Comcast Gigabit - SG-3100 (not getting gig speed)
-
I would suggest you take internet out of the equation to validate.. Simple iperf from something on wan to lan, versa.
I have seen isp throuttle newer connections.. Connect some PC to your modem - can it do gig? This will have different mac than your previous router as well.
-
@JohnKaul I've been running iperf against the LAN IP of the pfSense and I'm getting roughly the same speeds so I don't suspect it's so much the routing part, but something else. I've been a user of pfSense since v1.2.3 and I've always loved it. This is just one of those gremlins... I used to be able to iperf to the old Dell running pfSense before at gig speeds, and through it (just not out to the internet) I can iperf through the Cisco SG200-26P switch at gig speeds minus overhead just fine.
-
testing to pfsense is not valid test of its routing/firewalling speed.
You need to test "THROUGH" pfsense..
-
@cparkervt, Ah. cool. Thanks for the recommendation. I'm still on the fence to be honest. I've never used pfSense so I'm still reading (a lot) about it and the hardware. Thanks again though. I appreciate the recommendation.
About the testing:
iperfis a nice tool but read what @johnpoz just said. -
-
@johnpoz said in Comcast Gigabit - SG-3100 (not getting gig speed):
I would suggest you take internet out of the equation to validate.. Simple iperf from something on wan to lan, versa.
I have seen isp throuttle newer connections.. Connect some PC to your modem - can it do gig? This will have different mac than your previous router as well.
I should have included this in my previous message. I have connected my MacBook to the modem directly, and set one of the IPs from my /29 public subnet AND tested with the DHCP lease received from the router portion of my modem. Both ways shows gig speed.
-
because pfsense stack for tcp is not meant to answer stuff asked of it, its meant to route it and firewall it... So no its not a fair test of what it can do.. Its not a server - its firewall/router.
-
@cparkervt, testing from aiperfclient (laptop) to aniperfserver (the 3100) would only be testing the cable/wifi signal (there's nothing in the way). Theiperfserver should be after the router so you test the throughput of the router.After re-reading your posts, I think I misunderstood your last question. I apologize for the "lesson" (you already understand what I said above). Sorry.
-
@johnpoz said in Comcast Gigabit - SG-3100 (not getting gig speed):
I would suggest you take internet out of the equation to validate.. Simple iperf from something on wan to lan, versa.
Are there any instructions anywhere on how to do this? All the talk of testing the routing THRU a pfsense box has me curious to setup this test.
I'm assuming it's a computer on the WAN port with some IP address, pfsense in the middle, and a machine on the LAN side. Run an iperf test and see the numbers. Anything more complicated than that?
Jeff
-
When you tested the speed of your switch, did you test through the switch or did you run iperf on the switch and talk to an SVI on the switch?
Nope thats it -
computer (iperf -s) --- pfsense ---- (iperf -c) computer
-
@johnpoz said in Comcast Gigabit - SG-3100 (not getting gig speed):
When you tested the speed of your switch, did you test through the switch or did you run iperf on the switch and talk to an SVI on the switch?
Nope thats it -
computer (iperf -s) --- pfsense ---- (iperf -c) computer
I will test PC -- OPT1 -- pfSense -- LAN1 -- PC ... later this evening.
Also on the agenda is testing a loaner SG-3100 with a virgin config. -
I would make sure you setup say opt1 to look like wan so its doing nat.. Since that could be a performance hit.. So you want to validate your speed is with natting being done.
-
lan by default is part of the switch right.. Possible you could have flood of broadcast traffic causing you issues on the switch?
-
@johnpoz I'll isolate the pfSense from the rest of my network during testing. Just for grins, I tested from a LAN PC using iperf3 to an Ubiquiti EdgeRouter's WAN IP in that same /29 and I was getting ~300m but that could be that it's a cheap ER-X and not able to handle being an iperf server as I know those have potatoes for CPUs in them.
I appreciate all the help so far. I really hope it's something simple like "hey you missed this one thing" actually kind of enjoying the challenge (good thing this is my home office/ home lab)
-
that brings up very good point... test your iperf server and client testing without pfsense to validate they can do gig..
iperf -s --- wire ---- iperf -c
or
iperf -s --- switch ---- iperf -cAnd make sure you use all the wires you will use with the testing, before you put pfsense in the middle..
If wasn't 3pm on a friday I would sim test the 3100 I have here.. But could do on monday ;)
-
@cparkervt said in Comcast Gigabit - SG-3100 (not getting gig speed):
<snip> but that could be that it's a cheap ER-X and not able to handle being an iperf server as I know those have potatoes for CPUs in them.
<snip>For what little it's worth: If I remember right, it's been a few years since I've dove into the source code but,
iperfruns on the stack (memory) only. So you are running a memory<->memory network/performance test. -
@johnpoz Yeah all my other testing I've been doing to rule out my own network was random clients running iperf over my two Cisco SG200/300 switches and they get 900+. Hence my confusion as to why the pfSense LAN IP was getting almost exactly the same as my previously quoted Internet speed tests. But like I said, I'll isolate the pfSense and test routing/NAT performance via iperf and see what it says.
-
Isolated 3100.
MacBook Pro used as iperf2 server.Through NAT:
[332] 0.0- 1.0 sec 46.0 MBytes 386 Mbits/sec
[332] 1.0- 2.0 sec 46.3 MBytes 388 Mbits/sec
[332] 2.0- 3.0 sec 45.9 MBytes 385 Mbits/sec
[332] 3.0- 4.0 sec 46.3 MBytes 388 Mbits/sec
[332] 4.0- 5.0 sec 46.0 MBytes 386 Mbits/sec
[332] 5.0- 6.0 sec 46.1 MBytes 387 Mbits/sec
[332] 6.0- 7.0 sec 46.1 MBytes 387 Mbits/sec
[332] 7.0- 8.0 sec 46.1 MBytes 387 Mbits/sec
[332] 8.0- 9.0 sec 46.1 MBytes 387 Mbits/sec
[332] 9.0-10.0 sec 45.9 MBytes 385 Mbits/sec
[332] 0.0-10.0 sec 461 MBytes 386 Mbits/secThrough Comcast modem switch:
[308] 0.0- 1.0 sec 117 MBytes 980 Mbits/sec
[308] 1.0- 2.0 sec 113 MBytes 949 Mbits/sec
[308] 2.0- 3.0 sec 113 MBytes 949 Mbits/sec
[308] 3.0- 4.0 sec 113 MBytes 949 Mbits/sec
[308] 4.0- 5.0 sec 113 MBytes 949 Mbits/sec
[308] 5.0- 6.0 sec 113 MBytes 950 Mbits/sec
[308] 6.0- 7.0 sec 113 MBytes 949 Mbits/sec
[308] 7.0- 8.0 sec 113 MBytes 949 Mbits/sec
[308] 8.0- 9.0 sec 113 MBytes 949 Mbits/sec
[308] 9.0-10.0 sec 113 MBytes 949 Mbits/sec
[308] 0.0-10.0 sec 1.11 GBytes 951 Mbits/seciperf3 was giving me weird numbers for both scenarios so I rolled back to iperf2.
No special switches were used in either iperf test. Just -c and -s where appropriate.Weirdly enough I can hit ~650 presently via speedtest.net (I consistently use Boston Comcast as my target because that's my next hop before I hit the rest of the internet)
-
Hmm, that seems waaay too low for a local test. Can say exactly what that iperf2 test was between? And how the 3100 was connected, which ports?
What weird results were you seeing with iperf3? That's usually preferred.Steve
-
@stephenw10 said in Comcast Gigabit - SG-3100 (not getting gig speed):
Hmm, that seems waaay too low for a local test. Can say exactly what that iperf2 test was between? And how the 3100 was connected, which ports?
What weird results were you seeing with iperf3? That's usually preferred.Steve
o.0
'between'? The 3100 was 'between' (as the OP stated).I would imagine
iperf3being preferred for testingOpenVPN, orSnort(or other type of single threaded stuff) but not as a general rule such as 'usually prefered'. There are other key differences but the point being, choose your weapon based on your needs not "da version number".http://fasterdata.es.net/performance-testing/network-troubleshooting-tools/throughput-tool-comparision/
