Very stumped with slow LAN side
-
It could be a failing piece of hardware somewhere down the line, a switch or access point maybe.
Run a test directly from the pfSense box to test it's WAN side connectivity. To do this try fetching a test file from the command line. For example:
[2.1.5-RELEASE][root@pfsense.fire.box]/root(1): fetch -o /dev/null http://cachefly.cachefly.net/10mb.test /dev/null 100% of 10 MB 1400 kBpsCachefly should be faster than that if you're in the US. Use some other test file you know be sufficient to fill your bandwidth.
I assume you're still getting the full bandwidth on devices connected directly to the Cisco box?
Steve
-
Hi Steve
I haven't been clear, sorry! All the testing I have done has been directly via the LAN connection on the pfSense i.e. with a laptop connected directly to the LAN card and everything else disconnected so if it's hardware it's in the box itself. I've also tested the speed going into the box by plugging out the WAN cable (from the Cisco) and plugging that into my laptop and I'm getting expected speeds. I'm assuming then that it's "something" to do with the box itself. Thought whether hardware or software I couldn't say.
Thank you for the suggestion re the test file - I'm in Ireland and I've just tried that file on a Windows machine and it flies! I'll have to find a bigger one!
Is it possible to gain access to the command line remotely or from elsewhere on the LAN to try that? I have to drive to get there and have to do it on my own time.
I really appreciate you taking the time to reply.
-
Can you plugh a computer directly into the modem to verify that the modem speed is giving you what you think it should be?
-
Thanks for replying!
I have already done so and I am getting the correct speed. Sorry if I'm not being clear! :)
-
Sounds like your port on the wan of your pfsense may be going bad. You can try cleaning the contacts on the wan incase they have become tarnished/rusted/corroded or whatever. I've done that a few times with success with old hardware. Otherwise, see if a new NIC card fixes your problem.
-
Is it possible to gain access to the command line remotely or from elsewhere on the LAN to try that? I have to drive to get there and have to do it on my own time.
Try to run the test that Steve suggested in the second post, from pfSense. You can get to a command line either by ssh'ing into the box (if you have it enabled), or via the webgui diagnostics –> command prompt tab.
Also, in status --> interfaces, look for any errors reported (in/out errors or collisions). What's reported on the WAN Media line there?
-
Yes, look for errors or collisions on either interface. Good suggestion.
If you run the test and find that the box itself can download at full speed then you know the problem is on the LAN side. It could be a failing NIC. You could test that by reassigning the NICs the other way around and re-running the test. You will of course have to be on site to do that.I see from your other thread that you're running a captive portal. I assume that the tests you have done have been from a machine on the pass-through MAC list? If not do that. I once attempted to help another user to diagnose a similar problem, unexplained bandwidth throttling, that turned out to be linked to the captive portal. Unfortunately we never did get it fully resolved. The throttling went away completely if the captive portal was disabled. Try that. There is a bandwidth limiting option within the captive portal settings that seemed to be set even though it appeared not to be.
Steve
-
Try to run the test that Steve suggested in the second post, from pfSense. You can get to a command line either by ssh'ing into the box (if you have it enabled), or via the webgui diagnostics –> command prompt tab.
Hi charliem - I tried a few of these:
$ fetch -o /dev/null http://cachefly.cachefly.net/10mb.test /dev/null 10 MB 2410 kBps$ fetch -o /dev/null http://download.thinkbroadband.com/200MB.zip /dev/null 200 MB 7172 kBps$ fetch -o /dev/null http://download.thinkbroadband.com/1GB.zip /dev/null 1024 MB 7855 kBpsAlso, in status –> interfaces, look for any errors reported (in/out errors or collisions). What's reported on the WAN Media line there?
Zero errors or collisions reported on WAN. Media reads:
1000baseTThank you very much for trying to help! :)
-
Hmm, well you're not seeing the full 150Mbps but 62Mbps is a lot faster than 15. ;)
How does that compare with the same laptop connected directly the Cisco router downloading the same file?Steve
-
Sounds like your port on the wan of your pfsense may be going bad. You can try cleaning the contacts on the wan incase they have become tarnished/rusted/corroded or whatever. I've done that a few times with success with old hardware. Otherwise, see if a new NIC card fixes your problem.
Hi kejianshi
In my previous reply you can see the results of my download tests to the box via the WAN interface from the command line.
The range from 2410 kBps to 7855 kBps which is a big fluctuation! In Mbps it's about 20 and about 63 so a huge difference.
Could a failing card or even a cheap Realtek card cause this, do you think? -
yes - I do think.
There are lots of possibilities of course, but I'd take a bright light and look to see if you see greenish or brownish stuff on the metal inside the WAN port or on the cable connecting to it.
If it turns out to be the port, which is just one of many possibilities, replace it with a intel NIC if possible.
Investigate other possibilities being suggested as well, of course.
-
Hmm, well you're not seeing the full 150Mbps but 62Mbps is a lot faster than 15. ;)
How does that compare with the same laptop connected directly the Cisco router downloading the same file?Steve
Hi Steve
I'm going to go onsite in about an hour to test if I can get the office keys from the office manager, they close at 5 and it's 7:30 here. I really want this sorted and all these nice people can go and play flash games etc. to their hearts' content!
All of you guys/gals(?) are amazing! Thanks so much for the help.
I've managed to acquire two new Intel Gb NICs - don't know what chip yet - should I just go ahead and fit those do you think?
-
New intel NICs won't hurt it.
You will have to reassign wan and lan though. Backup config before you test them.
-
Have just taken out the pfSense box and opened up the Wifi for now.
I will work on the box tomorrow evening and see what gives.I will report back here to let you all know.
Thank you all very much for your help so far.
Colm
