Weird routing behavior ??

kolki29 · March 22, 2023, 3:02pm

Hi !

I have a Pfsense firewall on my network that is connected to internet.
Besides firewall tasks, I use dns filtering and reverse proxy / load balancing ( with the pfsense HAproxy package).

Since I control the DNS , I can reach the servers in my home lab using a url and this is where my problems begins :

When I curl the url the first time , I wait 30 seconds before I have an answer,
Then for 20 seconds, everything is working normally
then again 30 seconds delay and 20 seconds normal

Wed Mar 22 21:54:40 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 0% cpu 30.214 total
Wed Mar 22 21:55:12 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 43% cpu 0.211 total
Wed Mar 22 21:55:13 2023    curl -s https://synology.domain.org -I  0.10s user 0.00s system 44% cpu 0.219 total
Wed Mar 22 21:55:14 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 43% cpu 0.214 total
Wed Mar 22 21:55:15 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 43% cpu 0.213 total
Wed Mar 22 21:55:17 2023    curl -s https://synology.domain.org -I  0.11s user 0.00s system 47% cpu 0.232 total
Wed Mar 22 21:55:18 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 41% cpu 0.220 total
Wed Mar 22 21:55:19 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 43% cpu 0.212 total
Wed Mar 22 21:55:20 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 42% cpu 0.212 total
Wed Mar 22 21:55:21 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 44% cpu 0.214 total
Wed Mar 22 21:55:23 2023    curl -s https://synology.domain.org -I  0.08s user 0.01s system 43% cpu 0.213 total
Wed Mar 22 21:55:24 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 43% cpu 0.213 total
Wed Mar 22 21:55:25 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 44% cpu 0.213 total
Wed Mar 22 21:55:26 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 43% cpu 0.214 total
Wed Mar 22 21:55:28 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 44% cpu 0.213 total
Wed Mar 22 21:55:29 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 43% cpu 0.214 total
Wed Mar 22 21:55:30 2023    curl -s https://synology.domain.org -I  0.10s user 0.00s system 45% cpu 0.220 total
Wed Mar 22 21:55:31 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 42% cpu 0.211 total
Wed Mar 22 21:55:32 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 43% cpu 0.214 total
Wed Mar 22 21:55:34 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 0% cpu 30.224 total
Wed Mar 22 21:56:05 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 45% cpu 0.219 total
Wed Mar 22 21:56:24 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 42% cpu 0.213 total
Wed Mar 22 21:56:26 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 0% cpu 30.212 total
Wed Mar 22 21:56:57 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 43% cpu 0.220 total
Wed Mar 22 21:57:15 2023    curl -s https://synology.domain.org -I  0.08s user 0.01s system 43% cpu 0.209 total
Wed Mar 22 21:57:16 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 0% cpu 30.216 total
Wed Mar 22 21:57:47 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 43% cpu 0.213 total
Wed Mar 22 21:58:06 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 42% cpu 0.221 total
Wed Mar 22 21:58:07 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 0% cpu 30.214 total
Wed Mar 22 21:58:38 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 43% cpu 0.212 total
Wed Mar 22 21:58:59 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 44% cpu 0.215 total
Wed Mar 22 21:59:00 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 0% cpu 30.215 total
Wed Mar 22 21:59:31 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 43% cpu 0.215 total
Wed Mar 22 21:59:51 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 43% cpu 0.211 total
Wed Mar 22 21:59:52 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 0% cpu 30.251 total
Wed Mar 22 22:00:23 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 43% cpu 0.214 total
Wed Mar 22 22:00:43 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 44% cpu 0.214 total
Wed Mar 22 22:00:44 2023    curl -s https://synology.domain.org -I  0.09s user 0.00s system 0% cpu 30.217 total
Wed Mar 22 22:01:15 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 44% cpu 0.214 total
Wed Mar 22 22:01:36 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 43% cpu 0.211 total
Wed Mar 22 22:01:37 2023    curl -s https://synology.domain.org -I  0.09s user 0.01s system 0% cpu 30.216 total

Before using a mikrotik switch I was using a cisco switch with no side effect..
I did put back the cisco switch and everything works normally…

If I use netbios alias ( for use with windows share) I have no problem to reach the server ( very good performance too)
everything works consistently with the IP adress of the server

I’m really out of idea where to look and I am taking any suggestion !!

Thanks !!

erlinden · March 22, 2023, 3:15pm

Talking about weird…are you using the RB5009 as switch?
Can you share the config of it?

/export file=anynameyoulike

Make sure to remove any personal info like serial and public IP information

anav · March 22, 2023, 3:29pm

Suggest you use a proper firewall appliance, I have no interest in looking at pfsense logs. Curl that!

kolki29 · March 22, 2023, 5:41pm

Talking about weird...are you using the RB5009 as switch?
Can you share the config of it?
/export file=anynameyoulike
Make sure to remove any personal info like serial and public IP information

Here it is !
config.rsc (8.25 KB)

kolki29 · March 22, 2023, 5:43pm

Hehehe, fair enough
Yet I have dismissed my firewall as a root cause , let me FTP that !

anav · March 22, 2023, 8:36pm

So your using the RB5009 as a switch ???
Thats crazyee, let me send you a switch and you can send me the RB5009

Why are you creating vlans on the router?? They should all be defined on the pFSENSE.
So your using this as a full router with double NAT ???

Why not just use the RB5009 and throw the pfsense in the garbage.

kolki29 · March 23, 2023, 12:44pm

You got bullied at school by a pfsense router or something ?
I like the pfsense for its feature [ wireguard, haproxy package, dns filtering, logging/dashboards, acme script for let’s encrypt and the perf are very good ) when I like the RB5009 for its hardware/price ratio ( I got 10g port, 2.5g port, all the rest in 1g AND all of them with PoE and it’s very powerful).
Also, what I want to do is already defined and working just fine in Pfsense, so I have no problem with RouterOs but I don’t see the need or the possibility to transfer everything…
I don’t need RouterOS to do anything but be fast

Back to my problem, any idea?

anav · March 23, 2023, 12:46pm

Your problems are not solved by hardware LOL

Just configure the MT as a basic switch iaw https://forum.mikrotik.com/viewtopic.php?t=182276

just go look at the example.

kolki29 · March 23, 2023, 1:06pm

I really agree that no problem get solved by hardware !
I want better perf out of the mikrotik hardware, I didn’t get it to fix any problem I had before really.

Thanks for link , I’ll check it out !!