Slow throughput on SG-4860 (~600mbs on 1gbs line)
-
I think he is describing fiber terminating at an ONT with ethernet to pfsense. Thats the best way to do it.
-
I think he is describing fiber terminating at an ONT with ethernet to pfsense. Thats the best way to do it.
Gotcha - I guess the part about putting the Vz Box in bridge mode is what threw me off since the ONT usually does not do any routing/wifi.
-
If he is putting a VZ box in bridge mode then he is most likely not connected directly to the ONT. Rather he is connected to the VZ router which has a MOCA connection back to the ONT.
My bad. Still, direct connect to the ONT is best.
Not really sure what verizon was thinking when they decided to go with that architecture.
-
I think he is describing fiber terminating at an ONT with ethernet to pfsense. Thats the best way to do it.
Looks like what I have (and all I have) from VZ is the current ONT. Sorry if I've confused everyone with terms or lack there of :)
-
Ah ok, so it looks like the ONT is connected directly to the WAN port on pfSense (i.e. no Verizon router/gateway inbetween).
In trying to isolate the problem I assume you have already tried to do am iperf/iperf3 test between your laptop and the pfSense box to make sure that the LAN interface(s) on the pfSense boxes are able to push out 1 gbit of traffic to downstream devices? Also, have you looked at your network statistics? Are you seeing any dropped packets and/or errors?
One other thing I might recommend is trying to tune your network a little bit since you have a very high speed connection.
https://forum.pfsense.org/index.php?topic=113496.0
https://calomel.org/freebsd_network_tuning.htmlHope this helps.
-
assume you have already tried to do am iperf/iperf3 test between your laptop and the pfSense box to make sure that the LAN interface(s) on the pfSense boxes are able to push out 1 gbit of traffic to downstream devices?
Hope this helps.you know…. for all the iperf tests I've done (VPNs, server to server, host to server, etc) I dont think I've done one from a workstation to pfSense... what a simple thing and silly thing to over look! Thank you!
(now I just have to wait :) lost my SG-4860 to a [potential] HW failure. As soon as I have one back in commission, I'll test that).
Thank you!!
-
In a connection where you have A linked to the WAN of B and the lan of B connected to the wan of C,
an iperf test from A to C will tell you the most about the health of B, which is hopefully the pfsense.
Nice picture. You couldn't take a bigger one? (kidding)
-
With my SG-4860 back and running, i wanted to revisit this thread.
Between a wired workstation (over a switch) to my PF box, i get a little north of 1gbps in each direction. So the bottleneck isn't there.
I've also learned some things about IPerf and traffic and threading (which is to say I learned very little but knew next to nothing when I started).
If I run a multithreaded test with a larger transfer size I get marginally better performance. But still not 1gbps
iperf -c iperf.he.net -w 1MB -P 5 ------------------------------------------------------------ Client connecting to iperf.he.net, TCP port 5001 TCP window size: 1.00 MByte (WARNING: requested 1.00 MByte) ------------------------------------------------------------ [ 9] local 10.15.1.115 port 52292 connected with 216.218.227.10 port 5001 [ 8] local 10.15.1.115 port 52291 connected with 216.218.227.10 port 5001 [ 5] local 10.15.1.115 port 52288 connected with 216.218.227.10 port 5001 [ 7] local 10.15.1.115 port 52289 connected with 216.218.227.10 port 5001 [ 6] local 10.15.1.115 port 52290 connected with 216.218.227.10 port 5001 [ ID] Interval Transfer Bandwidth [ 9] 0.0-10.0 sec 150 MBytes 126 Mbits/sec [ 8] 0.0-10.0 sec 151 MBytes 127 Mbits/sec [ 6] 0.0-10.0 sec 150 MBytes 126 Mbits/sec [ 5] 0.0-10.0 sec 150 MBytes 125 Mbits/sec [ 7] 0.0-10.0 sec 79.1 MBytes 66.3 Mbits/sec [SUM] 0.0-10.0 sec 680 MBytes 570 Mbits/sec -
It might be able that more the one issue will be invited in that case.
First of all PPPoE usage of the Internet account, this is then more single CPU core threaded and
nothing can help you out with it either another more powerful or strong CPU.The gateway device from the ISP if it will be not a real or pure modem, but more a router will be also
doing NAT at the WAN port, and then you will be also able to ask you ISP what to do or how to solve
this problem. Perhaps he will send you another "box" that is doing not NAT or is acting as a pure modem.The SG-4860 unit is doing for someone called @gonzopancho at a 1Gbit/s symmetric Internet connection
nearly or around ~900 MBit/s and together with the TCP/IP overhead and passing firewall rules through it,
it might be the nearly 1 GBit/s real throughput.If you now gets only 500 - 600 MBit/s I personally would do a fresh and full install without any additional packets
and have a look what is going on then. The ADI 2.4.1 serial Image is able to download and pretty new, so it could be
if you are using VLANs at the WAN port that the version 2.4.0 will be a better option at this time for you.Can you set this up for us and your self? Before doing so please do a configuration backup but don´t play it back
on the fresh installation to prevent a typo or earlier set up false in the test. Normally it will take 30 minutes for you.And then you will be able to see what is going on in real. Would be my way in that case.
-
This post is deleted!