10gb wan/lan setup tweaks?
-
@Gblenn thanks for your comment. Really helpful. I do see occasional entries in the "retries" under iperf. I hoping this is to be expected from time to time?
Thanks
-
@zennb1 Hmm not sure that is the case... At least I have not seen any retries. It either works or it doesn't for me, and if it doesn't it's my fault typically, like incorrect IP, not opened the port in pfsense (when testing over WAN) etc.
On LAN at least, I think you should expect quite clean runs...
What NIC are you using on the PC?
-
@Gblenn said in 10gb wan/lan setup tweaks?:
I'm running pfsense virtualized on an i5 11400 and get around 8.2 Gbit max when running speedtest as well as iperf testing across two firewalls connected at the same switch (WAN side).
What Hypervisor? I can't get more than 3-4 Gbit with pfSense on a vSwitch.
-
Pfsense ms01
Lan side X710 with dac to zxyel xs1930 switch
Wan side 10gtek 10gb x540 rj45 x1 portPc 10gtek x540 rj45
Not masses of retries but they happen from time time.
-
Seeing a few retries at the limit of the hardware is expected.
-
@Bob-Dig I'm running Proxmox and have the NIC's passed through (IOMMU).
In the test between two firewalls, both are virtualized and one is Sophos XG running on an i5 10400 (4 cores assigned which incidentally I also have for pfsense on the i5 11400).I have x520 NIC's for both Firewalls, and they connect on WAN via DAC's to a Mikrotik 10G switch where the fiber comes in.
My ISP has been kind enough to give me two IP's for this setup...So the "external" test using iperf was :
PC client on Sophos LAN->WAN to (FQDN) WAN->pfsenseLAN to iperf Server on a Linux VM running on a third Proxmox machine (10 Gig internal network).Otherwise I get similar numbers as @zennb1 when running iperf on LAN only.
-
@stephenw10 Would that be limit of the NIC, or the CPU? I don't think I have ever seen any retries actually...
-
@zennb1 said in 10gb wan/lan setup tweaks?:
Pfsense ms01
Lan side X710 with dac to zxyel xs1930 switch
Wan side 10gtek 10gb x540 rj45 x1 portPc 10gtek x540 rj45
Not masses of retries but they happen from time time.
Aha, never tried the 10GTek. I have an TPLink TX-401 (Marwell chipset). And it's behaving a bit strange when running speedtest, capping out at 3 Gbit roughly in DL. Only way to solve that is to run driver repair, which fixes the problem until next time i shut down and start the PC (just restart seems ok though).
-
@Gblenn I found the 10gtek does the same but by forcing windows settings to 10g full duplex for the card it's cured it on reboot.
My 10gb ms01 -
@zennb1 Thanks, but that did not work with my card. It seems though that any change I do to the settings, like shifting from Automatic to 10G full duplex, triggers som initiation of the device which resolves the issue. Disabling and enabling for example, has the same effect. But nothing that I do seems to "stick"... And since I have the driver SW as a shortcut it's quite simple to just run it...
