Help diagnosing slowdown issue

Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware
Author Message
looselyhuman
DD-WRT Novice


Joined: 19 Jun 2020
Posts: 17

PostPosted: Tue Jun 23, 2020 0:39    Post subject: Help diagnosing slowdown issue Reply with quote
Hi all,

R6400v1 running DD-WRT v3.0-r43171 std (05/16/20)

Router is an OpenVPN client, running as a gateway with SPI firewall and a couple of basic iptables rules, and is running DNSMasq.

Intermittently (daily or so), ping to and through the router (from internal subnet) slows to as much as 950ms. Once I can get into the web manager (takes a minute or more to fully load) I notice that CPU load and RAM usage are normal (both less than 10%).

Only one client is generally connected when this occurs, and not performing any expensive operations (e.g. bittorrent).

Rebooting resolves the issue.

Nothing in syslog is very helpful. I actually disabled syslog yesterday to rule that out as a culprit. I'll re-enable now so I'll be able to provide logs when it next happens.

Any advice on narrowing down the cause? Specific log settings, etc?

Thanks!


Last edited by looselyhuman on Tue Jun 23, 2020 5:14; edited 1 time in total
Sponsor
msoengineer
DD-WRT Guru


Joined: 21 Jan 2017
Posts: 1782
Location: Illinois Moderator

PostPosted: Tue Jun 23, 2020 3:47    Post subject: Reply with quote
running a VPN client on ANY router is going to eat CPU & Ram. That is the first suspect to look at and try turning off. Only the strongest 1.5ghz+ routers can handle a VPN, and even then at limited speeds...

Then it could be a botched wifi security setting, you should only be using WPA2 ccmp-128 AES.

Also what are you running in the Additional Dnsmasq Options under the services tab? Are you running any other scripts on the router?

All of these would be things to look over.

_________________
FORUM RULES

TIPS/TRICKS: Best QCA Wifi Settings | Latency tricks | QoS Port priority | NEVER USE MU-MIMO |
Why to NOT use MU-MIMO | Max Wifi Pwr by Country | Linux Wifi Pwr | AC MCS & AX MCS | QCA 5Ghz chnls to use | WIFI Freq WIKI | TFTP R7800 | Don't buy AX | IPERF3 How-To

[R9000]52396 nightly (Main Router)
[EA8500]43192 & 45493 (2xOffsite)
[R7800] resting
[WDR3600]BS 44715 (Offsite)
[A7v5]BS 43038 (Offsite+spare napping)
looselyhuman
DD-WRT Novice


Joined: 19 Jun 2020
Posts: 17

PostPosted: Tue Jun 23, 2020 4:58    Post subject: Reply with quote
msoengineer wrote:
running a VPN client on ANY router is going to eat CPU & Ram. That is the first suspect to look at and try turning off. Only the strongest 1.5ghz+ routers can handle a VPN, and even then at limited speeds...

Then it could be a botched wifi security setting, you should only be using WPA2 ccmp-128 AES.

Also what are you running in the Additional Dnsmasq Options under the services tab? Are you running any other scripts on the router?

All of these would be things to look over.


Cool, thanks. Questions:

VPN is running fine, satisfactory performance (20mb/s would be more than enough), for hours or sometimes 2 days - then poof. Would dd-wrt report low cpu/ram usage when that's not the case?

It's reporting less than 10% on both, even when the issue occurs and ping jumps to 900ms.

When it's not having the issue, ping is 1ms to router, 12ms to next internet hop. I've used bittorrent for hours without issue, then have it slow down later that night when there was no activity.

I want to reproduce once more before making changes, then will disable OpenVPN to see if any change.

I have 5ghz disabled. 2.4ghz security is WPA2-PSK CCMP-AES.

DNSMasq options:
Code:
server=/mylocaldomain.local/192.168.77.77
server=/mylocaldomain.local/192.168.77.79


Firewall (first 4 lines are a VPN kill switch, last 2 are for communication with my primary subnet):
Code:
WAN_IF="$(ip route | awk '/^default/{print $NF}')"
iptables -I FORWARD -i br0 -o $WAN_IF -j REJECT --reject-with icmp-host-prohibited
iptables -I FORWARD -i br0 -p tcp -o $WAN_IF -j REJECT --reject-with tcp-reset
iptables -I FORWARD -i br0 -p udp -o $WAN_IF -j REJECT
iptables -I FORWARD -d 192.168.77.0/24 -j ACCEPT
iptables -I FORWARD -s 192.168.77.0/24 -j ACCEPT


I do have one cron job, OpenVPN was dropping periodically. Maybe related..?
Code:
“0 5 * * * root stopservice openvpn; sleep 30; startservice openvpn #>/dev/null 2>&1”


Let me know if you have any more thoughts? I'll report back when I reproduce.

Thank you!
looselyhuman
DD-WRT Novice


Joined: 19 Jun 2020
Posts: 17

PostPosted: Tue Jun 23, 2020 5:26    Post subject: Reply with quote
One more thing: When the issue occurs, it affects local traffic through the router as well (ping to router ~900ms, ping to subnet 1 ~900ms, ping to first internet hop[VPN] ~920ms).
thommy181
DD-WRT User


Joined: 16 Mar 2019
Posts: 353
Location: Szczecin, Poland EU

PostPosted: Tue Jun 23, 2020 10:19    Post subject: Reply with quote
You can try to diagnose this problem. Check UPNP function is enabled, try to disable dnsmasq for tests, spi firewall, sfe. If it's only problem with connection (high ping or similar) check condition of lan cables. You can restart ethernet interface in computers and routers. If this steps can't solve problem you can permanently restore defaults on router and reconfigure it. Generally you can find problems step by step and test device.
kernel-panic69
DD-WRT Guru


Joined: 08 May 2018
Posts: 14125
Location: Texas, USA

PostPosted: Tue Jun 23, 2020 15:17    Post subject: Reply with quote
I guess I need to post a tcp tweaks how-to. There is also information in the router slowdown wiki, but most of those have been adjusted since that wiki was written.
_________________
"Life is but a fleeting moment, a vapor that vanishes quickly; All is vanity"
Contribute To DD-WRT
Pogo - A minimal level of ability is expected and needed...
DD-WRT Releases 2023 (PolitePol)
DD-WRT Releases 2023 (RSS Everything)

----------------------
Linux User #377467 counter.li.org / linuxcounter.net
looselyhuman
DD-WRT Novice


Joined: 19 Jun 2020
Posts: 17

PostPosted: Tue Jun 23, 2020 19:02    Post subject: Reply with quote
kernel-panic69 wrote:
I guess I need to post a tcp tweaks how-to. There is also information in the router slowdown wiki, but most of those have been adjusted since that wiki was written.

Yes please Smile

Thanks all - I am still waiting for it to repro. So far I just have some screenshots with it running under load and no load. One thing I did change (shouldn't have), just because I couldn't find any information regarding performance, was to disable the Shortcut Forwarding Engine - the description makes it sound pretty resource intensive..? So, if it doesn't happen again, possibly related?

Screens:
Speedtest

Torrents:

Minimal activity:


EDIT: These are all with OpenVPN connected.
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum