pfSense throughput performance disparity
-
@OracPrime Except Netgate doesn't think it can do that. Measuring error?
-
-
You can get asymmetry like that due to NAT for reasons I've never dug deep enough to discover. But, yes, I would not expect to see 900Mbps through a 2100 unfortunately.
-
@stephenw10 (thumbs up) - apparently I need more reputation to actually use the emoji (?)
-
Hmm, you may not be able to upvote but I didn't think there was a restriction on emojis!
-
@stephenw10 you are of course correct. I meant click on the icon which would generate an emoji-like response.
-
@OracPrime said in pfSense throughput performance disparity:
and am connecting with if_pppoe turned on in pfSense 25.07 RC
Your 2100 might be doing even more if it had not to do the extensive pppoe handling.
True, with the current pfSense version a new pppo driver was introduced that was completely rewritten (== faster) as for some reason pppoe doesn't want to roll over and die.
PPPOE is ok as the big CPU overhead was fine back in the old days, where a typical DSL could be anything from 1 to 16 Mbit /sec.
Doing close to a Gbit/sec using pppoe is ... not sure ... madness ? but for some reason some ISPs still use pppoe these days.What if the Fritzbox did the pppoe for you, if it is capable of doing so ?
In that case you set the 2100 WAN interface to the 'simple' default DHCP.
This means you have to NAT twice - if needed, as your pfSEnse WAN would be using a RFC1918 (like 192.168.20.2) -
@Gertjan Did wonder whether that might help and had a quick try a couple of days ago, but for some reason nothing worked. I'd also have to work out how to make the FritzBox direct all the incoming traffic to pfSense for HAProxy routing. I'll dig further.
-
If you use "pppoe" as a WAN connection method, the upstream device, the Fritsbox, is just a modem type device ...
One of the advantages (probably the only one) of using pppoe on the pfSense WAN : the pfSense WAN interface uses the real outside world IPv4.
No need to 'dmz' or 'NAT' or 'redirect' anything to pfSense. Everything will reach the pfSense WAN interface.
-
@Gertjan Are you suggesting I have the Fritz box doing PPPoE and DHCP, which will assign a 192.168.1.X address to pfSenses WAN interface. I can see how that would work for outbound traffic, it's just one more hop. I don't understand how/why the Fritz would route inbound port 80/443 traffic to the pfSense.
-
@Gertjan ok, thanks for the nudge, I've worked it out.
I set the FritzBox to do the PPPoE and act as a router (not that I'm using the routing bit).
I Fritzbox has a 192.167.178.x subnet. Give my pfSense a static IP address on that subnet.
Make sure WAN interface allows "local" IP addresses.
Set the "Exposed Host" setting on Fritzbox to forward all internet traffic to the pfSense box.With just the netgate doing evertyhing I was getting 560 down 900 up.
With this config I'm getting 685 down, 850 up. Which feels better.Thanks for the help.
