<solved>Are there default Preferrences on multiple LAN Ports?</solved>

  • Hello my fellow collegues. :-)
    I have a strange behavior with my Multi-LAN Setup.

    Last Friday we got an Speedupgrade on our WAN. Now there ist the following problem:
    On LAN1 we got the full speed of 50Mbit/s down and 10MBit/sec up.
    On LAN2 we only got 10-15 MBit/sec down and 10/Mbit/sec up. (Even when there is no traffic on LAN1)

    There are no Limiters and also there is no configured Traffic Shaper.

    Are there any default preferrences on LAN1? How can we fix this?

    Thank you very much!


  • LAYER 8 Global Moderator

    Is your 2nd lan same type of physical nic, is it a vlan on lan 1 interface?

    There should be nothing that throttles this connection, is your lan 2 wifi or something?  Can you draw your network?  You don't have anything bridged do you?

  • Hi johnpoz,
    LAN1 and LAN2 are seperate physical NICs of the same type.
    I have pfSense running on an ex-Astaro ASG-220 Appliance with 8 NICs.

    NIC "em0" is configured as LAN1
    NIC "em1" is configured as WAN1 (4Mbit SDSL PPPoE) this is not the default route
    NIC "em2" is configured as DMZ
    NIC "em3" is configured as WAN2 (40Mibit/10Mbit DSL) This is the default route
                      WAN2 is connected to a router (AVM Fritz!Box 7490) , that is preconfigured from the Provider.
                      Since the router is open for us, i could check the config and there were no bandwith preferences
                      for any client devices configured.

    The other NICs are used as seperate LANs for testing purposes.

    There are no bridges configured. Neither WAN nor LAN are connected via WiFi.

    Is this sufficent for you to understand the situation? I also tested to diconnect WAN1 for testing purposes, but this
    did not solve the issue so it seems not to be multiwan related. WAN1 is only in use for our Roadies connecting via OpenVPN.

    Thank you very much.


  • LAYER 8 Global Moderator

    so your saying this happens on all your other interfaces and test lans?  Or just this one?  AFAIK there is nothing in pfsense that would do this unless you had some limiter setup.  Pfsense doesn't really give 2 shits what lan interface the traffic is from.  There is no real difference between lan and opt interfaces that you add and are also lan other than lan gets a default any any rule, and this is where the antilockout rules go, etc.  Its the same driver your saying.

    Swap your interfaces so em2 is lan and em0 is dmz or etc..  Do you see the same issues?  I would look to something in the network causing the problem.  Your not using proxy or captive portal?  You don't have any packages like squid or snort, etc?

    Maybe you have a duplex mismatch in your connection on this interface?  Maybe you have a bottleneck downstream?  I would sniff are you seeing lots of errors on the connection? etc..

  • Hi,
    the only Package that is installed is the OpenVPN Client Exporter. Nothing else.
    Some time ago i indeed had tested TrafficShaping and Limiters. I removed both. Could it be that
    there are some dead and hidden parts of the limiters / shapers that need some advanced work to remove
    in the shell?

    I even tested to make a new TrafficShaper for the new Speeds. But there is absolutely no
    difference, if TrafficShaper is configured or removed.

    The only thing that changed is, that now all Interfaces get a max of about 11-15Mbit. Even the one that was
    on the full 40-50Mbit.  Strange…

    I did another test. I connected my Notebook to the ISPs Router and did a speedtest. There i get the full bandwith.
    So it must rely in pfSense or the switch. I will check that.

    Thanks a lot.


  • Hi,
    in the last days i did some tests and research. I got another Astaro ASG220 Apploance for testing and there i made the following
    experience. On our Appliance we had pfSense embedded installed on a 4GB USB2.0 Stick.

    On the borrowed one i installed pfSense on a spare HDD that was connected on the Appliances OnBoard IDE Port.
    I reinstalled the current releae and imported the config of our faulty Appliance. After correcting some Interface Assignments
    i switched over to this Appliance and on All Ports we got the correct Internet Speed.

    Then i plugged another spare IDE HDD in our faulty Appliance and reinstalled pfSense. Then i reimported the current config
    and corrected some assignments like in the borrowed Appliance. I switched back and i got the full Internet Speed with our Appliance, too.

    The only Difference is, that now pfSense does not boot up from USB-Stick (embedded Version) but from HDD (classic Install).

    But why has the USB-System such performance flaws, when it boots up in RAM?

    Thanks for your help! The problem itself is solved now!  :D