is it normal to loose WAN speed to compared to to Pfsense?

comet424

hi i had a question .. i have slow dsl internet as thats all i can get
but i noticed doing speed test from Pfense and from my desktop computer are 2 different speeds

pfsense gets

Retrieving speedtest.net configuration...
Testing from Bell Canada (########)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Compton.net (#####, ON) [81.99 km]: 123.984 ms
Testing download speed................................................................................
Download: 5.87 Mbit/s
Testing upload speed......................................................................................................
Upload: 1.00 Mbit/s

and when i use Bells (internet speed test from Desktop)

Modem to device
Download 5.91Mbps
Upload 0.62Mbps
Latency 12ms

is that normal to loose 0.4mbps to the desktop.. or anything i can tweak it to get to that 1Mbps

i realize you guys have faster internet not necessary need to tweak yours.. but was wondering if i can tweak mine to get to the 1mbps to maximize my slow internet

or is that just because now your going through Router and Windows and there is some loss

chrcoluk

The difference can be down to various factors.

Is it ethernet or wifi (yes wifi can affect even low speeds).
Network configuration, related to things like RWIN and congestion provider's.
Browser problems, especially with an a/v that sends via its own proxy.
NIC driver issues, could be buggy implementation of checksumming or other NIC tech's.

It is not normal to see that kind of % performance difference when everything is working properly, and assuming you have no configured QoS that would cause that.

comet424

well i noticed issues today after Windows 10 roll out updates they did yesterday that automaticlly updated in middle of night and today i was having issues.. made sure i was up todate..

i dont know what QoS is .. or the RWIN
i use telephone line to modem and modem directly to Pfsense..
then pfsense is cable to a switch and switch is cabled to my desktop computer.. so no wifi there

and wouldnt know where to look for QoS

i have changed my server a couple of times bad motherboards.. so i had to edit the config file.. search and rename nics so i can just boot up normally.. and then i had extra nics saved and pppoe under the ppp assignments.. so had to delete those

chrcoluk

RWIN is the receive buffer for TCP downloads, it determines how much data can be sent per acknowledgement, most modern OS are designed now for fast connections and a too high RWIN can cause performance problems. This been your problem is I dont think it is likely, but I mentioned as an avenue to check.

It sounds like you have no QoS (is off by default), so I dont know, hopefully someone else can help you figure it out.

Potentially it could be MTU problems. But changing that on the windows client is a bit too much for me to explain now as I am tired, if you are still stuck tomorrow I can offer help on that.

If you want to try a lower RWIN, try these commandsin a admin command prompt.

netsh int tcp set global autotuning=highlyrestricted
or
netsh int tcp set global autotuning=disabled

no reboot needed.

to revert to default setting

netsh int tcp set global autotuning=normal

comet424

@chrcoluk sure sounds good no rush..
as i was googling PPPOE and pfsense they talked about your providers MTU so i googled it... with Bell its 1492 and i had it blank so defaults 1500 i take it.. not sure what that does either.. but it didnt help.. i edited that in the PPP or it was the WAN assignnment forgot at the moment..

but i can wait i just noticed it.. as i know i can receive it shows.. just sending backuploading is an issue.. well hopefully you can get unstuck (:

comet424

i have disabled my VPN's as i had a couple VPNS running so i made sure it wasnt also leaking... and maybe its my NAT settings as i have set to get the XBOX setting to work damn that double nat stuff lol
so maybe its one of those issues too i not sure

AKEGEC

@comet424 , yes you can tweak it so you can get double speed 11.74 Mbit/s (5.87 Mbit/s x 2 ).
Do you have two separate fax and phone line? and are they both active?

chrcoluk

I wish you disclosed you are using a VPN initially, that is probably the most likely reason. When you tested from pfsense that probably didnt route via the VPN hence the difference.

stephenw10

On a faster connection 400kbps would be a negligible difference.

It's not clear if you're even testing against the same server here and that alone could easily account for it.

Better to run a test like iperf where you can set the server you're testing against and then try that from both pfSense and a client behind it.

A PPPoE connection from pfSense will default to 1492 anyway. Which is how you should have this setup.
You mentioned double NAT though....

And yeah if you're testing over VPN that changes everything so a difference like that would be expected.

Steve

comet424

sorry for the delay
@AKEGEC

no i dont have 2nd line.. was looking at getting one ad go with different internet provider.. as i pay 90+ for 5mbp download 600k(ish up)
how can i double it

@chrcoluk
didnt disclose it as desktop as it doesnt use VPN never through of it.. doesnt matter.. Desktop like i mentioned still gets slow speed with OpenVPn client and Site to Site is turned off at pfsense.. so its still slow

@stephenw10
so how do i test it with iperf .. not at home to test it.. and ok so i changed that to 1492 as it said in video change it to it.. and pfsense said it defaults to 1500 if you down change... what does it actually do.

ya Windows is Double natting. desktop isnt behind the VPN its supposed to be open.. but i usually have to click the FIX button under xbox gaming. but ya wasnt testing at vpn this computer supposed to be free no vpn.. its supposed to be setup just like my xboxs where they open

stephenw10

There are public iperf servers you can test against, find one close to you. Doing so means you can use the same server from pfSense and the client behind it for a much closer test.

Steve

comet424

@stephenw10
ok ill look it up and try when i get home
then post results. havent been home and just checking emails today... borrowed internet.. damn pandemic has ruining lot of things

i appreciate the help from you and the others.. and ill give it a try hopefully today or tomorrow (:

AKEGEC

@comet424 said in is it normal to loose WAN speed to compared to to Pfsense?:

sorry for the delay
@AKEGEC

no i dont have 2nd line.. was looking at getting one ad go with different internet provider.. as i pay 90+ for 5mbp download 600k(ish up)
how can i double it

Well it is very easy actually, you need to know your ISP (latest)modem network card (whitelisted)chip model. But I see you don't have 2 active lines so there is no use.

negate1

Yes, you can use both to speed up the process of the speed. Make sure that you have both lines active.

stephenw10

Both what? Unclear what you're referring to here.

Steve

Raffi_

@stephenw10 said in is it normal to loose WAN speed to compared to to Pfsense?:

Both what? Unclear what you're referring to here.

Steve

lol on the next episode of "to catch a bot"....

My guess is bot, what do I win if I'm right?

stephenw10

Hmm, I'll have to work on a prize.

johnpoz

Yeah the posts are quite sus ;)

comet424

sorry for the delay had family issues I had to deal with and with this covid issues has made family issues harder to deal with

but I finally home and I just ran the iperf
so left side Pfsense box right side is the windows Desktop no vpn no nothing

I had issues getting servers to work.. this one I using that worked was a Moscow one I couldn't get the usa public one I found and none in Canada I found all the servers were busy it said

stephenw10

Hmm, well I would retry until you are able to connect to something closer to you. iperf.scottlinux.com works for me (although that's actually no-where near me )

You should run the test in both directions and use multiple streams so:
iperf3 -c iperf.scottlinux.com -P 4
and
iperf3 -c iperf.scottlinux.com -R -P 4

Steve