New Netgate 2100 Owner - Gig Internet slower?
-
Hi all,
Brand new Netgate 2100 owner here. Coming from an old Asus router from 2013 or so.
Anyways, I have Gig internet (Spectrum) and on my old router I typically would get 800-940Mbps download speeds during testing at random hours.
So far with the 2100 my max has been around 540Mbps.
Looking online to try to troubleshoot or tweak what settings I need to make to speed it up.
Any ideas?
-
@valien What is the CPU usage during the download? Do you have any packages installed?
https://www.netgate.com/appliances rates it as:
L3 Forwarding
IPERF3 Traffic: 2.20 Gbps
IMIX Traffic: 594 MbpsFirewall
(10k ACLs)
IPERF3 Traffic: 964 Mbps
IMIX Traffic: 249 MbpsPre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
Upvote 👍 helpful posts! -
@steveits No packages at all (just installed it today). CPU is pretty low during speedtest tests. But reading on different forums/reddit, etc it seems the 2100 can't handle more than 500-600 throughput, which is unfortunate. My old Asus router handled traffic better. :(
-
@steveits said in New Netgate 2100 Owner - Gig Internet slower?:
@valien What is the CPU usage during the download? Do you have any packages installed?
https://www.netgate.com/appliances rates it as:
L3 Forwarding
IPERF3 Traffic: 2.20 Gbps
IMIX Traffic: 594 MbpsFirewall
(10k ACLs)
IPERF3 Traffic: 964 Mbps
IMIX Traffic: 249 MbpsI always wondered where those numbers came from. My SG-2100 tops out at about 640mbit in iPerf3 when firewalling. No way it will handle those numbers in even the most optimal situation.
The numbers almost looks like they where by accident copied from the SG-3100. -
@valien said in New Netgate 2100 Owner - Gig Internet slower?:
CPU is pretty low during speedtest
Interesting, I would have thought the CPU would max out before something else. We generally have IDS running which will of course use lots of CPU.
I'm more surprised your old router was faster. Perhaps I'm assuming, but usually cheap routers have cheap processors.
You're not running the speed test ON the router are you? Netgate's commented several times that uses up CPU cycles so is usually slower.
@keyser I have a 2100 at home but got it when I had a slower connection and can't max it out like that on my current cable. (And we have many clients with one.)
I don't have a record of the 3100 specs but I seem to recall it was faster, especially the IMIX. The jump from the 1100 to 2100 is because the 1100 has only one switch and uses VLANs to have separate interfaces.
I did think it interesting that Netgate's blog on the 4100 lists NAT separately, and lower: "4.09 Gbps firewall performance, 3.42 Gbps NAT handling." They don't list "NAT handling" as a spec in the store. It makes sense NAT uses CPU cycles.
-
@steveits said in New Netgate 2100 Owner - Gig Internet slower?:
@keyser I have a 2100 at home but got it when I had a slower connection and can't max it out like that on my current cable. (And we have many clients with one.)
I don't have a record of the 3100 specs but I seem to recall it was faster, especially the IMIX. The jump from the 1100 to 2100 is because the 1100 has only one switch and uses VLANs to have separate interfaces.
I did think it interesting that Netgate's blog on the 4100 lists NAT separately, and lower: "4.09 Gbps firewall performance, 3.42 Gbps NAT handling." They don't list "NAT handling" as a spec in the store. It makes sense NAT uses CPU cycles.
You might be on to something there. I have never tried benchmarking it with firewalling but no NAT. My 640 Mbps is with NAT, so that might be the explanation
-
@keyser Maybe, but he said the CPU isn't maxed out. Is yours?
-
@steveits said in New Netgate 2100 Owner - Gig Internet slower?:
@keyser Maybe, but he said the CPU isn't maxed out. Is yours?
EDITED for memory lapse…..
Unfortunately I no longer have my SG-2100 on a GigE line, so I can’t redo the test. But as I recall the CPU was very high (> 90%) - close to maxed out in a multi session iPerf3 test.
But knowing that each NIC/session combination is assigned a CPU core, we might be looking at one core (the one doing NAT) is at 100% while the other is only at fx. 60 or 70%.
That would also mean it could go a little bit higher with a multisession test (NAT would be distributed across both CPU cores). That would explain my 640Mbps.So your NAT theory could be a very good explanation.
-
Just tested it tonight. Maxed out at 530 Mbps down. CPU hit 61% for about 2 seconds and dropped back to 20-30% during the test.
-
@valien @valien
If your setup is different from other´s testing environment
you may get out also often other number.LAN:
iperf server on linux server
iperf sender on linux server
dump GB switch
pfSense is touring between them
= raw routing throughput (LAN)The same set up with two Windows machines
and copying many smaller some mid and one great
cumulated all number you will be getting out something that is called "IMIX traffic" this is than more near the
real world, traffic or situation you hit with your numbers
or will be meeting. So if you are not complete clear about have a look on the IMIX traffic in your tech specs and all is fine, I mean you are more close to real world usage specs.
IMIX: is maxing out at ~250 MBit/s so if you get 540 MBit/s you have some free space ahead for setting
up rules installing packets and more....WAN:
Can be more different in all our (customers) use cases,
So if they test to show us up numbers it can be more differeing from our home or worksplace netflow.Being fair Netgate 2100 for something like 100/50,
100/100 or to 200/200 MBit/s internet with low power consuming will be a rocket with some space to install
packets.
