Slow traffic on VLANs (smb, sql, dns)

adminproconer

Hi
I am pretty new in the pfsense culture, and I faced with a problem that I made three new vlan on the device (intra,wlan,guest) and the previous sysadmin already had default "LAN".

Earlier, every server, client, endpoint device was in the LAN network (/24) but runned into dhcp issues. (Not enough ipv4 address)

When he gave me all the permissions to the server i made those 3 new vlans (and I planning to make a 4th just for the servers) but from the new "inter" vlan every connection on SMB and SQL ports are horribly slow, and can not figure out what causing the problem.
I assumed that there is a loop in the network, but before they moved to the new office (where "inter" vlan is used) there wasn't any issue...

---

The network look like this:
Router & firewall:
The system under the pfsense is pretty tough...
Memory: 8GB
CPU: Intel Core i5-10400 @2.9Ghz
NIC: something Intel with 4 GBe ports

It connects to a D-Link 1210-48P managed switch and the switch is connected with fiber to a MikroTik CRS354. (This is their new device what provides network connection in the new building)

From the VLAN the ICMP requests to the server responding with 1ms..

Is there any way to troubleshoot the slowness of the network?

Checked the network connections with wireshark, but didn't see any extra...

Networks:
LAN - 192.168.2.0/24 - vlanid:1
INTRA- 192.168.3.0/24 - vlanid:2
WLAN - 192.168.4.0/24 - vlanid:3
Guest - 172.16.100.0/24 - vlanid:4

Guest is separated from any other networks, but every other vlan devices need to communicate with each other.

Bob.Dig

@adminproconer Is this bare metal or virtual?

adminproconer

@bob-dig bare-metal

johnpoz

@adminproconer said in Slow traffic on VLANs (smb, sql, dns):

connection on SMB and SQL ports are horribly slow

And what is that exactly? What is horrible slow in terms of actual numbers? Have you done a speedtest via say iperf? Maybe interface came up only as 100 vs gig?

Keep in mind that intervlan traffic on the same physical interface is going to share the bandwidth.. If you want vlan X to talk at full wire speed to vlan Y, they really should be on different physical interfaces. Your also sharing that interfaces physical limit with any other vlans A, B, Z etc..

adminproconer

@johnpoz

The connection time via these protocols are slow. Like 45-60sec to connect to the mysql database. 10-15 sec to estabilish connection with the windows file server. They using ERP software what connects to sql db.

SMB slowness:
When I want to save a file from excel, word etc. to the network share, it takes 5-10 sec.

I measured with iperf from the 3.0/24 and 2.0/24 network, there is no speed issue, no latency issue, operates with 1Gbe, full speed.

On the server's VE i made a bonding (link aggregation) so I have 2x1GBe bandwith available.

johnpoz

@adminproconer And how about you remove the link aggregation..

If still slow then I would sniff - but if you have full speed, and ping is 1ms - your issue is not network related, but most likely server or performance related.

Sniff to see what is slow, nothing the network the router can do if server answers slowly.