SG-1100 Throughput Test
-
Test 1 is: client -> gigabitswitch -> server
Test 2 is: client -> sg1100 - gigabitswitch - server -
Yeah I get you have the sg1100 in the middle... So your routing this, ie client on your lan and server on the wan.. Or server on the lan and client on the wan and you did a port forward. Or you have client and server connected to the sg1100 switch ports and they are both on lan.
Is client on lan and server on opt and you setup vlans on opt?
So you have added another cable in the mix as well with client to sg1100 and then sg1100 to switch, and then server on switch. Did you validate cable good, etc.
Your questions is GREAT and yeah you would expect in the 900's I would hope even when natting and routing.. But you need to be a bit more specific on your testing connection method.
Says right on the sg1100 page
"For users seeking an excellent firewall with up to 1 Gbps throughput"Up to 1 Gbps to me would mean natting and routing at least close to 900mbps.. Not the 700 your seeing... So lets understand exactly how your doing the test.
And also going to yell for @Derelict since he has a huge lab and would think he has a sg1100 to play with ;) to duplicate your testing of its throughput.
-
@johnpoz said in SG-1100 Throughput Test:
So you have added another cable in the mix
autsch. embarrassing and I will not lie to you. The new cable was a cat5.
If I change it to a cat6 I get.
[ 4] 4.00-5.00 sec 105 MBytes 884 Mbits/sec 1 556 KBytes [ 4] 5.00-6.00 sec 105 MBytes 884 Mbits/sec 0 687 KBytes [ 4] 6.00-7.00 sec 106 MBytes 887 Mbits/sec 0 796 KBytes [ 4] 7.00-8.00 sec 100 MBytes 840 Mbits/sec 6 527 KBytes [ 4] 8.00-9.00 sec 105 MBytes 883 Mbits/sec 0 663 KBytes [ 4] 9.00-10.00 sec 106 MBytes 886 Mbits/sec 0 778 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth Retr [ 4] 0.00-10.00 sec 1.01 GBytes 868 Mbits/sec 28 sender [ 4] 0.00-10.00 sec 1.01 GBytes 866 Mbits/sec receiverThe flow is
Client -> lan port - SG1100 - wan port -> gigabit switch -> server
-
What are the exact iperf commands you are running?
High 800s is pretty respectable for single-stream ARM, IMHO.
I didn't get that notification. Wonder if it's case-sensitive @Johnpoz.
-
Odd you didn't get the notification. But cat 5 is more than capable of doing gig.. Maybe just something wrong with that cable. But I would say that mid 800's is pretty respectable.
Also you still haven't stated how you have it all connected.. I assume server or client is on wan, and other side is on the lan. But there are multiple ways this could all be connected. Which you really need to clarify.
The actual valid test would be server on wan, and client on lan. While doing nat - which is the typical setup.
-
We have seen crappy little "gigabit" switches that couldn't pass gig-e rates. Pull the switch and 942Mb.
-
but he said when he was testing with just his switch he was seeing 940.
-
Thank you for the fast feedback.
To further simplify the test setup I put the "Server" into the same vlan as the client. Since this was the same in both test it should not matter but anyway.
Now I have
- Server: is the same on both test - running iperf3 -s
- Cable Server -> Switch - is the same on both test
- Switch: 1GB - is the same on both test
- Cable Switch -> [Client | SG1100] - is the same on both tests
- SG1100 - Standard installation. no additional rules / nat /...
- Cable SG100 -> Client: Cat 6
- Client Command : iperf3 -c ip.address.server
Testsetup
Test 1 is: client -> gigabitswitch -> server
Test 2 is: client -> LANPORT sg1100 WANPORT - gigabitswitch - serverThe only difference I can see between the two test is the fact that in test 2 the sg1100 plus one cable is added to the flow between client and gigabit switch.
Test summary: The SG1100 "adds" 50MBits/sec to the result.
As i said. It is not that I am unhappy. I just would like to confirm that this is "expected" or if there are some additional tuning possible
Result test 1
Connecting to host "server ip", port 5201 [ 4] local "client-ip" port 40144 connected to "server-ip" port 5201 [ ID] Interval Transfer Bandwidth Retr Cwnd [ 4] 0.00-1.00 sec 112 MBytes 935 Mbits/sec 0 409 KBytes [ 4] 1.00-2.00 sec 111 MBytes 934 Mbits/sec 0 430 KBytes [ 4] 2.00-3.00 sec 112 MBytes 939 Mbits/sec 0 604 KBytes [ 4] 3.00-4.00 sec 111 MBytes 933 Mbits/sec 0 604 KBytes [ 4] 4.00-5.00 sec 111 MBytes 932 Mbits/sec 37 428 KBytes [ 4] 5.00-6.00 sec 108 MBytes 909 Mbits/sec 0 501 KBytes [ 4] 6.00-7.00 sec 109 MBytes 915 Mbits/sec 37 387 KBytes [ 4] 7.00-8.00 sec 111 MBytes 933 Mbits/sec 0 406 KBytes [ 4] 8.00-9.00 sec 110 MBytes 927 Mbits/sec 0 426 KBytes [ 4] 9.00-10.00 sec 110 MBytes 921 Mbits/sec 111 334 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth Retr [ 4] 0.00-10.00 sec 1.08 GBytes 928 Mbits/sec 185 sender [ 4] 0.00-10.00 sec 1.08 GBytes 925 Mbits/sec receiverResult test 2
Connecting to host "server-ip", port 5201 [ 4] local "client ip" port 37190 connected to "server-ip" port 5201 [ ID] Interval Transfer Bandwidth Retr Cwnd [ 4] 0.00-1.00 sec 100 MBytes 840 Mbits/sec 25 549 KBytes [ 4] 1.00-2.00 sec 105 MBytes 879 Mbits/sec 0 682 KBytes [ 4] 2.00-3.00 sec 105 MBytes 878 Mbits/sec 0 789 KBytes [ 4] 3.00-4.00 sec 105 MBytes 881 Mbits/sec 2 667 KBytes [ 4] 4.00-5.00 sec 105 MBytes 882 Mbits/sec 0 776 KBytes [ 4] 5.00-6.00 sec 105 MBytes 883 Mbits/sec 5 655 KBytes [ 4] 6.00-7.00 sec 105 MBytes 883 Mbits/sec 0 766 KBytes [ 4] 7.00-8.00 sec 105 MBytes 884 Mbits/sec 9 639 KBytes [ 4] 8.00-9.00 sec 102 MBytes 860 Mbits/sec 0 752 KBytes [ 4] 9.00-10.00 sec 105 MBytes 880 Mbits/sec 6 625 KBytes - - - - - - - - - - - - - - - - - - - - - - - - - [ ID] Interval Transfer Bandwidth Retr [ 4] 0.00-10.00 sec 1.02 GBytes 875 Mbits/sec 47 sender [ 4] 0.00-10.00 sec 1.02 GBytes 872 Mbits/sec receiver -
Yeah.
The SG-1100 is designed with a single gigabit link to a switch chip. That switch chip breaks out to WAN, LAN, and OPT. Everyone wanted pfSense on an espresso.bin. This is how the espresso.bin is designed.
So it is essentially a router on a stick.
880Mbit/sec is pretty impressive in that context.
-
@derelict thank you. It may look so but I really dont want to water down our wine. I am really impressed.
I should have said "only adds 50MBits/sec". This device will serve every internet connection you can normally buy for decent money in Germany.
I believe from a price value point this is excellent given the fact that the powerful pfSense capabilities are within this small little device
-
I can't get more than 250 Mbps with a Vanilla install. Which version of pfSense are you running? Mine is 2.4.4
-
@JInx-IT plain vanilla pfsense latest version that was installed out of the box. 2.4.4-p2
-
You are correct. I have, however, heard that people running 2.3.* are getting gigabit speeds. I was wondering if it was a 2.4.* issue that was throttling me to around 250 Mpbs. If other people are getting Gigabit, or close, speeds in 2.4.*, I'd like to know what they are running and how it's configured. My gut says I have something misconfigured, but I don't have a clue what it would be. I was hoping I could compare between my setup and another person's who was getting at least closer to Gigabit speeds, with the same hardware.
-
@JInx-IT and what are your results with 2.4.4-p2 and what is your test environment?
-
Not sure what you're talking about since the SG-1100 was never supported by anything older than pfSense 2.4.4-p1.
-
Maybe he is confusing the SG-1100, with the 1000?
-
I've read posts from people claiming to be running an old Dell desktop with a couple of gigabit cards, running pfSense 2.3.*, getting in the high 990 Mbps. I can plug my laptop straight into the modem and get the same. High 990 Mbps, no problem. When I put the Netgate SG-1100 between my laptop and the modem, my speeds go down to 250 Mbps or lower.
-
@JInx-IT you installed 2.3 on a sg -1100?
-
@JInx-IT said in SG-1100 Throughput Test:
getting in the high 990 Mbps.
Nonsense - since not possible to get that on a gig interface... Do the math yourself..
-
That's with no traffic shaping or anything. It's just the basic setup.
