Gigabit internet PPPoE and pfSense
-
FWIW, I run pfSense on the computer described in my sig. Here's my speedtest from a couple of days ago. This is on a cable modem with a 500/20 connection. So, pfSense is definitely capable, on the appropriate hardware. I wouldn't run a firewall in a VM for security reasons, let alone performance.
Incidentally, I used to run pfSense on an old HP compact desktop computer. After it died I bought the current hardware. With the HP I would typically get mid 500s down on speedtest. The new hardware caused a huge increase in performance.
-
Again, what speeds are you actually seeing?
If it was running baremetal I'd expect to see the at or very close to 1G PPPoE with that CPU given it's single thread numbers.
Steve
-
@bob-dig said in Gigabit internet PPPoE and pfSense:
@riahc8 Put your OpenWRT in front of pfSense and have a look if it is really PPPoE what is making problems for you.
Ive been giving that some thought and call it a day.......
How would I do this?
-
@stephenw10 said in Gigabit internet PPPoE and pfSense:
Again, what speeds are you actually seeing?
If it was running baremetal I'd expect to see the at or very close to 1G PPPoE with that CPU given it's single thread numbers.
Steve
Give or take: Around 8 Mpbs down , and 0.5 Mpbs up..... Awful speeds as you can tell....
-
Ah, OK! Yeah that's not a single thread PPPoE limitation. That looks more like a link speed/duplex mismatch somewhere. Throughput that low has to be some low level mis-configuration.
I would try testing to/from the firewall directly with iperf to determine which interface is at fault. If it's not both.
Steve
-
@stephenw10 said in Gigabit internet PPPoE and pfSense:
That looks more like a link speed/duplex mismatch somewhere
Was thinking the same thing ;) yeah such horrible speed has to be more than just some cpu bottleneck or pppoe performance hit.
-
@stephenw10 said in Gigabit internet PPPoE and pfSense:
Ah, OK! Yeah that's not a single thread PPPoE limitation. That looks more like a link speed/duplex mismatch somewhere. Throughput that low has to be some low level mis-configuration.
I would try testing to/from the firewall directly with iperf to determine which interface is at fault. If it's not both.
Steve
How would I properly test it? Could you please tell me a example so I can post the results?
Thank you
-
Install the iperf package in pfSense then run an iperf3 server there. Then test against it using an iperf client on the LAN. I would expect to see Gig line rate there, ~940Mbps, unless you have any traffic shaping in place.
Steve
-
@stephenw10 said in Gigabit internet PPPoE and pfSense:
Install the iperf package in pfSense then run an iperf3 server there. Then test against it using an iperf client on the LAN. I would expect to see Gig line rate there, ~940Mbps, unless you have any traffic shaping in place.
Steve
Hmmm I don't have any ethernet physical LAN clients.
Just VMs and a laptop.
-
Well you should be able to get Gigabit between pfSense and another VM in the same host.
But that does mean the issue is far more likely to be on the WAN side.
Steve
-
@stephenw10 said in Gigabit internet PPPoE and pfSense:
Well you should be able to get Gigabit between pfSense and another VM in the same host.
But that does mean the issue is far more likely to be on the WAN side.
Steve
Yeah, I believe I can test that out.
-
Sorry about the delay:
Here is a test from a linux VM to the pfsense VM on the same physical host:
Connecting to host 192.168.1.1, port 5201
[ 4] local 192.168.1.71 port 41266 connected to 192.168.1.1 port 5201
[ ID] Interval Transfer Bandwidth Retr Cwnd
[ 4] 0.00-1.00 sec 343 MBytes 2.88 Gbits/sec 0 764 KBytes
[ 4] 1.00-2.00 sec 398 MBytes 3.33 Gbits/sec 0 1.51 MBytes
[ 4] 2.00-3.00 sec 396 MBytes 3.32 Gbits/sec 0 2.03 MBytes
[ 4] 3.00-4.00 sec 394 MBytes 3.30 Gbits/sec 0 2.03 MBytes
[ 4] 4.00-5.00 sec 401 MBytes 3.37 Gbits/sec 0 2.03 MBytes
[ 4] 5.00-6.00 sec 391 MBytes 3.28 Gbits/sec 0 2.03 MBytes
[ 4] 6.00-7.00 sec 400 MBytes 3.36 Gbits/sec 0 2.03 MBytes
[ 4] 7.00-8.00 sec 400 MBytes 3.36 Gbits/sec 0 2.03 MBytes
[ 4] 8.00-9.00 sec 396 MBytes 3.32 Gbits/sec 0 2.03 MBytes
[ 4] 9.00-10.00 sec 396 MBytes 3.32 Gbits/sec 0 2.03 MBytes
[ ID] Interval Transfer Bandwidth Retr
[ 4] 0.00-10.00 sec 3.82 GBytes 3.28 Gbits/sec 0 sender
[ 4] 0.00-10.00 sec 3.82 GBytes 3.28 Gbits/sec receiveriperf Done.
I ran another test from another linux VM to the pfsense BUT they are on different physical hosts:
Connecting to host 192.168.1.1, port 5201
[ 4] local 192.168.1.80 port 42140 connected to 192.168.1.1 port 5201
[ ID] Interval Transfer Bandwidth Retr Cwnd
[ 4] 0.00-1.00 sec 12.2 MBytes 103 Mbits/sec 0 228 KBytes
[ 4] 1.00-2.00 sec 11.4 MBytes 95.6 Mbits/sec 0 228 KBytes
[ 4] 2.00-3.00 sec 11.0 MBytes 92.2 Mbits/sec 0 238 KBytes
[ 4] 3.00-4.00 sec 11.5 MBytes 96.7 Mbits/sec 0 238 KBytes
[ 4] 4.00-5.00 sec 10.9 MBytes 91.7 Mbits/sec 0 238 KBytes
[ 4] 5.00-6.00 sec 11.5 MBytes 96.6 Mbits/sec 0 238 KBytes
[ 4] 6.00-7.00 sec 11.2 MBytes 93.6 Mbits/sec 0 284 KBytes
[ 4] 7.00-8.00 sec 11.3 MBytes 95.1 Mbits/sec 0 298 KBytes
[ 4] 8.00-9.00 sec 11.4 MBytes 95.6 Mbits/sec 0 298 KBytes
[ 4] 9.00-10.00 sec 11.3 MBytes 95.2 Mbits/sec 0 298 KBytes
[ ID] Interval Transfer Bandwidth Retr
[ 4] 0.00-10.00 sec 114 MBytes 95.5 Mbits/sec 0 sender
[ 4] 0.00-10.00 sec 112 MBytes 94.2 Mbits/sec receiveriperf Done.
Does everything look good? I dont know how to interpret this.
-
@riahc8 said in Gigabit internet PPPoE and pfSense:
from another linux VM to the pfsense BUT they are on different physical hosts:
@riahc8 said in Gigabit internet PPPoE and pfSense:
95.6 Mbits/sec
??bad cable supporting only 100Mb connection
-
Yup, looks like a bad link to the host pfSense is on.
-
@stephenw10 But the cable is cat6 afaik that should run at 10Gb (my cards only support 1Gb)
-
@riahc8 said in Gigabit internet PPPoE and pfSense:
But the cable is cat6
Doesn't mean its not bad..
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11 -
...or just misconfigured somewhere.
-
@riahc8 said in Gigabit internet PPPoE and pfSense:
afaik that should run at 10Gb
BTW - cat 5e can also do 10ge for short distances.. But just because something is rated for something doesn't mean it not something wrong with it, 100mb only needs 4 wires out of the 8, for gig or higher you need all 4 pairs of wires, not just 2.
If your set to auto on gig interfaces and it only comes up 100, then something wrong.
Or something set wrong - but a 95mbps speed screams the connection is only 100. That first 1 showing 103mbps could just be a math sort of error in the tool?
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11 -
@riahc8 said in Gigabit internet PPPoE and pfSense:
But the cable is cat6 afaik that should run at 10Gb (my cards only support 1Gb)
Which means it won't make any difference. Gb Ethernet was designed for plain CAT5 and predates 5e.
-
^ yup, cat 5 runs gig all day long for full 100m of length without any issues. As long as nothing wrong with the cable. When gig first came out - kind of the whole thing that it could run on the existing installed 5..
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 24.11 | Lab VMs 2.8, 24.11
