2 is experiencing the lag issue. I tried to disable the firewall by going to:
- Navigate to System > Advanced , Firewall / NAT tab
- Check Disable Firewall / Disable all packet filtering
- Click Save
However after I do that I lose internet connection…Even when I try to go to Firewall > Nat on the Outbound tab to Disable Outbound NAT rule generation (No Outbound NAT rules) it causes me to lose internet connection as well.
EDIT: When going to Status -> Interfaces I am seeing In/out errors for my LAN Interface (lan, bridge0) . I’m only seeing OUT errors not IN errors. There are no other In/out errors on other interfaces. Not sure if these errors are from overwatch or from when I tried to disable the firewall/NAT…
Edit2: I read up online and the in/out errors have to do with having enabled an unused ethernet port in a bridge LAN. So I disabled one of the NIC ports OPT3 since nothing was plugged to it and the IN/OUT error stopped increasing in count. But lag is still happening
This sounds familiar to me, I think I did something similar to your setup and had weird problems. It had something to do with bridging of interfaces and I had to change two system tuneables to fix it.
h ttps://www.netgate.com/docs/pfsense/interfaces/interface-bridges.html
I don’t know if this is your problem, but worth a try.
and the other thing that pops into my head, you said you had quad port nic. Is it an intel card? I think I remember reading somewhere that it was a intel/bsd driver module that had a few bugs. I don’t remember if it was igb or em driver.
I can’t seem to find it now, since the pfsense forum went the way of netgate. I had issues with the intel em driver so it’s not out of the realm of possibility.
You might want to check to see if that quad card chipset has any bug reports on freebsd, or netgate forums.
You could swap out the quad nic and try using two seperate nics for a test and see how pfsense behaves. If the problem goes away, quad nic is the problem.
Also have you treid some of the solutions here?
Scroll down for the quad cards.
h ttps ://www.netgate.com/docs/pfsense/hardware/tuning-and-troubleshooting-network-cards.html
Thanks for the feedback. I had changed those system tuneables when I first bridged my LAN so those options have been changed.
Yes my quad port NIC is an Intel 82575GB Gibabit Ethernet Controller. I heard that Intel cards were the best option to go with when installing pfsense so that’s why I purchased this one. I will continue to look to see if others have any issues with this card, but so far it seems very solid other than Overwatch I haven’t had any problems with it and it’s capable of giving me gigabit speeds when using iperf3 to test network bandwidth.
I don’t have any spare NICs to test, so unfortunately this will probably be last resort and I’ll buy a few other Network cards.
Do you have any other recommended forums I can try to post on to see if there is anything else I can do to debug my issue? I’ll try to change some settings following your second link to see if that helps. Thanks for all your support so far!
I would go to the source which would be netgate/pfsense forums and post there.
Last thing I would try to do is a packet capture (under diagnostics of pfsense) or wireshark on the interface with a dumb hub (not a layer 2 switch) in between to see what the actual packets are doing. Frankly I haven’t done packet capture but have done the wireshark for voip setups/providers, it’s been awhile since I’ve done one, (last one was about 2012.) I don’t know what’s changed since then.
Don’t spend too much on the nics, the cheap broadcom or intel pci-e 1x gigabit nics work well.
You could also try opnsense, it’s a open source fork of pfsense. And you can see how that behaves, if it behaves the same then it’s a hardware issue or freebsd kernel/driver.
WIsh you the best of luck.