50% performance hit on overall throughput.
-
Ok well out IT shop isn't large enough for a true segregation of duties.. so yes I've terminated all my cabling for at least the past decade. Who doesn't use Black Box/Belkin rj45's and true 550mhz Cat5e? Ratcheting crimpers are a must. I forget my kids birthdays.. but I'll remember the T568B color code forever.
Seriously yeah… cables going bad just hasn't ever really been a problem since a job I had in 2001 where we'd have to re-punch wall jacks quite often. But thinking back I have no clue what they used for infrastructure cabling so.. hell it coulda been Cat3! lol.
-
ha
Bad cable issues have bitten me more than once. It just seems like an item like that should not just go bad but I guess they do.
I worked on an issue once that drove me crazy, spent 100's of dollars on new equipment and the issue turned out to be a $5 dollar cable. I felt like ass not figuring it out sooner :) -
Remember it's the basics. Splicing a cable in itself it not bad if done right (although I prefer a continuous cable). If you just twisted the wires together to make a electrical connection then you are going to get reflections causing retransmits. If you have a managed switch, depending on the kind you have you should have been getting errors.
Guys, I apologize. I am normally quick to anger but this past week/weekend was worse and coupled with these weird friggin issues made things worse for me.
Since I'm an admin in IRL, I chose to work with computers 15 years ago because I lack the people skills to work with people. That said I tend to try three handfuls of things in trying to resolve a problem but I don't always explain every one of them. I play the assumption game.. like since I am posting here I assume you guys would know certain things like the not trying to test my throughput while my kids are streaming youtube and the like.
I get irritated by questions like Mikeisfly posted because I find some of them beneath me. However I've done my stint in technical support, I know you must treat every caller as an idiot. That would work here too so if I had a perceived tone then I'm sorry.
Suncatalyst: Another poster here mentioned he had to force/lock speeds and duplexes on his PF box so I don't feel that that is meaningful of a problem.
cmb: Aside from these last couple posts from overnight I don't see where I have not answered someones question. During the time I was running the OOkla tests I do not know what the WAN chart was showing. I was running them at around 2:30am EST.. tv's, and other computers were all off. Something would have had to be sucking down data at what.. 15-20mbps in order to cause Ookla to stop at 21mb itself. Additionally I never used the word savior.. I was pissed and tossed them out there as alternatives to Pf the product. I thought that was obvious.
Supermule: I'm not sure I follow you here.. I'm not monitoring any IP.
Mikeisfly: 1. Interface status are good, up, full duplex and 1 gigabit.
2. To my knowledge no.
3. Shortly.
4. That night all were under 5ms with the occasional spike to 10ms
5. Ok I guess, no observed weirdness or change from normal
6. I can this evening
7. I have 60mb, but actual like to the modem is 1gb, link from modem to cloud.. no way of knowing.
8. Link to.. what?
9. All of my cables are pre-made save for the one feeding the WAP, I spliced it late one night because I did not have my crimpers at home. While I've never had a problem with splices in the past I can terminate it correctly tonight and see if that was it.
10. Cisco DPC3208
11. Public IP
12. Honestly I have no rules except the builtin couple.
13. No it's an upgrade from 2.1.2
14. 2.1.4
15. Windows 8.1Pro, Windows 7 Pro
16. Hell no! Why would someone do that with a PF box?Just to clear up some of the points that I was making:
4. When pinging your gateway I would expect the ping time to be around 1ms or less consistently.
8. Typically most people connect their PfSense box to a Switch which is the aggregation point for all the devices on their LAN.
16. You have to think of your firewall like a draw bridge. You are safe from your enemies out side your kingdom but if one of your machines inside your LAN is infected, because you aren't running a personal firewall on your machine your vulnerable.I would like to see a diagram of your network. Remember double natting (this is unnecessary packet processing) is not good either.
Just as a side note don't take it personal when people ask you for information, you have to remember that most people on these forums if not everyone; don't know who you are, your background … . So when people are trying to help you we need to gather as much information as possible without being able to gather the data ourselves. Especially CMB (He is a founder dude!) I like to solve problems on my own but sometimes that is not possible, so we are fortunate enough that we have a place to go, where us networking geeks can get our geek on. Sometimes I come on these forums and just read other peoples issues and fixes just to add to my virtual tool kit. I know IT people (me included) like to act like we know it all. No one can know everything so we are luck to have this resource.
Thanks PfSense Team! I challenge everyone to donate some money to the team if you our enjoying this software. I have already made donations and I'm going to make another right now.
-
True Jason.. to a point. I've been in IT professionally for over 15 years. I can count the number of actual bad patch cables I've run into on less than two hands.
It is pretty unusual but not that unusual if you're in a scenario where you deal with a lot of networking. Via working with our support customers, I see roughly a handful a year, not that many considering the number of boxes. I've been drawing an IT paycheck for roughly 17 years and probably haven't hit triple digits on bad patch cables yet.
This end result, with something you mentioned earlier, is making me wonder - you mentioned forcing it to gigabit, was it only negotiating to 100 Mb full duplex before you did that? That's precisely what a CAT5 cable would do. Probably half the confirmed patch cable issues I've seen in recent years were CAT5e or 6 cables that had an issue of some sort that prevented gigabit negotiations, they acted as a CAT5 (non-e) cable would in that scenario. Worked fine at 100 Mb though. Trashing and replacing the cable fixed.
If you were at 100 Mb, and forced an inadequate cable to gigabit, that'd explain everything. If you're negotiating to 100 Mb with two gigabit devices, your cabling is almost certainly the issue. Don't force in that circumstance (or really most any circumstance, people break more than they fix there).
Also I'd trash rather than replace the ends on any cable that's giving you issues. Yeah most likely the ends are the problem unless some part of the rest of the cable has sustained visible physical damage or excessive twisting, but IMO it's not worth taking the chance (well, maybe at home).
-
I've seen in recent years were CAT5e or 6 cables that had an issue of some sort that prevented gigabit negotiations
We had to wire a whole section of a data room over because the installers used zip-ties and jacked up the cables clear to the wire tray entries.
-
Yeah no ya'll make perfect sense. cabling is that one thing that is just there.. never really think about it unless I'm having to make a new patch cord. I still have a few dozen feet of Cat6 on the spool.. I'll make new and replace my wan, lan and wap cables with cat6 and see what happens.
-
If the connection is forced to 1Gbps FD but the cable is not up to it, for whatever reason, would you not expect to see errors on the interface? Does the bge driver have sysctl stats like Intel does? (I don't have one here to check). Edit: Yes is does on dev.bge
I would expect to see some evidence of a problem other than just a seemingly slow throughput from a bad cable. Interesting reading this thread though, a useful diagnostic exercise. ;)
Steve
-
Swapped out cables at lunch.. if I specify auto negotiate the port flaps. If I reset to 1gig/FD I have to restart the modem and Pf before they link up.
-
Try a switch between the modem and pfsense.
-
This post is deleted! -
i could add a switch.. and I might have to try it. But I don't relish the idea of leaving yet another electricity consuming device in there for something as trivial as that.. when hard setting the speed/duplex works too.
-
Oh, I misunderstood. If it's all working to your satisfaction, then yeah don't try adding a switch. I thought you were still unhappy with the performance.
-
nah the new cabling alleviated that. I'm rocking out with my **** out now!.
-
REVO South Africa dude???
nah the new cabling alleviated that. I'm rocking out with my **** out now!.