Pfsense slow

arnoldg · Apr 12, 2015, 1:34 PM

Hello,

I have setup a new pfsense machine.
It is an intel core 2 duo at 1.8 Ghz
running pfsense 2.2

i have enabled captive portal, squad and squidguard.

after a couple of houres the internet speed is dramatic slow.
after reboot, uninstall all packages nothing helps.

why is it so slow.

please need some help with this problem.

i installed the old computer again.
wich is an AMD Athlon 64 X2 Dual Core Processor 4200+
2 CPUs: 1 package(s) x 2 core(s)

This system is running now for 3 years and never had trouble with this setup.
Now i wich to upgrade and i encounter speed issus on the internet side.

the problem is that on the wan side i have 4Mb speed.

doktornotor · Apr 12, 2015, 2:25 PM

Afraid that "dramatic slow" is a completely useless description. What do you mean by "dramatic slow"? Latency? Speed? What's the resource usage on the firewall box when it's "dramatic slow"? Have you tried WITHOUT the proxy beep?

arnoldg · Apr 12, 2015, 6:02 PM

Normal the speed on the lan side is about 3 to 4 mb.
On the new box there is only 500kb left over.

The cpu load is around 1%
On both machines

doktornotor · Apr 12, 2015, 6:35 PM

LAN -> LAN communication does not go through the firewall at all… Please, describe your issue in a meaningful way. You also ignored most of the questions already asked.

arnoldg · Apr 12, 2015, 7:08 PM

well let me try to explain it better.

on my old pfsense box, when i surf the internet i get speeds around 4Mb. this is the max speed of our ISP
when i surf the internet on my new pfsense setup with all the packages disabled i get speeds of about 500Kb.

i hope this explanation of the problem is better

cmb · Apr 12, 2015, 11:00 PM

What type of NICs in both systems? That's such a tiny amount of bandwidth the specs in general don't matter, but junk NICs could cause issues along those lines in atypical cases.

If the config is identical between the two systems, maybe the most likely issue is something about one of the NICs in the new system not playing nicely with what it's plugged into (most commonly, the WAN NIC and your modem). That's nearly unheard of with quality NICs, but the random cheap ones it happens from time to time.

arnoldg · Apr 13, 2015, 6:04 AM

I will look into that.
Can i see it in the software what kind of Nic i have, since the live pfsense machine is not at my home.

a not to the previous problem is.

lan -> lan goes good and fast
lan -> pfsense goes slow (500kb)
lan -> wan goes slow (500kb)

arnoldg · Apr 14, 2015, 5:29 AM

there is a build in network card type and brand i don't know and i can't find it.
the Lan network card is a TP-link with a RTL8139D chip on it.

cmb · Apr 14, 2015, 5:49 PM

@arnoldg:

Can i see it in the software what kind of Nic i have, since the live pfsense machine is not at my home.

Go to Interfaces>assign and you'll find the driver in the NIC's name, which is enough to know. Something like em0, re0, rl0, etc.

@arnoldg:

there is a build in network card type and brand i don't know and i can't find it.
the Lan network card is a TP-link with a RTL8139D chip on it.

The built-in one may or may not be decent, depends on the motherboard.

The Realtek RTL8139 cards generally work OK if you don't need much performance (though they're slow, not nearly as slow as what you're seeing), but they're possibly the worst quality NIC hardware ever made. Some of them are worse than others. Personally, I'd replace that NIC. They're cheap, low-end desktop components, not meant for serious usage.

arnoldg · Apr 15, 2015, 1:26 PM

Maybe could you advise me a not so excpensive nic ?
then i go put 2 of them in the box.

Could the speed problems com from the harddisk, this is an old 2,5" laptop harddisk.

almabes · Apr 15, 2015, 2:31 PM

There are any of a number of potential problems hampering your performance.

As Chris pointed out, the NIC could very well be an issue. Realtek NICs are crappy, but usually adequate for most low bandwidth (read your) applications. Intel NICs generally work well. I have had very good luck with them.

You mentioned the hard drive as a potential cause. Was your hard drive having problems before you used it in the firewall? Has you firewall lost power a few times?

Just last night, I had to rebuild a pfSense box at a customer location that had lost power several times in a row. The DHCP server crapped out, the webconfigurator died, and their firewall would inconsistently pass traffic, which made their SIP phones expensive paperweights.

arnoldg · Apr 15, 2015, 7:27 PM

Could one of these card,s be the right one.
It looks like they are all intel cards.

http://www.serverhome.nl/parts/network-switches/intel.html

Maybee one of the dual lan cards

almabes · Apr 15, 2015, 7:41 PM

Any of the Pro 1000 MT cards should be fine, as long as they fit in your machine.

arnoldg · Apr 16, 2015, 7:27 PM

i see what you mean, they are all specific for servers.
now i found this one in the netherlands

it's a Intel PRO/1000 GT Desktop Adapter
http://shop.sww.nl/intel-pro-1000-gt-desktop-adapter.html?source=tweakers
do you think this one is also good ?

almabes · Apr 16, 2015, 7:30 PM

Yes. Should be fine.