Ask
Reply
Solution
This is a really strange one... so just moved into a new property and had to settle for a basic ADSL connection, Vodafone recently provided the connection to my property together with their standard wifi-hub... upon initial inspection simply running of the wifi-hub everything seemed ok, however now that I've put my pfsense (running version 2.6.0) behind the wifi-hub I'm seeing a lot of packet loss.
So the setup is exactly the same as it was in my previous property (where i had no issues). I basically have the pfsense WAN interface connected to one of the Vodafone wifi-hub ethernet ports and wifi-hub sits in the same network range as the pfsense WAN interface IP - Vodafone wifi-hub is .1 and the pfsense WAN interface IP is .254. I've placed the .254 address in the "DMZ" and I disabled all functions on the Vodafone wifi-hub, turning it essentially into a ADSL modem. But still have the annoying double NAT config!
Doing a continues ping (towards 1.1.1.1) from my desktop, connecting to the internet via my AP (which connects into a switch, which connects into pfsense) - I'm getting 50% plus packet loss.
The second hop below is the Vodafone wifi-hub, locally going from pfsense to wifi-hub it seems to be registering 65% loss!
Thinking this might be a wifi issue, I run a cable from my switch to my desktop - same result!
Thinking it might be a bad cable between the pfsense WAN interface and Vodafone router, I swapped cables multiple times - same result! I've tried the different ethernet ports on the Vodafone router always the same result - packet loss! Even played with the MTU and negotiation settings on the pfsense WAN interface - no luck!
Thinking this is pfsense related, I've done the same continues ping test connecting my desktop directly over the Vodafone wifi-hub, over both wifi and cabled connections registering 5-10% loss - which I guess is acceptable.
Although at some point yesterday I was registering, 25% loss connecting directly over the Vodafone wifi-hub - which led me to think there was something wrong with the line or the router - Vodafone engineer on the way to check line and router, who I doubt will find anything wrong.
Currently running quality monitor via thinkbroadband.com to make sure the issue is definitely not related with the connection itself.
Now despite all of this packet loss I'm registering, when connecting to internet via my pfsense, don't seem to be having any connectivity issues. No drops or buffering during streaming, no drops over VoIP, VPN connectivity seems solid, So I'm really confused???
My next move I think is to order a simple ADSL modem (Draytek Vigor 130) and remove the Vodafone wifi-hub out of the equation, got the login details from Vodafone, but looking for alternative suggestions before I go ahead with that plan and spend the money.
Yes correct! Obviously there is a double NAT, with my initial comment "I disabled all functions on the Vodafone wifi-hub, turning it essentially into a ADSL modem." I was simply trying to suggest that I'm not using the Vodafone wifi-hub networking features and off-load all functionality to the pfsense.
Also, yes I'm aware of the downgrade behaviour of constant pinging towards DNS servers, but you have you to remember, I did not have this issue before, when my pfsense was behind the Virgin business router (same double NAT). Zero packet loss! And pfsense does have monitoring abilities, I have multiple monitoring G/Ws configured (towards well known DNS servers) - all reporting packet loss! See below. This wasn't happening before either (my G/Ws were always up). Strange thing is, there is high packet loss between the pfsense and the Vodafone wifi-hub. That's Layer 2 with no firewall in between, simply pfsense .254 pinging Vodafone wifi-hub .1 in the same network. Another behaviour I didn't have prior to Vodafone.
I've also just SSH-ed on to the pfsense and run a ping towards 1.1.1.1, packet loss! I've also run a ping towards 90.255.255.90, less but still packet loss.
I've done multiple tests of running MTR over VF router before (some screenshots in earlier replies) - latest test towards 1.1.1.1 is producing 2% loss, I've seen this figure to be between 8% and 25% last few days. But again that could be the downgrading effect.
Pinging 90.255.255.90 seems to produce 0% loss. Which is inline with what you were suggesting earlier in your reply.
In conclusion, most likely the line is fine but issue is between pfsense and the VF router - hence why I opened this thread in the first place. As I stated before, I didn't have this issue with the Virgin router, so provided the Openreach engineer finds nothing with the overall line health tmrw (I'll get the engineer to install a test socket and perhaps re-do the messy cabling within socket) - I will go and get myself a Draytek Vigor 130 and take the VF router out of the equation. Maybe the double NAT causes more problems with VF router than it does for instance with the Virgin router - which is why I didn't have these problems before.
