* MultiWan strange behaviour - Very annoying *
-
Hi everyone,
I am having extremely weird behaviour with my MultiWan setup and was wondering if anyone could help me. I have a 220mbps Cable Connection + 37mbps Fiber connection (ironic, I know). It just happens that I cancelled my provider but since I have paid for the month, I have the old 37mbps line still left over.
I've decided to make best use of it, and play around with it by setting up MultiWan via pfSense. To do this I went to the usual method of creating a gateway group, and setting it as the default gateway in the firewall rules for ipv4. This worked perfectly fine at first, however, now it's started acting strange. When I run a speedtest, I get 150mbps, when my cable line is 220. I have verified that I am actually getting 220mbps and all by switching the ipv4 rule gateway to WAN1 (220mbps interface). Sometimes it gives me 100-200mbps, while other times it gives me near enough 260mbps in total when gateway group is setup.
I'd be glad if someone could shed some light on why this is happening. Did I configure something incorrectly or is pfSense flaky in this use case? I want it to be stable at around 260mbps while working together as it was when I first set it up.
According to : https://forum.pfsense.org/index.php?topic=16923.0 I shouldn't be able to achieve the full bandwidth, however I already have a couple times. Proof below:
PS: For the upload speed it's always adding both the upload speeds together. It just seems to be the download speed that is being a bit of a pain.
-
Some speed tests actually use multiple streams and add them together in the results. Its still different connections over each of the WANs
https://www.dslreports.com/speedtest
If you look at the windows showing the speeds in the above test it actually shows you how many streams are used.
-
You are load balancing disparate connections. pfSense has no way to know how much traffic a connection is going to transfer when the state is created. State creation is when the outgoing interface is selected.
You can mitigate this in your situation somewhat by adding weights to your gateways.
You have one circuit at 220 and one at 37 so a gateway weight of about 6 on the 220 gateway and 1 on the 37 gateway should put 6 out of every 7 states on the 220 circuit.
Again, there is zero way for pfSense to know if that state is going to be part of a speed test or a small web query.
Load balancing shines pretty brightly when you are dealing with lots of users and lots of states. It can give less-than-expected performance with things like a couple speedtest states. That is more to do with misplaced expectations than the underlying algorithm.
-
You are load balancing disparate connections. pfSense has no way to know how much traffic a connection is going to transfer when the state is created. State creation is when the outgoing interface is selected.
You can mitigate this in your situation somewhat by adding weights to your gateways.
You have one circuit at 220 and one at 37 so a gateway weight of about 6 on the 220 gateway and 1 on the 37 gateway should put 6 out of every 7 states on the 220 circuit.
Again, there is zero way for pfSense to know if that state is going to be part of a speed test or a small web query.
Load balancing shines pretty brightly when you are dealing with lots of users and lots of states. It can give less-than-expected performance with things like a couple speedtest states. That is more to do with misplaced expectations than the underlying algorithm.
Thanks a lot for your reply Derelict, I've added weights as you've suggested and sort of understood how it works. The small explanation on states helped a lot!
I am now always getting 256+ mbps speeds on speedtest, which is what I wanted. A visual representation that I can have the both connections theoretically displayed as one. :)
However, since you mention pfSense not knowing much about what the state will be used for. maybe some kind of better more intelligent algorithm can be added in the future. One that can 'learn', and dynamically allocate those states based on their speeds. Or can this not be done? (I'm no expert at this)
For example, if you run a speedtest once, then over time the algorithm will be able to learn how to best balance out the states based on IP's/ ranges / domain names and the same for other traffic too.
But anyways, thanks again for helping me sort this, I was getting a bit frustrated because sometimes it would show the entire speed available, other times, it would not. This will definitely benefit me in the future.
-
Yeah, probably not.
You can do things like have multiple gateway groups and policy route different traffic across different groups but I do not see the algorithm changing.
As far as I know what would have to be done upstream in pf anyway.
