We're using PfSense as an internal router/firewall (no connection to WAN). Using the Web-GUI, under Status —> Interfaces, there's one particular interface where I have some errors:
In/out errors 3513/0
I then SSHed to the firewall to validate the info provided by the WebGUI and here's the output:
# netstat -ni -I bce2
Name Mtu Network Address Ipkts Ierrs Opkt Oerrs Coll
bce2 1500 <Link#3> 00:23:7d:cd:a2:a2 1404522323 3513 749797131 0 0
bce2 1500 10.42.1.0/24 10.42.1.24 6 - 6 - -
As you can see, both present the same info (errors on incoming packets). I switched cables, changed network card, changed port on switch and I still see the errors. My 2 questions really are:
1) Is there any way I could get more info on the nature of these errors? or is this all I can get?
2) Should I be worried about this? As you can see, the errors are a VERY LOW percentage of all the total incoming packets. In other words, is this normal on a high-traffic gigabit interface?
Thanks!
JFA
Best Answer
1) There may be dosens of possible reasons. Most possible: you've got some buffer overruns.
Analyze:
dmesgsysctl dev.bcevmstat -z(USED/LIMIT)netstat -s(Errors/Buffers)You can also try some tuning described here: FreeBSD performance tuning: Sysctl parameter, loader.conf, kernel
But these are intended for advanced sysadmins only, use them on your own risk!
2) Maybe. With time, when the load increases this percentage will rise, too.