Yup, usually you won't notice the difference. We have seen some situations where it is required though. Others where the throughput can be significantly increased by disabling it.
It's worth testing disabling it if you are not seeing the expected throughput and have local access to revert that change if required.

Steve

@stephenw10 yes we can agree the user can configure it wrong all over. Again, an administrator might fat finger a large static DHCP list with a couple entries thus causing hostname mix ups. That for one would be very hard to pinpoint. Moreover, we know the amount of hours system administrators work. It's a lot of hours. This would make PfSense have a ease of use software functionality built in. I assumed that if pfSense allowed multiple duplicate entries, it was done for a situation when two devices need to be swapped in and out and need the same IP address, in this mindset PfSense should still log the correct hostnames. Again, if that was the reason for PfSense allowing the GUI duplicate entries.

Weird thing to research, but the hostnames mixup was what I was after and or why
PfSense would allow the duplicate entries in the first place. Let's agree admins have monster static dhcp lists that are updated and changed all the time within a secure setting. This situation would want controls in place for hostnames. Finally, logs for the hostnames could get bonkered up and with a monster list and that would be hard to track down why hostnames are wrong. We know PfSense now has experimental layer 2 Ethernet filtering.

Screenshot 2023-06-15 at 2.40.04 PM.png
(Blocked IPV6 as my ISP does not hand out IPV6 addresses only IPv4)

Per Netgate docs
"Ethernet rules can use Aliases for L3 source/destination matching but there is no support for MAC Address aliases at this time."

This works and shows traffic. Each IP has its MAC recorded into the rule.

Working config, Squid, Squidguard, Snort, Lightsquid, Auth-NTP, DNS over port 853, Clam-AV, UpNp for xbox alongside floating Queue CODEL this is functional and other ACLs are still working with this version. I have set the top line to block out all IPV6

Test now running for 24 hours no issues.

I figured out how to connect my computer to the pfsense vm. On windows server 2016 i went to network connections where i can see all my ethernet adapters. Then i selected in my case ethernet 3 where my computer is connected and the internal lan adapted and bridged the two adapters. In the bridged adapter i changed the ipv4 adress and i was connected to the router.

However now i am connected but still dont have internet and i am able to ping 8.8.8.8 but not google.com i get the error dns could not be resolved when trying to access internet in chrome.

@marzdor said in Not getting same speed as isp router:

I unplugged the cable from the WAN and put it in the OPT port and it showed up as 1000

Mmm, that in combination with the fact both ports are configured the same starts to look like a problem with the port.

Vielen Dank @JeGr @mike69 . Wieder einiges dazu gelernt.. :)