Am I in over my head?

badfrogg

So. while I wait on the phone with Frontier to reset my ONT. I wanted to ask; Do you guys think that this hack job router pieced together out of 10 year old parts is better then a Walmart router for my home?

Or maybe I was thinking of just getting a Ubiquiti EdgeRouter X for $60

badfrogg

Well. Frontier would not provide any support as soon as they figured out that I was using a third party router. It must be some WAN setting specific to this modem but I just dont know.

stephenw10

Try spoofing the MAC address on WAN to whatever the DD-WRT device was.
https://docs.netgate.com/pfsense/en/latest/interfaces/interface-settings.html#mac-spoofing

Steve

badfrogg

@stephenw10 said in Am I in over my head?:

Try spoofing the MAC address on WAN to whatever the DD-WRT device was.
https://docs.netgate.com/pfsense/en/latest/interfaces/interface-settings.html#mac-spoofing

Steve

So following these directions to spoof the MAC it says to add a shell command into the config XML. "may require running the NIC in promiscuous mode" I put the MAC of the DD-WRT router in and that did nothing

Can you tell me what that syntax would be? The example given is:
"/sbin/ifconfig em0 promisc"
But for my NIC wouldnt it be, and is the parameter "promisc" even valid for a realtek NIC?
"/sbin/ifconfig re0 promisc"

stephenw10

That's only in some special cases. Almost all NICs can be spoofed in the WAN interface settings directly, there's a field for it in Interfaces > WAN.

Steve

badfrogg

I was just doing due diligence since putting in the MAC did not fix the problem. I found an example of a NIC command for promiscuous mode.
I added the line into the config XML.

So I was trying to post in the code but I cannot because it flags the post as spam???

badfrogg

So here is some more information. I switched over from my Frontier FiOS modem to my Spectrum cable modem and now my speed is 100 time faster. That's 0.03mbps to 3mbps.

While that is clearly still broken, why would the two ISPs act differently. The FiOS is tested at >50mbps and the Spectum was tested to >400mbps. (with a direct connection to the PC)

Should I chuck this hardware into the recycle bin where I found it?

badfrogg

So this whole time I have been running "speed tests" from my browser. All the top ones when you find with a search for "speed test". They all fail or report less then 3mbps. So then I though to go download real world stuff and this is what happened;

(I let each test run for at least 15 minutes)

these were the max speeds reached
Nvidia Geforce driver - 3mbps
Download A game from GOG - 3mbps
Download Windows 10 ISO with the Microsoft media creation tool 1mbps

Here is where it gets weird.

So windows 10 was abysmal and was still at only 1% after 15 minutes so I decide to try to download something big at a torrent site. So I go and turn on my VPN and the Microsoft speed instantly goes to 15mbps. So that's interesting. So I turn off VPN, now I'm getting 30mbps. Ok, so I turn it back on and that kills the download...

So I want to get back to testing stuff after geting derailed by the whole VPN thing. so i just reboot everything and do all the above test over just to make sure its still the same. It is.

Ok I wanted to download a torrent so I turn on VPN and find something big from the top 100 list so there are plenty of seeds.
one torrent = about 1 mbps. I loaded up 3 and got about 3mbps

Now here goes the craziness...
The VPN is off and i open Steam and download a big game "Whitcher 3" and I get 298mbps !!! peak and no less then 250mbps sustained.

I turn on the VPN just for fun and nothing changed. (That dip is when I turned the VPN on)

I tried the other test with VPN on and other then that weird spike from the Microsoft too it seemed to have no impact.

chpalmer

@badfrogg said in Am I in over my head?:

Should I chuck this hardware into the recycle bin where I found it?

Really knowing nothing about the hardware at all Im curious what is slowing your system down so much. None of my boxes do not do wire speed. But even the one box I have that still is running 32bit (soon to be replaced) will easily do the 100mbps connection that the customer pays for.

Remember that 8 bits equals 1 byte. If you are seeing download sizes of 10 MBPS when you are expecting 80mbps that is a difference. 10 megabytes per second is 80 megabits per second. Not something to throw into the mix is it?

pfsense will do 10gbps on the correct hardware. Easily.

badfrogg

I've been using megabit per second as a unit of measure this whole time. It's that like using the metric system in America? LOL. because I do that too.

Well now I'm off to bed. the hardware can clearly do 300 Mbps (or 37 MB/s). But only downloading the Witcher 3 with Steam.

What that means, I have no idea. I did say I was completely inept with network engineering.

chpalmer

Sleep well! I know the frustration.

stephenw10

Hmm, that is odd!

I would setup a local test between clients on WAN and LAN directly and make sure it can hit line rate in a simple iperf test for example. It should be able to do that no problem except the Realtek NICs will probably limit it. Should be far higher than 400Mbps though.

Maybe something defaulting to some low speed. CPU stuck at 100MHz or similar? Does it have a standard BIOS?

Steve

badfrogg

I am using this NOVA-HM551 motherboard with 8GB DDR3 and1066, Core i7-820QM. It has a UEFI BIOS.

badfrogg

@stephenw10 said in Am I in over my head?:

iperf test

Could you give a high level overview of how to connect one machine to the WAN side. I'm guessing that I would need iperf to run a server on the WAN (or LAN) and then a client on the other side. But how would a computer get on IP from the WAN port?

stephenw10

Exactly, one computer WAN side running iperf server and another LAN side connecting to it using iperf client.

You could just set both the pfSense WAN and the server machine using static IP addresses since it's only two thigs to configure and only as a test.
Or you could connect both the pfSense WAN and the server to some other router and use whatever IPs that is handing out via DHCP as long as it's subnet does not conflict with the pfSense LAN. That's what I do here but as you might imagine I am not short of pfSense boxes!

Steve

badfrogg

Sorry, I tried. I'm certain that I dont know what I'm doing though. This is what I did:

WAN PC has IP address 192.168.10.100/16
psSence WAN is set to staticIPv4 192.168.10.1/24
psSence LAN is set to staticIPv4 192.168.1.1/24
LAN PC has IP address 192.168.1.100/16

WAN PC
C:\iperf3 -s

LAN PC
C:\iperf3 -c 192.168.10.100

.... Nothing happens.

badfrogg

Ok. So I changed the subnet mask from /16 to /24 on the computers, I rebooted pfSence and I tuned off the WiFi NIC on the client PC.

One or all of those things may have solved the iperf problem. iperf says I'm getting 900 Mbps. That's fine with me.

stephenw10

Yeah should have been /24 on everything for that. Otherwise 192.168.1.100 and 192.168.10.100 are inside the same /16 so they try to talk directly.... and fail.

Yeah 900Mbps is what I'd expect there. You'd probably get close to 941Mbps with Intel NICs.
There's clearly nothing fundamentally wrong with your hardware.
Something odd with the connection then somewhere....

Steve

badfrogg

Well. I just ordered the Ubiquiti EdgeRouter X. Man I hope it is easier than pfsence.

I will leave the pfsence box on my bench to taunt me. I hear it now.... "you suck....."

johnpoz

@badfrogg said in Am I in over my head?:

Well. I just ordered the Ubiquiti EdgeRouter X. Man I hope it is easier than pfsence.

No - sorry not even close ;)