Slow upload on Android devices (edit: all devices)
-
Not sure quite what you meant there.
So there are problems with all wifi connected devices? But not all the same symptoms?
There are no problems with ethernet connected devices?Steve
-
I'm not really sure what the symptoms are. But for example Facebook Messenger is working perfectly, but web browsing and loading Facebook is extremely slow.
Problem is only on wifi.
Edit: I forgot to mention that everything is running in Esxi if that helps. Realised it was a little bit stupid to not mention that…
-
Hmm, so something in the path of the wifi traffic. The access point, cabling, switch, physical NIC in the ESXi host, the virtual NIC setup in esxi.
Has this just started?Steve
-
It might be that I got the problem after restarting the pfsense VM a week ago but all the devices didn't get the problem at the same time. The devices that always are at home are not having problems at all but after they are being used on other Wi-Fi networks it becomes terrible when they are on the home network.
Thank you for your time :)
-
Hmm, OK. So no change in the Network hardware.
Do you use, say, a VPN to protect wifi access in public places that has become the default route for those devices?
Are all the devices using the same DNS servers?More 'out there' suggestion: some of your devices have malware redirecting all their traffic via some other location?
Steve
-
I'm going to subscribe to this thread. All our Android devices and a Windows phone are very slow through our network.
Config:
pfSense 2.1 amd64
Squid 3.3.10 in transparent mode
Squidguard
wpad (but most (all?) devices point straight to squid anyway)Firewall rule logs show nothing blocked and all http traffic going straight to squid with no problem. But my Android very very frequently shows "no connection - retry". Refresh a connection a few times and eventually it works.
This is a common Android complaint so I wasn't sure if it was pfSense or Android's fault but a Windows phone apparently suffers similar symptoms. "The internet is slow" is the complaint I hear.
I occasionally look for a problem in pfSense but there is nothing in squid or system logs to indicate anything is wrong. Speedtest.net indicates good upload and download speeds. It's just random connections that timeout or are very slow.
No hardware changes for me but I've changed the firewall config a bunch of times in learning pfSense so I couldn't isolate what's causing it, and I don't remember if it was ever significantly better or worse.
-
I should add, the sole computer attached via ethernet has no such connectivity problems.
Windows 8.1
connected to pfSense through a VLAN interface on a Cisco SG-200I just ran speedtest on the computer and it gave me ~15Mbps down / 0.79Mbps up, which is comparable to what the Android devices give (~12-13Mbps down / ~2.5Mbps up), both with ~1-200ms ping time. Not sure why the slow upload speed on the PC. Android can give me these speedtest results while before/after still experiencing connectivity in gmail and chrome. Frustrating.
-
Well start off by investigating your wifi setup. Though since you're seeing the full bandwidth it's probably OK. Check your DNS settings, if your android devices are using some external, and slow, dns server that could explain it.
Steve
-
I use DHCP on my devices, with DNS forwarding enabled in pfsense. My DNS servers in the pfsense general setup page are my isp's two DNS servers and then 8.8.8.8 and 8.8.4.4.
I do not have " Do not use the DNS Forwarder as a DNS server for the firewall" checked on the general page. I'm not sure if I should or not.
I don't have an entry in my wifi interface's DHCP server page under "DNS servers".
Nothing filled in under "Dynamic DNS" either.
-
You have a separate wifi access point that is running dhcp?
One thing that might be relevant here is that the Chrome browser is notorious for hanging onto its cache. It could be that you have gone to some other wifi network and chrome/android had cached something that isn't valid on your home network, page data, routing info, DNS etc.
Steve
-
My pfsense box has an Atheros AR9280 (AR5BXB92) card and a 20cm external antenna for an internal wifi interface. The dhcp is pfsense's built in server.
This device is a new Nexus 10 that's only been used on my pfsense network. I used to use a Nexus 7 that had been on a bunch of networks and clearing all cache data worked for about 5 minutes at a time.
And the problem manifests itself on other devices. Windows phone and some Apple things too.
I'll try clearing the android caches again though.
-
Since you're using a card in ap mode the first check the system log and wireless log.
Steve
-
When it happens, the only significant thing in the firewall logs is significant numbers of TCP:PA entries.
The wireless logs look like this:
although to be honest I never look at them and haven't while connections are timing out. I will next time.
The system logs don't indicate anything unusual.
-
Are those all the same wireless device? All those entries within the same second?
At the very least you may want to increase the re-keying interval. I have Key Rotation at 3600 and Master Key Regeneration at 7200, though I originally set that because earlier pfSense versions did not separate the wireless logs and it was spamming the system log. It didn't actually affect wifi performance at all.
In my logs I see, for example, this when a device first comes out of standby and connects:Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** WPA: pairwise key handshake completed (RSN) Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** RADIUS: starting accounting session 52BEED1F-0000035D Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** IEEE 802.1X: authorizing port Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** WPA: received EAPOL-Key frame (4/4 Pairwise) Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** WPA: sending 3/4 msg of 4-Way Handshake Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** WPA: received EAPOL-Key frame (2/4 Pairwise) Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** WPA: sending 1/4 msg of 4-Way Handshake Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** IEEE 802.1X: unauthorizing port Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** WPA: start authentication Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** WPA: event 1 notification Mar 16 15:21:41 hostapd: ath0_wlan0: STA 10:bf:48:**:**:** IEEE 802.11: associatedThen nothing until it times out sometime later, usually having gone back into standby. The only other thing that appears is the WPA rekeying at 3600s (1h) intervals.
Your logs show a lot of handshake failing.
Steve
-
That would have been several devices.
I changed the Key Rotation and Master Key Regeneration this morning. I got similar handshake messages to you, once per device, after I looked after changing the key values.
But still it's slow. Like dialup slow or slower for the initial connection. And e.g. it's even slow to connect to pfSense GUI, to the point of timing out frequently. Just viewing system log pages and firewall aliases, not doing any config changes etc. My pfSense is via https, but not on port 443.
Sometimes it's better, like last night it behaved like a "normal" broadband connection should. And then this morning, timing out and slow connections but reasonable, not great download speeds once a connection is made.
I had to leave but will continue to investigate when it goes bad.
-
You have good signal strength? Multiple antennas? Did you set the antenna connector numbers correctly?
Steve
-
Single TP-Link ANT2408C antenna. It's a big one. Good signal strength, devices mostly used in the same room as the antenna. I will check the connector numbers but like I say, signal strength is good and the problem persists.
-
Ah, well definitely check the antenna selection then. I belive the default setting is to use one connector for Tx and the other for Rx. If you have only the Tx antenna connected you may well see great signal strength at the wireless device end but almost nothing being received back. Not sure how that would affect usage. It usually ramps down the connection speed until it sees consistent traffic but if it's seing a huge signal coming in perhaps it keeps trying to move back to a faster rate.
I only have one antenna and setting the Tx and Rx to use the correct connector (and diversity disabled) gave a huge improvement.
Steve
-
Maybe that's it- I thought it was a choice of 1 antenna connected to either jack or 2 if you wanted a 1x1 vs. 2x2 and the Atheros card would auto-config.
So I should connect a second cable and antenna? Easily doable for about $30. I avoided a second cable because it would mean drilling holes in my case, which is short on space anyway. No big deal though.
The antenna is giving me about 46-53dBm on channel 1 (both tx and rx) and 60dBm on channel 2 according to a wifi analyser app.
-
Diversity is gone from 2.1? I couldn't find it.
