Slow download speeds - upload is fine
-
Hi all,
New to PFsense and just testing it out.
Currently I am running it inside an ESXI host using the standard live CD - installed it to the Guest's 20GB hdd and so not a "live CD" any more.
I have assigned the Firewall 2 cores (@2GHZ) and 2GB memory. (xeon E5 2620).
Wan port is a dedicated port for the Firewall which goes straight to the Bt Infinity VDSL white modem and the inside interface is shared with another VM but it’s a Gig port with very little traffic so no bandwidth issues there.Now the problem:
Download speeds on speedtest.net cap at about 7.5 Mb while uploads use the full 16-20Mb.
Usually Download speeds are closer to 70-80Mb.
Annoying to say the least!
I have monitored the resources and CPU usage on the FW and it has not been over 9% as far as I can tell.
So I don’t believe it’s a resource issue or bottleneck in the system.
Any thoughts on what I can look at? -
Interesting actually that while the PFsense box reports less than 9% usage at all times on the dashboard the ESXI box is reporting quite big spikes in CPU usage.
although this is still not 100% utilization.
![FW1 CPU.JPG](/public/imported_attachments/1/FW1 CPU.JPG)
![FW1 CPU.JPG_thumb](/public/imported_attachments/1/FW1 CPU.JPG_thumb) -
Are you running any packages? Do you have any traffic shaping turned on?
-
Are you running any packages? Do you have any traffic shaping turned on?
Running Snort but it is the same with it turned off.
also I checked and no traffic shaping.
-
-
-
Is the pfSense VM doing PPPoE through the modem?
Try running a download test straight from the pfSense console to determine if the limit is on the WAN or LAN interface:
[root@pfsense.fire.box]/root(2): fetch -o /dev/null http://download.thinkbroadband.com/50MB.zip /dev/null 100% of 50 MB 1961 kBps 00m00s
The first thing I would look for is an duplex/speed mismatch on one of the interfaces. Run ifconfig and check that everything is at auto-negotiated full duplex.
Steve
-
-
Probably something at BT's end. If you are on their entry level tier (option 1) they may have switched you to CGN (carrier grade NAT) which could have caused some issues somewhere.
http://www.thinkbroadband.com/news/5818-bt-retail-in-carrier-grade-nat-pilot.htmlSteve
-
Probably something at BT's end. If you are on their entry level tier (option 1) they may have switched you to CGN (carrier grade NAT) which could have caused some issues somewhere.
http://www.thinkbroadband.com/news/5818-bt-retail-in-carrier-grade-nat-pilot.htmlSteve
Thanks mate but I highly doubt it was something to do with BT.
I am on their business service with a static IP and for them to compromise their service that they provide to me would be a pretty big mistrust issue.
I think it was something to do with how the firewall was treating packets and the fact that the firewall had just been running for a couple of hours.