Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SG-2100 Installation Halved My WAN Speed

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    8 Posts 4 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dostergaard
      last edited by

      I installed my new Netgate SG-2100 yesterday replacing an old Netgear WNDR3700v2 router / firewall and checking my Internet speed today I see it averages about half of what it was before the installation. Ping latency has also increased about 15%. Interestingly though, upload speeds increased.

      Any ideas or advice would be appreciated or if this is to be expected from the SG-2100 then perhaps I bought the wrong product.

      This is pretty much a stock default installation with the following exceptions:

      • disabled DHCP server (I already have one but may switch to the Netgate later)
      • disabled DNS server (I already have one but may switch to the Netgate later)
      • configured WAN interface to spoof the Netgear's MAC address (necessary to receive a DHCP IP address from my ISP)

      I intend to upgrade my Internet service to a higher speed and configure more firewall rules and vlans (that is after all why I bought the Netgate) but not until I can figure out why it has effected my Internet download speeds so much.

      I run my Internet speed monitoring from a dedicated Raspberry PI that uses the speedtest CLI wired into a Grafana dashboard. This allows me to see the performance from the perspective of devices connected to my home network.

      The following shows the speedtest results from the day before before and after the router replacement.
      20210919-speedtest.png

      Thanks in advance.

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @dostergaard
        last edited by

        @dostergaard The 2100 should be faster than 30-40 Mbits/s. We have clients much faster than that on a cable line with IDS running, and Netgate shows its Firewall testing at "IMIX Traffic: 314 Mbps."

        So the Pi is behind the Netgate, testing to the Internet?

        Brainstorming, have you booted the ISP router? Can you put a switch in between them?

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote 👍 helpful posts!

        D 1 Reply Last reply Reply Quote 0
        • D
          dostergaard @SteveITS
          last edited by

          @steveits Thanks.

          Yes, the PI is behind the Netgate. The Netgate installation directly replaced the Netgear. Everything else remained in place including WAN and LAN cables. (Trying to change the fewest number of variables at one time.)

          My cable modem is a Motorola MB8600 which I installed a couple of months ago. I can reboot the modem.

          I also have a switch I can put between the Netgate and the modem.

          I will do that (one at a time) this evening after my guests go home and post what I find out here.

          D 1 Reply Last reply Reply Quote 0
          • D
            dostergaard @dostergaard
            last edited by

            I made the suggested changes and neither seemed to have much effect, if any.

            I have done further testing from two additional PIs that I have connected to the same switch as the router. All of them are underperforming but for the other two I have no data to compare to from before the Netgear / Netgate router swap.

            I have also tested other devices (laptops, desktops, etc.) and I am able to achieve speeds in the expected range with no apparent impact from the router swap.

            Although the effect on my Internet Speed monitor is unexplained I will move forward with my planned upgrades to the network. (and probably throw in an improved Internet Speed monitoring process too.)

            Thanks.

            S 1 Reply Last reply Reply Quote 0
            • S
              SteveITS Galactic Empire @dostergaard
              last edited by

              @dostergaard So it's only slower when testing from the Pis? Odd. Maybe an MTU, duplex, or similar setting? https://docs.netgate.com/pfsense/en/latest/troubleshooting/low-throughput.html

              Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
              Upvote 👍 helpful posts!

              D M 2 Replies Last reply Reply Quote 0
              • D
                dostergaard @SteveITS
                last edited by

                @steveits MTU & Duplex match. (1500/full) Nothing else stands out.

                The PIs only support 100baseT while the rest of my network is GigE. My current ISP account is only 100Mbps. While I expect the PIs to lose some of their bandwidth to overhead I didn't expect to see a reduction by half simply by swapping routers.

                Since everything else seems to be performing well I will chalk it up to the PI which I will have to upgrade or replace when I upgrade my Internet connection speed.

                Thanks.

                1 Reply Last reply Reply Quote 0
                • M
                  mer @SteveITS
                  last edited by

                  Duplex mismatch will kill you silently every time.
                  It most often happens when one end is fixed or autonegotiation turned off and the other end is set to autonegotiate. Speed can usually be figured out, duplex almost never. Obviously going from full duplex to half duplex, you get cut just about in half.

                  Maybe simply unplug and replug the wire to the Pi will force the correct state on both ends.
                  Of course, after checking what it thinks with ifconfig first.

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    Mmm, that sort of throttling looks like a speed/duplex mismatch but I can't see where it would be.

                    The switch on the WAN side test rules that out. And that would affect all clients.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.