WAN Performance Problem
-
Are you able to saturate the WAN link with multiple concurrent TCP connections?
No. tried with JDownloader, get always not more than 50-60Mbit
What is the real inrterface name of the pfSense WAN interface (e.g. fxp1,le0, …)?
de0
Can the hypervisor provide a PCI passthrough mode which would give pfSense direct control of the WAN interface (bypassing the virtual switch)?
No. Only Server 2012 has the Option to make use of single root I/O virtualization (SR-IOV).
-
What is the real inrterface name of the pfSense WAN interface (e.g. fxp1,le0, …)?
de0
Does the hypervisor give you the option of emulating other NICs? If its available, I suggest you try emulating Intel gigabit NICs.
-
What is the real inrterface name of the pfSense WAN interface (e.g. fxp1,le0, …)?
de0
Does the hypervisor give you the option of emulating other NICs? If its available, I suggest you try emulating Intel gigabit NICs.
Unfortunately, pfsense doesn't support this NIC driver yet..
-
A good NIC is a NIC that works best is most vetted and most supported while still providing most of the speed you need. So, good ones are old ones and old ones are dirt cheap. Like $20 cheap.
-
A good NIC is a NIC that works best is most vetted and most supported while still providing most of the speed you need. So, good ones are old ones and old ones are dirt cheap. Like $20 cheap.
Sure, but pfsense is a virtual machine. I talk about virtual NICs and the Hyper-V synthetic adapter (similar to the vmx3 adapter in vmware) is not supported by pfsense.
-
I had issues get the 64 bit version of 2.1 to work well in ESXi. Kept dropping connectivity and going offline with multi-wan especially. For me, the 32 bit version was much better and worked right away. But I one on 32 bit version, I didn't hit any of your problems.
Haven't had much more than a couple of installs though. Not hardly the 2.1 expert. -
I tested also with 2.0.3, same result…
-
So the DEC NIC is the only other choice? (Edit: it seems it is: link) The de(4) driver is old and supports many different cards, I've seen it give trouble before on real hardware. I agree with Wallabybob this could well be your problem.
You should try testing the bandwidth from the pfSense VM directly so that you're only tesing the WAN connection. You can do this by downloading a large file from the console:[2.0.3-release][root@pfsense.fire.box]/root(2): fetch -o /dev/null http://download.thinkbroadband.com/50MB.zip /dev/null 100% of 50 MB 1961 kBps 00m00sThat file works well for me in the UK, you may have to choose something else.
Steve
-
Have you tested any other VMs using the legacy NICs?
The legacy network adapter requires processing in the management operating system that is not required by the network adapter.
Hard to believe it could slow it that much but you never know….
Steve
-
I don't think that the problem is caused by the legacy adapter. If this would be the case, i had also performance issues on the internal NICs, right?
I did the test you suggested. Not sure if i can test a 100Mbit internet Connection using a single file download..
$ fetch -o /dev/null http://download.thinkbroadband.com/50MB.zip
/dev/null 50 MB 1836 kBps -
I don't think that the problem is caused by the legacy adapter. If this would be the case, i had also performance issues on the internal NICs, right?
Some time ago I fired up a pfSense VM under VirtualBox running on Ubuntu Server 12.04. I setup some tests but they "didn't work" A packet capture running on the pfSense console showed packets given to the WAN interface but no responses. After some further investigation I decided to change the type of NIC VirtualBox was emulating from the default (an AMD NIC) to Intel Pro/1000. The tests then worked. I didn't investigate further because it wasn't my purpose to debug the interactions of the appropriate FreeBSD driver wit the VirtualBox emulation of an ancient AMD NIC.
I expect someone in the VirtualBox team has tested the emulation of that AMD NIC with either Windows or Linux (or both) so I wouldn't extrapolate my experience to other guest operating systems. Interactions of the FreeBSD used in pfSense with the hypervisor NIC emulation won't necessarily be a good guide to the interactions of other guest operating systems with the hypervisor's NIC emulation. Running on "bare metal" has fewer things to "go wrong" than running in a Virtual Machine.
But since you don't seem to have any capability to change the type of NC emulated by your hypervisor my experience is probably of no practical interest.
-
I don't think that the problem is caused by the legacy adapter. If this would be the case, i had also performance issues on the internal NICs, right?
The WAN NIC is the only one that has to actually talk to the real NIC. That will no doubt involve far more code that the internal NICs. It could be that pfSense is trying to do something hardware specific to the DEC interface and Hyper-V has to somehow translate that to the real NIC. Linux/Windows drivers may not be doing that same things. It may be possible to stop it trying to do low level hardware stuff. For instance try disabling all the hardware cpu offloading features.
I did the test you suggested. Not sure if i can test a 100Mbit internet Connection using a single file download..
$ fetch -o /dev/null http://download.thinkbroadband.com/50MB.zip
/dev/null 50 MB 1836 kBpsThat seems very low for a 100Mbps connection. What speed can you download that file directly connected to the modem? Thinkbroadband are in the UK, are you? I can max out, or get close, with a single connection.
Steve
-
Directly connected i have also the full performance (connection is a bit shaky)
-
Now i'm testing the custom build decribed in this thread:
http://forum.pfsense.org/index.php/topic,56565.0.htmlThat one rocks! Let's see if it's stable…
-
Ah nice. You getting full WAN bandwidth then I take it? :)
Steve
-
Yes. I now got a 150MBit line, even this is now possible. Unfortunately, creating VLANs is still not possible.
