SG-1100 Throughput Test
-
Hmm, so still slower receiving.
You might try disabling pf entirely (
pfctl -d) and testing between LAN and OPT. You should see close to line rate under those conditions unless there is some thing very wrong in the setup.I will say though that your unlikely to see much over 500Mbps from WAN to LAN, even after tuning, with firewalling and NAT in place. If you need close to 1Gbps you should upgrade to the SG-3100.
Steve
-
@testgate said in SG-1100 Throughput Test:
tagging outbound packets with TOS 7
Where you seeing that - I just looked, and no that is not happening..
Please post your sniff showing that.
-
@stephenw10 Thanks again. Here goes:
Followed the below process for LAN<->WAN test:
Reset SG-1100 to factory default via console cable. Set interface(s) IP address via console WAN (mvneta0.4090) IP 10.10.10.1/24, LAN (mvnet0.4091) left default IP – 192.168.1.1 and default DHCP scope. Connected laptop1 to LAN, logged into Web GUI, completed the wizard leaving all defaults, but set new admin password. Laptop2 connected to WAN and set IP 10.10.10.150/24.
On laptop2, ran command “iperf3 -p 5001 -s”
On laptop1, ran command “iperf3 -p 5001 -c 10.10.10.150”
On laptop1, ran command “iperf3 -p 5001 -c 10.10.10.150 -R”
Result screen capture below:
Followed the below process for LAN<-> OPT test:
Executed “pfctl -d” command as root via console. Configured OPT (mvneta0.4092) via Web GUI for IP 192.168.100.1/24. Moved laptop2 to OPT and set IP 192.168.100.150/24.
On laptop2, ran command “iperf3 -p 5001 -s”
On laptop1, ran command “iperf3 -p 5001 -c 192.168.100.150”
On laptop1, ran command “iperf3 -p 5001 -c 192.168.100.150 -R”
Result screen capture below:
Followed the below process for laptop1<->laptop2 test:
Set laptop1 IP 192.168.100.200. Connected laptop1 directly to laptop2.
On laptop1, ran command “iperf3 -p 5001 -c 192.168.100.150”
On laptop1, ran command “iperf3 -p 5001 -c 192.168.100.150 -R”
Result screen capture below:
Taking Steve’s advice, I ordered an SG-3100. We have several of these in production and have had good results. The SG-1100 was/is an experiment. Interesting results.
-
@johnpoz Apologies, I didn’t save the capture where I saw this and could not replicate it again after a factory reset.
-
The SG-3100 is definitely a better option here.
However when you disable pf using 'pfctl -d' it will be enabled again by making any changes in the gui that apply firewall or NAT changes. (unless it's disabled in the GUI). I suspect in the test where you added opt and tested from LAN to OPT it had become enabled again. Better to disable it immediately before the test.
Steve
-
@stephenw10 I think you are correct on both points. Thanks for that, I appreciate your input. The asynchronous results of LAN-WAN testing still baffles me.
-
As far as I've been able to determine it's due the way NAT states are opened. It you test between interfaces that are not NATing you will see it's a lot closer or completely symmetric. So between LAN and OPT or with pf disabled or with static routes on the WAN side devices opening states directly to the LAN subnet.
Steve
-
@stephenw10 Confirmed, my order of operation had inadvertently re-enabled pf. Rerunning the test LAN to OPT with the order you specified gave back results not very dissimilar to my laptop-to-laptop run.
Will I not experience this same issue with the 3100? If not, is that due to the differences in HW architecture?
-
You may see some asymmetry in throughput but not as extreme. You should see close to Gigabit download (other variables allowing!).
Steve
-
@stephenw10 SG-3100 arrived today. Same LAN-WAN testing results below. LAN box on 192.168.1.100, WAN box on 10.10.10.10. 100% vanilla install fresh out of box. Thanks for all your help.
-
J johnpoz referenced this topic on
-
J johnpoz referenced this topic on
-
J johnpoz referenced this topic on
-
J johnpoz referenced this topic on
-
L larnak referenced this topic on
