The speed is slow when using two lan port

terencechuen

I running pfsense on KVM as a VM,it have one wan port and two lan port,the lan port info is:

OPT1:10.1.1.0/24 gateway 10.1.1.1
LAN:10.1.2.1/24 gateway 10.1.2.1

All lan user access internet via WAN is normal and speed is very fast.
But when LAN user access to OPT1,the network speed is extremely slow about 1~10k/s.

My core service is use OPT1 port to provide services for LAN users,like NAS storage , time machine and media server.

In my opinion,two different network segments try communicate with each other must be used NAT,but I can't find any related options.

Why the speed is slow when I try to access OPT1 using LAN address?

doktornotor

There should not be any gate way configured on LAN or OPT. Has nothing to do with NAT.

terencechuen

My description is not very clear,two lan port did not setting gateway but DHCP client have.

This should not have any problems.

doktornotor

OK, looks like some virtualization-specific crap going on. (Plus, why's it showing 10G for LAN/OPT and nothing for WAN?)

terencechuen

WAN using PPPoE to connect internet.

wall port are directly connected to the server network port,KVM config like this:

<interface type="direct"><mac address="52:54:00:2b:af:81"><source dev="em2" mode="vepa">
      <model type="virtio"><address type="pci" domain="0x0000" bus="0x00" slot="0x07" function="0x0">

<interface type="direct"><mac address="52:54:0055:44"><source dev="em3" mode="vepa">
      <model type="virtio"><address type="pci" domain="0x0000" bus="0x00" slot="0x08" function="0x0">

<interface type="direct"><mac address="52:54:00:4a:c0:ce"><source dev="em1" mode="vepa">
      <model type="virtio"><address type="pci" domain="0x0000" bus="0x00" slot="0x09" function="0x0">

I config this pfsense services few days ago,because my home server has hardware damage issus.

I set this new pfsense services as the old one,and the old one have same issus at the beginning.But I change Network Address Translation>>NAT Reflection mode for port forwards setting from "NAT + proxy" to "pure NAT",the issus solved.

In this new pfsense services I do same setting,but it not work.

</address></model></mac></interface> </address></model></mac></interface> </address></model></mac></interface>

terencechuen

about showing 10G port is I set KVM interface model type to virtio,in fact my server NIC speed is 1000M(1G),should I change model type to e1000?if set to e1000,it will show port speed to 1000M

terencechuen

Nice!

I change interface model type from virtio to e1000 to simulate intel e1000 NIC,after that,in "Speed and Duplex" option can speed and duplex mode for this interface.

When interface model type is virtio,"Speed and Duplex" Option only have 10G Base option.

I think pfsense is not support KVM virtio driver.

I problem is solved,the speed can up to 100+ m/s.

doktornotor

Well if it didn't support virtio, you'd have no NICs visible there. So, lets say it's very buggy instead… :D

johnpoz

",two different network segments try communicate with each other must be used NAT"

No why does this seem to be a common thought.. Why would 2 different network segments connected to the same router need to be natted??  Do they overlap?  You do not need to nat between rfc1918 networks..

If your using KVM, have you read through the sticky
https://forum.pfsense.org/index.php?topic=88467.0