I am running pfsense CE 2.7.2-RELEASE (amd64)on a Talari E1000/Lanner FW-3575 with:
Intel(R) Atom™ CPU C2758 @ 2.40GHz
8 CPUs: 1 package(s) x 8 core(s)
AES-NI CPU Crypto: Yes (active)
QAT Crypto: Yes (inactive)
I am using this for my home setup. I have Mediacom 1GB cable internet and have a managed unifi “enterprise” POE switch powering 2 Unifi AP’s. U6 Pro and U6 Lite.
I am running Let’s encrypt with dynamic DNS on porkbun. I am running 4 VLANs. LAN, WLAN, IOT, MANAGEMENT. They are setup as third party domains in Unifi. I’m running a cloud key gen2 with the latest firmware and OS running on all my Unifi stuff. I also run HAproxy and serve up many frontends and backends using ssl. I am running pfBlocker-NG, Snort and OpenVPN.
I am asking if pfSense is overloaded because when I make changes in the webui, sometimes the webpage times out, or takes a full minute before the “apply changes” shows. The CPU never gets very high that I can tell. That is problem 1. Problem 2 is my wifi clients are constantly getting timeouts from the DHCP handshake when they connect to the unifi AP. I have tried turning off everything on Unifi that I don’t need. I found forums years old with the same issue and tried all that. I even turned down my transmit power and that seemed to help for a week.
I don’t know if my DHCP server is failing, or Unifi AP is failing. I don’t know where to begin troubleshooting. I am not having problems on LAN devices connecting over copper, except an old computer running ubuntu. That one takes multiple tries to connect.
So question 1, does my talari network appliance likely a performance issue, or is it perhaps something with Unifi? I need advice on what to try troubleshooting. I’m good with Linux and programming, but a novice on advanced networking topics like packet capture and investigating Unifi devices over SSH/command line. I can provide additional information if anyone cares to take a crack at my issues.
I have been reading help forums for decades, but I have written less than a dozen posts in my life so if my post is garbage, please point me to a good resource where I can learn to write better posts.
To me this sounds like you have you have a network loop somewhere. To troubleshoot try and remove all switches from pfsense and directly plug into pfsense to see if everything is working properly. Then introduce a switch at a time.
That is an older CPU but should work for your use case. I am guessing here but if the drive is going bad it would have a hard time writing and cause those DHCP time out as it can’t update the logs or the DHCP tables. You can try backing up the config, replacing the drive, then reload restore. All the system settings are in that backup config.
I only have 1 switch, but i could try plugging in 1 ap to pfsense if i can find my poe injector again.
I never thought about hdd being bad. I will see about getting some spare drives. I bought the appliance off ebay so it could be a bad hdd. I wonder if its worth installing a ssd.
I do need to clarify i was wrong about my hardware. Its a lanner fw7573 or talari e100. I was wrong in my initial post.
You might be on to something. I didn’t realize this had an SSD. I’m not a SMART expert, but the log does look like maybe I’m experiencing an issue.
I just noticed I can create /var and /tmp as virtual directories on memory. I do have 16gb memory in this appliance. I wonder if I would me smart to setup a new ssd, because I can’t find a small capacity hdd in 2.5 form factor that isn’t overkill.
Do you have a guide on ram disk or videos? I don’t want to ask if this topic is already covered somewher.
I posted by SMART Status in case anyone is curious.
=== START OF INFORMATION SECTION ===
Device Model: SanDisk SD9SB8W128G
Serial Number:
LU WWN Device Id: 5 001b44 8bc5ed2ef
Firmware Version: X6107000
User Capacity: 128,035,676,160 bytes [128 GB]
Sector Size: 512 bytes logical/physical
Rotation Rate: Solid State Device
Form Factor: 2.5 inches
TRIM Command: Available, deterministic, zeroed
Device is: Not in smartctl database 7.3/5528
ATA Version is: ACS-4 T13/BSR INCITS 529 revision 5
SATA Version is: SATA 3.3, 6.0 Gb/s (current: 3.0 Gb/s)
Local Time is: Tue Jan 21 18:21:13 2025 CST
SMART support is: Available - device has SMART capability.
SMART support is: Enabled
AAM feature is: Unavailable
APM level is: 128 (minimum power consumption without standby)
Rd look-ahead is: Enabled
Write cache is: Enabled
DSN feature is: Unavailable
ATA Security is: Disabled, frozen [SEC2]
Wt Cache Reorder: Unavailable
=== START OF READ SMART DATA SECTION ===
SMART overall-health self-assessment test result: PASSED
General SMART Values:
Offline data collection status: (0x02) Offline data collection activity
was completed without error.
Auto Offline Data Collection: Disabled.
Self-test execution status: ( 0) The previous self-test routine completed
without error or no self-test has ever
been run.
Total time to complete Offline
data collection: ( 0) seconds.
Offline data collection
capabilities: (0x11) SMART execute Offline immediate.
No Auto Offline data collection support.
Suspend Offline collection upon new
command.
No Offline surface scan supported.
Self-test supported.
No Conveyance Self-test supported.
No Selective Self-test supported.
SMART capabilities: (0x0003) Saves SMART data before entering
power-saving mode.
Supports SMART auto save timer.
Error logging capability: (0x01) Error logging supported.
General Purpose Logging supported.
Short self-test routine
recommended polling time: ( 2) minutes.
Extended self-test routine
recommended polling time: ( 10) minutes.
SMART Attributes Data Structure revision number: 4
Vendor Specific SMART Attributes with Thresholds:
ID# ATTRIBUTE_NAME FLAGS VALUE WORST THRESH FAIL RAW_VALUE
5 Reallocated_Sector_Ct -O--CK 100 100 --- - 0
9 Power_On_Hours -O--CK 100 100 --- - 6922
12 Power_Cycle_Count -O--CK 100 100 --- - 43
165 Unknown_Attribute -O--CK 100 100 --- - 52036308
166 Unknown_Attribute -O--CK 100 100 --- - 1
167 Unknown_Attribute -O--CK 100 100 --- - 27
168 Unknown_Attribute -O--CK 100 100 --- - 9
169 Unknown_Attribute -O--CK 100 100 --- - 92
170 Unknown_Attribute -O--CK 100 100 --- - 0
171 Unknown_Attribute -O--CK 100 100 --- - 0
172 Unknown_Attribute -O--CK 100 100 --- - 0
173 Unknown_Attribute -O--CK 100 100 --- - 3
174 Unknown_Attribute -O--CK 100 100 --- - 25
184 End-to-End_Error -O--CK 100 100 --- - 0
187 Reported_Uncorrect -O--CK 100 100 --- - 0
188 Command_Timeout -O--CK 100 100 --- - 0
194 Temperature_Celsius -O---K 068 040 --- - 32 (Min/Max 22/40)
199 UDMA_CRC_Error_Count -O--CK 100 100 --- - 0
230 Unknown_SSD_Attribute -O--CK 100 100 --- - 1288492155180
232 Available_Reservd_Space PO--CK 100 100 004 - 100
233 Media_Wearout_Indicator -O--CK 100 100 --- - 426
234 Unknown_Attribute -O--CK 100 100 --- - 2041
241 Total_LBAs_Written ----CK 253 253 --- - 2466
242 Total_LBAs_Read ----CK 253 253 --- - 3086
244 Unknown_Attribute -O--CK 000 100 --- - 0
||||||_ K auto-keep
|||||__ C event count
||||___ R error rate
|||____ S speed/performance
||_____ O updated online
|______ P prefailure warning
General Purpose Log Directory Version 1
SMART Log Directory Version 1 [multi-sector log support]
Address Access R/W Size Description
0x00 GPL,SL R/O 1 Log Directory
0x01 SL R/O 1 Summary SMART error log
0x02 SL R/O 2 Comprehensive SMART error log
0x03 GPL R/O 1 Ext. Comprehensive SMART error log
0x04 GPL,SL R/O 8 Device Statistics log
0x06 SL R/O 1 SMART self-test log
0x07 GPL R/O 1 Extended self-test log
0x10 GPL R/O 1 NCQ Command Error log
0x11 GPL R/O 1 SATA Phy Event Counters log
0x30 GPL,SL R/O 9 IDENTIFY DEVICE data log
0x80-0x9f GPL,SL R/W 16 Host vendor specific log
0xde GPL VS 8 Device vendor specific log
SMART Extended Comprehensive Error Log Version: 1 (1 sectors)
No Errors Logged
SMART Extended Self-test Log Version: 1 (1 sectors)
Num Test_Description Status Remaining LifeTime(hours) LBA_of_first_error
# 1 Extended offline Completed without error 00% 6921 -
Selective Self-tests/Logging not supported
SCT Commands not supported
Device Statistics (GP Log 0x04)
Page Offset Size Value Flags Description
0x01 ===== = = === == General Statistics (rev 1) ==
0x01 0x008 4 43 --- Lifetime Power-On Resets
0x01 0x010 4 0 --- Power-on Hours
0x01 0x018 6 5173599048 --- Logical Sectors Written
0x01 0x020 6 18150904 --- Number of Write Commands
0x01 0x028 6 6473175800 --- Logical Sectors Read
0x01 0x030 6 52187983 --- Number of Read Commands
0x07 ===== = = === == Solid State Device Statistics (rev 1) ==
0x07 0x008 1 0 N-- Percentage Used Endurance Indicator
|||_ C monitored condition met
||__ D supports DSN
|___ N normalized value
Pending Defects log (GP Log 0x0c) not supported
SATA Phy Event Counters (GP Log 0x11)
ID Size Value Description
0x0001 4 0 Command failed due to ICRC error
0x0002 4 0 R_ERR response for data FIS
0x0005 4 0 R_ERR response for non-data FIS
0x000a 4 3 Device-to-host register FISes sent due to a COMRESET
