Pfsense Nightmares Help please.

[Bmoney]

I am pulling my hair out!!!!

I installed pfsense on a old hp with a i5 processor and 4 gb of ram. The last six months updates have fucked me. I have a 70 mbps connection on a Arris modem. Now for over a year and a have I had no problems. Now with in a week my wan connection drops to 1 mbps. It pisses me off. I restored it to factory and reset all the interfaces and boom it works for a couple of days and then tanks. The web gui become dead slow I need to load a page for 15 minutes before it even become responsive. Browsing become so slow nothing load and often times out. I have change DNS setting, PFblockerg, squid, it just seems the longer my router it up it blocks all wan traffic, lan is fine. What the fuck is going on. Help anyone. Again longer it is up the slower it gets. When I had verison 2.3 it seem the update to 2.4 fucked it up anyone else have this it make no sense. Please 

[Razor Blade]

I am running 2.4.3 on a VM with 4 CPU cores (more cores for encrypt and decrypt), 2GB RAM, and the same packages you have (+snort).

 

What are you using for NICs?

[Bmoney]

1 hour ago, Razor Blade said:

I am running 2.4.3 on a VM with 4 CPU cores (more cores for encrypt and decrypt), 2GB RAM, and the same packages you have (+snort).

 

What are you using for NICs?

I hp 4 port I am not concerned about the hardware because again after a fresh install I have full speed. 

[Razor Blade]

55 minutes ago, Bmoney said:

I hp 4 port I am not concerned about the hardware because again after a fresh install I have full speed. 

Are you using PFsense on a USB stick?

[Bmoney]

No a ssd

[Alex Atkin UK]

Have you tried logging into the router with SSH, choosing option 8 and running "top" to see if something is hogging the CPU?

 

I also wonder if the SSD is causing issues if Squid is using it for cache.  Things getting slower and slower over time is certainly a known issue with SSDs if its not cleaning up properly.

pfSense does not enable trim when installed on SSDs which could definitely cause this sort of issue. https://gist.github.com/mdouchement/853fbd4185743689f58c

[Alex Atkin UK]

I looked around some more and the general consensus seems to be that you can probably get away without trim EXCEPT when using Squid where its likely to trash the SSD within a year or two without it.  So definitely worth looking into.

[Falconevo]

What network interfaces are you using?  I saw something similar in the past with Realtek network interfaces back in pfSense v2.3 due to a driver issue.

[Mikensan]

The os itself and states are stored in RAM, if you have more than 1 stick I'd remove 1 - test, and then swap it out and test again.

 

If you only have one stick of ram, then just run memtest.

 

 

[Bmoney]

Ok I have reinstalled pfsense as basic version with no IPv6. Everything is running smooth it is an issue with Squid settings for sure. I have read 100 different things set up in 20 or so configurations and still slows. The only mod I have made is my VPN.  

[Mikensan]

2 minutes ago, Bmoney said:

Ok I have reinstalled pfsense as basic version with no IPv6. Everything is running smooth it is an issue with Squid settings for sure. I have read 100 different things set up in 20 or so configurations and still slows. The only mod I have made is my VPN.  

I'm a bit lost... so is everything running smooth and the culprit was squid, or is it still slow, and you only have VPN but have squid?

[Alex Atkin UK]

My personal opinion is to avoid Squid period, it causes more trouble than it solves IMO.  I stopped using it once I got broadband.

With the vast majority of the Internet adopting https these days I honestly do not see Squid as having any value.

[Bmoney]

Squid was the issue. I am not using quid now but have my vpn.