Lan network very slow
-
You could probably pm me the config.xml file or just attach it here, after you've removed all the passwords, private addresses etc.
I can't promise anything though. ;)Steve
-
send you a pm, because i don't know how to remove privacy information like passwords and ssh information.
-
Ok, so looking thorough your config file my best guess here is that the limit you are hitting is caused by the ezshaper section at the bottom. You have the total upload and download set to 8Mb and 4Mb but since that's from the point of view of the LAN intreface that would be an 8Mbps download speed for clients. Then you have the bandwidth limiter set to 15% which would be 1.2Mbps, close to what you're seeing. For some reason your traffic is being caught by this. I'm not sufficently familiar with the traffic shaper to say quite what has happened here.
A simple test would be to change the 15% to, say, 30% and see if you see double the throughput. I'm not sure where that fingure would be stored though, you'll have to hunt around for it. ;)Steve
-
and where can i find the settings vor ezshaper.
I searched the config file and changed the up and download speed, even alterd the % now going to try if this give us a performance boost.
-
This is what i made off it.
for a while it looks good, but i'm trying to monitor it through the day
<step5><enable>on</enable> <bandwidth>80</bandwidth> <bandwidthunit>%</bandwidthunit> <aimster>on</aimster> <bittorrent>on</bittorrent> <buddyshare>on</buddyshare> <cutemx>on</cutemx> <dcplusplus>on</dcplusplus> <dcc>on</dcc> <directconnect>on</directconnect> <directfileexpress>on</directfileexpress> <edonkey2000>on</edonkey2000> <fasttrack>on</fasttrack> <gnutella>on</gnutella> <grouper>on</grouper> <hotcomm>on</hotcomm> <hotlineconnect>on</hotlineconnect> <imesh>on</imesh> <napster>on</napster> <opennap>on</opennap> <scour>on</scour> <shareaza>on</shareaza> <songspy>on</songspy> <winmx>on</winmx></step5> <step2><uploadscheduler>PRIQ</uploadscheduler> <connupload>100000</connupload> <connuploadspeed>Kb</connuploadspeed> <conndownload>100000</conndownload> <conndownloadspeed>Kb</conndownloadspeed> <conn0downloadscheduler>PRIQ</conn0downloadscheduler> <conn0interface>lan</conn0interface></step2> -
Like I say, I'm not sure quite how those parts of the config file are generated. The traffic shaper is IMHO the most confusing part of pfSense. ;) I'll have to do some experimentation on my test box here.
You saved that config file and then forced a reload (or rebooted)? If the speed has increased then that certainly looks like the problem. The question now is why is catching your traffic when it looks like it should only be catching P2P traffic and what changed 3 weeks ago that caused it.Steve
-
Lan speed is a bit faster but wan speed is almost the same, when monitoring with traffic speed i get around 800kb.
I think the problem occured after upgrading the software.
-
Here some pictures from speedtest.net
The fastes is with captive portal turned off
The slowest is with captive portal turned on
-
Ah, OK. So with captive portal turned off you are getting full speed?
I had a play around with the traffic shaper this afternoon and I'm not really sure why you traffic seems to be being caught in it. I expected to find you had the 'catchall' selected but you don't appear to have.
Looking at your config file and comparing it with mine, generated by the wizard, there are many differences that I'm failing to explain. I think the easiest thing at this point would be to remove the traffic shaper completely, remove the <ezshaper>section from the config file manually and reapply the wizard. After backing up the config of course. ;)Unless anyone else has any ideas?
Steve</ezshaper>
-
i removed the ezshaper section, but this didn't solved the problem.
Is there a way to reinstall a early version of pfsense which worked ok for me.Then i will reinstall that verion and hopfully that one will work again ok.
Or some body else should have the solution, or a fix for the problem.
-
Need some help on this one !!!
-
You mean is there a way to downgrade remotely? I don't think so, though I've never tried.
Steve
-
i'm curently on 2.1.3 so i thinking of going back to 2.1.1 that is the latest working version so far i can recal.
But will it working again.there should be a solution for my problem.
-
I take it the site is a long way from you?
Reinstalling might be the only way to downgrade, I wouldn't go to 2.1.1 though that was the version vulnerable to Heartbleed. I guess it wouldn't be a problem if you upgraded immediately.
If you have removed all the traffic shaper rules from the webgui and the ezshaper section from the config file there shouldn't be any shaping happening. :-\ Is there anything left in the current config file?
Steve
-
You need to remove that attachment it should not be public.
Steve
-
The config file still contains the <shaper>section complete with all it's queues. It seems likely that your traffic is being diverted through one such queue for some reason. Though without any rules to do that it;s hard to see how.
Lets review:
Disabling the captive portal allows traffic to flow at full speed.
Removing all the traffic shaping rules via the webgui hasn't helped.
Changing the p2p ezshaper percentage did have an effect? Interestingly going through the wizard, 15% is the highest valid number there anyway.Interestingly the captive portal is the only part of pfsense that uses ipfw and not pf because it has to operate at layer2, I wonder if that is the cause?
You could try removing the shaper section of the config file and reloading/restoring. However manually playing with the config file will almost inevitably eventually lead to the box failing to boot due to some typo etc. If you remove the queues and something is still trying to use them what happens?
If you do try, replace:
<shaper>…...
.......</shaper>With simply:
<shaper>Steve</shaper></shaper> -
So <shaper>should be replaced with <\shaper></shaper>
-
No. In your config file the shaper section has opening and closing xml tags:
<shaper>all your shaper queues</shaper>In my config file, from a box that doesn't have traffic shaping, I have only one tag that's different to either of yours:
<shaper></shaper>I guess this designates that shaper section is empty or undefined.
Steve
-
Next week when i'm back on the camp site i go try this. I don't want to try this when i'm not around.
Or is it safe to do it remotly? -
If you can wait I would do so.
If you're on site I would first try a re-install and restore of 2.1.3. If you look at the backup/restore section in the webgui you have the option of backing up each part of the config file separately. You can then restore each part testing at each stage.
For your config the major parts that you'd rather not have to reconfigure manually are probably, DHCP server - with all the static leases you have, firewall rules and captive portal.
Take install media with you anything you might need. If you have a spare HD take that and swap it out so you can always fall back to the old one. :)Steve
