Slow internet!! HELP.
-
Perhaps the "router" (box between pfSense and the Internet) is relying on flow control to stop the downstream box swamping it. As Gob suggested, it would be good to check the requirements the router places on downstream equipment.
I find it hard to guess why a pfSense box would triple the ping times. Apart from the speedtest apparently using a different server, what is the difference between the two tested configurations?
Does the pfSense box have plenty of idle time? (Perhaps its way underpowered; perhaps you have inadvertently started some sort of CPU hog on it.)
It's a ONT, not a router. ONT > Pfsense > Switch > two computers.
Pfsense is on a box with 2Ghz processor and 1GB ram, and its hardly using any of the resources.
There is no difference between the configurations I used with pfsense and untangle other then the port speed. If you know some way to let me set 50Mbps full duplex or 100Mbps half duplex on both the LAN and WAN, let me know.
-
Alright, this is annoying me. If anyone can actually help me out, I would appreciate it (PM me, I'll give you SSH if you are trustworthy.)
It is starting to look like pfsense can't put more then 300KB/s download per connection. It's not a global thing - I can have multiple downloads running at 300KB/s.
It's not my ISP because this was not happening with untangle after setting the correct port speeds, or with the default router my ISP provided me (Which I replaced because of the small NAT table.. and I hated the router).
-
I'm happily pushing in excess of 20 Mb/s through my pfSense box without problems. It certainly isn't a pfSense limitation.
I wonder if you've got a hardware problem - can you swap the NICs for some Intel (server grade) cards?
-
I don't own any intel cards, and as I said I've tried another NIC with no luck.
Plus I don't see why it would be a NIC issue if I'm pushing 20Mbps up, and only 300KB/s down per connection.
-
It is starting to look like pfsense can't put more then 300KB/s download per connection. It's not a global thing - I can have multiple downloads running at 300KB/s.
I routinely run 900KB/s + on my system on per connection. Have another box you could try? Maybe swap the harddrive of your pfSense box into the one your running Untangle on…
-
Perhaps you don't understand what I'm saying?. Untangle gave me my full connection on the same box, same hardware. It's not a hardware issue.
Might be a driver issue, but not sure.
The "problem" I believe is the ONT is only capable of 10Mbps, 100Mbps and 1000Mbps. PFSense tries to negotiate it at 1000Mbps on a 100Mbps card.
Now, the solution to this is to set it to a certain port speed. Unfortunately PFSense seems to not be able to set it correctly, when I try setting both lan and wan to 100Mbps half duplex, it reverts the configuration back to the old.
It cant be one or the other for whatever strange reason, I had that same issue with untangle - it was either both cards or none at all. I can set the WAN to 100Mbps half duplex, but not both. I tried switching the LAN cards as well, but it still reverted back.
So I'm guessing running both cards in half-duplex 100Mbps is impossible on PFSense?.
Edit: Ah, just realized the last part of what you said. I replaced the untangle OS/Distro with PFSense.
-
The "problem" I believe is the ONT is only capable of 10Mbps, 100Mbps and 1000Mbps.
This is not surprising since these speeds are the only "standard" Ethernet speeds (except for 10Gbps).
PFSense tries to negotiate it at 1000Mbps on a 100Mbps card.
How did you determine that? Which card? What is the driver name in pfSense?
Now, the solution to this is to set it to a certain port speed. Unfortunately PFSense seems to not be able to set it correctly, when I try setting both lan and wan to 100Mbps half duplex, it reverts the configuration back to the old.
How do you set both lan and wan to 100Mbps half duplex? When does the configuration revert back to the old?
It cant be one or the other for whatever strange reason, I had that same issue with untangle - it was either both cards or none at all. I can set the WAN to 100Mbps half duplex, but not both. I tried switching the LAN cards as well, but it still reverted back.
What LAN cards have you tried?
Are you sure your "switch" is really a switch and not a hub? Hubs have simpler electronics than switches and have to operate in half duplex. Switches can normally operate in either full duplex or half duplex.
-
The "problem" I believe is the ONT is only capable of 10Mbps, 100Mbps and 1000Mbps.
This is not surprising since these speeds are the only "standard" Ethernet speeds (except for 10Gbps).
PFSense tries to negotiate it at 1000Mbps on a 100Mbps card.
How did you determine that? Which card? What is the driver name in pfSense?
Now, the solution to this is to set it to a certain port speed. Unfortunately PFSense seems to not be able to set it correctly, when I try setting both lan and wan to 100Mbps half duplex, it reverts the configuration back to the old.
How do you set both lan and wan to 100Mbps half duplex? When does the configuration revert back to the old?
It cant be one or the other for whatever strange reason, I had that same issue with untangle - it was either both cards or none at all. I can set the WAN to 100Mbps half duplex, but not both. I tried switching the LAN cards as well, but it still reverted back.
What LAN cards have you tried?
Are you sure your "switch" is really a switch and not a hub? Hubs have simpler electronics than switches and have to operate in half duplex. Switches can normally operate in either full duplex or half duplex.
Yes.. I'm sure its a switch.
I edit the configuration file in cf/conf to change the port speed. I was doing it right since I could do each of them separately but not at the same time.
As for how I determined it was at 1000Mbps… it told me in the status - interfaces page.
Right!. New issue!.
In/Out errors on WAN: 90109/0
In/Out errors on LAN: 1/0
Something is obviously wrong. It's not the card - I've tried another one.
-
I suspect its unlikely that an interface not capable of operating at 1000Mbps would negotiate to operate at 1000Mbps. Regardless, there is almost certainly a problem on your WAN link with that error count. Do you have the correct cable for the link between ONT and WAN interface of pfSense? Should it be crossover or straight through?
-
Have you tried a switch inline between WAN and ONT?
-
@Gob:
Have you tried a switch inline between WAN and ONT?
Assuming you mean directly accessing the ONT or changing the ethernet cable… no. Seeing as it was working 100% fine 3 days ago with untangle. I'm not trying to turn this into a pfsense vs untangle thread, since I like PFSense better then untangle by a mile - it's just I'm getting tired of people assuming the issue is hardware related when I've already said multiple times it worked fine before.
wallabybob:
The network card on pfsense is 100Mbps. The ONT can reach 1000Mbps speeds. PFSense was reporting it was linked at 1000Mbps. Obviously it can't reach those speeds, so its just bad negotiation.
Like I said above, same configuration that I was using for untangle 3 days ago that worked.
Is this a driver problem?.
-
"I had this issue with untangle, and I found limiting both WAN and LAN to 50Mbps total transfer speed (cant remember if it was half duplex or full duplex, I believe half) fixed connection issue."
Your first post tells me you have a hardware problem.
Roy…
-
Seeing as it was working 100% fine 3 days ago with untangle. I'm not trying to turn this into a pfsense vs untangle thread, since I like PFSense better then untangle by a mile - it's just I'm getting tired of people assuming the issue is hardware related when I've already said multiple times it worked fine before.
At least two people have pointed out their pfSense system gets much better bandwidth than you are able to report. So what's different about your configuration that causes you to get much lower bandwidth? pfSense software is common so perhaps its a device driver that you are using that others aren't using. Perhaps its "hardware". Perhaps you can suggest something else.
About working 100% fine 3 days ago with untangle: did you ever check the "wan" error counts in untangle? If not, how can you be sure you didn't just find a mode that worked "well enough" rather than one that worked 100%?
If you are not prepared to allow the possibility that there might be "hardware" error in a configuration that apparently should work correctly in full duplex mode but requires half duplex mode to give "good enough" performance then I think I'm probably wasting my time continuing the conversation. I'm not saying it must be a hardware problem, but it does look like one to me.
Is this a driver problem?.
Maybe. What are your interfaces (e.g. WAN is xl0, LAN is de0)? (This information can be obtained from the WEB GUI: Interfaces -> Assign or Status -> Interfaces or provide the output of the shell command ifconfig -a)
You haven't yet answered my question about the cable to the ONT: are you sure you have the correct cable (including that the cable is not too long etc)?
-
It's a 25 foot ethernet cable, CAT5-E.
LAN sis0 WAN dc0
If it is a hardware error (and I doubt this because I've tried another network card), then I won't mind if I can get it to work "well enough".
-
Could you try calling your ISP and asking them to put the ONT-downlink port you are using to 100MBit FDX static instead of autonegotiate perhaps ?
-
Please try a new network cable, just to rule it out.
And route it differently than you have now.
-
Why is everyone here so useless?. I might just try endian.
I wonder which part of "WORKED 100% FINE THREE DAYS AGO ON ANOTHER ROUTER SOFTWARE" people failed to understand. This is getting me nowhere.
-
thanks for sharing your supreme knowledge with us menial people.
-
darksoul - it's simple - you've already highlighted that the original platform had problems and since then you've switched OS (and hence drivers etc). According to your own posts it hasn't worked "100% fine".
So, if you're unwilling to accept that you may be wrong and unwilling to work with us to help find the problem I don't think anybody's going to miss your attitude ::)
If on the other hand you're willing to work with us and accept that we need to rule out hardware issues, feel free to stay and be constructive.
-
just out of curiosity, you do not have squid installed. Now I want to do ping the dns server of your internet when downloading and published when the latency.
