Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Netgate 4100 slower at 2.5gbe than 1gbe

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    21 Posts 3 Posters 1.8k Views 4 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • ? Offline
      A Former User @stephenw10
      last edited by

      @stephenw10

      I’ll give that a try and report back. It’s 24.03, I know I’m behind.

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        Ah, well I'd definitely try 24.11 then. I'm not aware of anything specific there that might address this but there have been a number of updates/fixes.

        ? 2 Replies Last reply Reply Quote 0
        • ? Offline
          A Former User @stephenw10
          last edited by

          @stephenw10
          Yeah been meaning to do it but with two of us working from home and being a crazy busy time can’t even really afford weekend downtime. But I just kicked it off and will test changing flow control tomorrow.

          1 Reply Last reply Reply Quote 1
          • ? Offline
            A Former User @stephenw10
            last edited by

            @stephenw10 Unfortunately neither the upgrade or changing flow control made any difference. Still get near 1gb when forced to 1gb, still get in the 300's when forced to 2.5gb.

            1 Reply Last reply Reply Quote 0
            • stephenw10S Offline
              stephenw10 Netgate Administrator
              last edited by

              How are you testing that exactly?

              Can you grab a packet capture during the poor throughput?

              ? 1 Reply Last reply Reply Quote 0
              • ? Offline
                A Former User @stephenw10
                last edited by

                @stephenw10 I use a docker container called Speedtest Tracker which uses Speedtest.net. Running in docker and taking the browser out of the picture it seems to provide pretty consistent results. I'll have to look into capturing packets, should be doable, just have never had the need.

                1 Reply Last reply Reply Quote 0
                • stephenw10S Offline
                  stephenw10 Netgate Administrator
                  last edited by

                  Hmm, the issues could be on the LAN side and are just hidden by limiting the throughput to 1G on the WAN.

                  Do you see any errors on the LAN interface?

                  You might try running an iperf3 test to or from pfSense itself and a LAN side client. Or running a a speedtest client test from pfSense directly so the LAN side is not involved.

                  ? 1 Reply Last reply Reply Quote 0
                  • ? Offline
                    A Former User @stephenw10
                    last edited by

                    @stephenw10

                    Might be getting somewhere. I installed the speedtest widget from https://github.com/LeonStraathof/pfsense-speedtest-widget and get above the full provisioned speed as I would typically expect.

                    fd9d2311-5ece-4230-b891-ddc414d2cb03-image.png

                    So I guess I don't understand why having more available bandwidth on the WAN interface would slow down the LAN? Don't see any errors but the interrupts seems high?

                    3828d6de-8bdf-49bd-aeac-21bd084a10b8-image.png

                    dennypageD 1 Reply Last reply Reply Quote 0
                    • dennypageD Offline
                      dennypage @Guest
                      last edited by

                      @matt_m said in Netgate 4100 slower at 2.5gbe than 1gbe:

                      So I guess I don't understand why having more available bandwidth on the WAN interface would slow down the LAN?

                      Lack of flow control on either interface can cause this. I have 2.5Gb link on WAN (provisioned @ 2Gb down), and 10Gb link on the LAN interface. If I turn off flow control on the LAN, speed tests go very, very badly.

                      1 Reply Last reply Reply Quote 0
                      • ? Offline
                        A Former User
                        last edited by

                        I did some more testing.

                        1. If I set the LAN interface to 1000Gb I get most of the speed back. Tests in the high 800s, still notably lower than normal.
                        2. I tried all combinations of flow control on the LAN and WAN interfaces, doesn't seem to have any impact.
                        3. I enabled flow control on my Unifi network. At 2.5gb it doesn't seem to have any impact or maybe made things worse.
                        4. Flow control enabled everywhere, LAN at 2.5, WAN at 1, it seemed to be staying in the 800s
                        5. Back to flow control disabled in Unifi, enabled everywhere in pfSense, LAN at 2.5, WAN at 1, its back to the mid 900's.

                        Something about the router or my configuration of the router is an issue.

                        1 Reply Last reply Reply Quote 0
                        • ? Offline
                          A Former User
                          last edited by A Former User

                          One additional test, to rule out the SFP to RJ45 module, I have a small Netgear unmanaged 2.5gb switch sitting unused. I connected the LAN interface and the Proxmox host running my docker server directly to the 2.5gb switch and set the WAN back to 2.5 and didn't do any better than through all the Unifi equipment. I'll also add that I recently upgraded my proxmox host and saw these issues with the old host so its not that.

                          1 Reply Last reply Reply Quote 0
                          • stephenw10S Offline
                            stephenw10 Netgate Administrator
                            last edited by

                            Yeah check the sysctl outputs for the LAN side NIC.

                            Try an iperf test between pfSense and a LAN side client, make sure you can actually pass >1G there.

                            ? 1 Reply Last reply Reply Quote 0
                            • ? Offline
                              A Former User @stephenw10
                              last edited by

                              @stephenw10 had trouble getting iperf installed—just seemed to stall out. Figure a reboot was in order but couldn’t take down the network since we were working then headed out of town.

                              I have been intending to upgrade my switches to 2.5gb and picked up a Unifi Pro Max 24 during our trip. That will eliminate the GBIC to RJ45 adapter I've been using. I don’t expect that to resolve the issue but it’s something that’s been on my list for a while and will give me the ability to set up a 2.5gb connection from the router to my Docker machine for testing and will let a couple other machines take advantage of higher speeds. That also means I need to resolve this one way or another.

                              I’ve stumbled upon 1-2 other posts in dusty corners of the internet that might be describing the same issue but none with any resolution.

                              1 Reply Last reply Reply Quote 0
                              • stephenw10S Offline
                                stephenw10 Netgate Administrator
                                last edited by

                                What switch do you have on the LAN side currently? Is it linked at 2.5G to the pfSense LAN and 1G to the clients?

                                Try setting the LAN side link to 1G when the WAN at 2.5G so the bandwidth change is in pfSense not the switch.

                                If it's in the switch you pretty much need flowcontrol active to avoid buffer overruns.

                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.