Thursday, December 12, 2024
Latest:
NETWORK ADMINISTRATIONSWindows serverwindows server dhcp

How to do Packet Loss And Latency Monitoring in pfsense

Connecting With Us
—————————————————
+ Hire Us For A Project: https://lawrencesystems.com/hire-us/
+ Tom Twitter 🐦 https://twitter.com/TomLawrenceTech
+ Our Web Site https://www.lawrencesystems.com/
+ Our Forums https://forums.lawrencesystems.com/
+ Instagram https://www.instagram.com/lawrencesystems/
+ Facebook https://www.facebook.com/Lawrencesystems/
+ GitHub https://github.com/lawrencesystems/
+ Discord https://discord.gg/ZwTz3Mh

Lawrence Systems Shirts and Swag
—————————————————
►👕 https://lawrence.video/swag

AFFILIATES & REFERRAL LINKS
—————————————————
Amazon Affiliate Store
🛒 https://www.amazon.com/shop/lawrencesystemspcpickup

All Of Our Affiliates that help us out and can get you discounts!
🛒 https://www.lawrencesystems.com/partners-and-affiliates/

Gear we use on Kit
🛒 https://kit.co/lawrencesystems

Use OfferCode LTSERVICES to get 10% off your order at
🛒 https://lawrence.video/techsupplydirect

Digital Ocean Offer Code
🛒 https://m.do.co/c/85de8d181725

HostiFi UniFi Cloud Hosting Service
🛒 https://hostifi.net/?via=lawrencesystems

Protect you privacy with a VPN from Private Internet Access
🛒 https://www.privateinternetaccess.com/pages/buy-vpn/LRNSYS

Patreon
💰 https://www.patreon.com/lawrencesystems

⏱️ Timestamps ⏱️
00:00 pfsense packet loss monitoring
01:45 Gateway Monitoring Setup
04:28 Status Monitor Graph Setup
#pfsense #packetloss #networking

source

by Lawrence Systems

windows server dhcp vlan

You May Also Like

Besser als Outlook? Evolution Mail in Linux (Ubuntu / Mint)

Setting up a VPN on Windows Server 2012 R2

Alice AUSTIN

Mirantis OpenStack for Kubernetes (MOSK) 24.2 Release Demo | New Dynamic Resource Balancer

22 thoughts on “How to do Packet Loss And Latency Monitoring in pfsense

  • Only one problem: it won't monitor internal packet loss. I am suddenly losing half of all packets on internal wired LAN. What a pain to diagnose…🙄

  • Thanks for this great info Tom! I wish I knew this when I had cable internet provider. I switched to Fiber and all my issues went away…..grin.

  • This is great. Just what I was looking for. Is there a way I can have my isp connection issues emailed to me as they happen rather than digging thru the logs? Thanks for the great content.

  • I have 2 pfsense with HA configuration already. Now I want to config something like ip sla on it. How can i do it?

  • I have recently run into a situation where I installed pfsense as a vm on my unraid machine and passed through the network card hardware. It dropped packets and it would only resolve about 50% of the dns requests. Thinking it was something wrong with pfsense being run as a VM, I built a pc with i5-6400, 8gb of ram, dual intel nic, 128gb nvme. I installed pfsense and ran into the exact same issue. I have the exact same build at work so I swapped them and it works perfectly. I brought the work pfsense box home and it drops packets and same dns issue. The only think I can think of is the cgnat my home ISP (GVTC) uses. My tplink wireless router works with the home internet without issue. I have tried using cloudflare and google dns as well as changing the mtu. I just went back to tplink because I could not figure out what the issue is.

  • Good video, Thanks. I recently tried this on my pfSense+ v.23.01. I have Comcast/Xfinity Modem. Comcast gateways do not respond to PINGs, so I substituted 3rd party sites (Google, Cloudflare & Quad9). I experienced significant packet loss on all 3. When I disable Bridge Mode and am in a Double NAT configuration, no packet loss. Not sure why this is. Also, with Bridge Mode disabled, my Dynamic DNS configuration with Cloudflare does not work. I tried Port Forwarding 53/853 on the Comcast modem and opening these ports on pfSense WAN with not success. Dynamic DNS works fine in the Bridge Mode. Any thoughts?
    Thanks

  • You might not be able to use the ISP gateway on IPv6. Often a link local address is used, which will not work with the pfSense monitor. What I did was run a traceroute to Google and selected the first Global Unique Address that appeared. This address appears to be within my ISPs network, as the first 64 bits are the same as with my WAN address.

  • Hi Tom, just wanted to ask you a question. Maybe I should use another social media channel of yours, but anyway: I was looking for a way in pfsense to detect that I have no internet connection even though the WAN gateway is online. I want to restart the WAN gateway or the whole router if the internet is not reachable for 30 mins on end. This is to always ensure connectivity is restored after an ISP outage or maitenance. I had a case this morning where I had no internet. In Pfsense everything was green. I restarted pfsense and internet was back. I cannot find a built in service that uses ping to check connection to e.g. a google server and then conditionally on that does a specified action. I dont like to spend the time to figure out how to write an run scripts and cron jobs. Or is that the only way???

  • Thanks Tom always very informative. Would you recommend using pfsense installed on old firewall hardware ? i.e. discontinued Sophos xg 135 or 105w etc. Have some laying around and pfsense works nicely on them just worried what could go wrong on the long run. Regards

  • Guy here that made the initial Gateway configuration, groups and also the RRD graphs of 1.2 and 2.0.

    Initially I picked up apinger, which was kind of a relic, sort of unmaintained. But it did work, if you capped the FreeBSD PID table to 32 bits, because it would wrap and then stop matching up ping replies. Glad they replaced this with dpinger over time. Functionality stayed more or less the same though (loss, RTT). Reason to make gateways a configurable item was for Gateway groups and tiered failover groups. It also greatly helped cleaning up static routes, and made it far more readable because the gateway could have a description. It's gotten more knobs since then, good.

    It also turned out to be a handy thing for things like track interfaces for DHCPv6 and DHCP-PD.

    Common caveat: People would use one of their DNS servers (see example comment below 😉 ) and then have no proper working DNS when a connection died.
    Perform a traceroute on that WAN connection, and pick the next hop out. 🙂

    Also glad they replaced the RRD graphs I started, that was one hot mess of a PHP script with a huge command line to generate the graph. Manual code intervention to prevent generating at intervals shorter then 30 seconds to prevent a DoS on the firewall. And for RRD files that added new datasets like the queues for the shaper was a frequent source of issues. Coupled with RRD being tied to the 32 bit or 64 bit format also a frequent issue.

    So much better now.

  • Nice video tutorial. As someone who is currently considering but doesn't have a pfsense appliance, should I have a target amount of disk space if I'd like to keep logs around for awhile?

  • Great Tutorial….. I Can See Site To Site Via WG, Is It More Preferable Than Open VPN Site To Site? You Inspire Me Alot

  • Excellent video! I've been wanting to set this up for a while, and just never had a chance to poke around. I'm so thankful you made this video!

  • In case the default GW is on prem or does not return pings, I run a traceroute and set the 2nd hop as monitoring address.

  • I'm always learning something new about pfSense from you. Great video!

  • Excellent overview and tutorial Tom. Learned a tonne from this and am now TOTALLY addicted to the Monitoring page! In all seriousness, this really helped me diagnose issue with my Cable ISP provider and I was amazed to see the telemetry over the last year and more. Thanks for sharing!

  • Wish dpinger would support a list of ip’s before being marked as down

  • Thank you!
    Nice2Know for a private user😃

Comments are closed.