Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    VLAN access is slow

    Scheduled Pinned Locked Moved Routing and Multi WAN
    2 Posts 2 Posters 1.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      eagle1985
      last edited by

      Hi everyone,

      I'm new to pfSense and currently fighting a little with my VLan setup, in does work, but access over a VLAN Port of the Switch is slow, the Untagged Ports of the "normal" LAN are fast.

      So I have a Cable ISP with approximatlly 400Mbps down and 40Mbps. When I connect my Laptop over the Untagged Management LAN I get the full download and upload speed from Speedtest.net.
      If I connect the Laptop to a different Port that is VLAN tagged the connection works, but breaks down to approximately 40Mbps.
      As this is only a setup configuration so far no other devices are connected, exept for test resons. Therfore I don't know if sharing the same Port to the Router will have an influence here.

      So my setup is as follow:

      PfSense:

      • Latest pfSense Stable 2.3.4
      • Runs on PcEngines APU2
            - AMD Embedded G series GX-412TC, 1GHz, Quad Core
            - 4 GB DDR3-1333 DRAM
            - 3 Gbit Ethernet, Intel i210AT

      Switch

      • Unfi Switch PoE 24 (all prots 1Gbit/s)
      • Unfi Switch 6 (all prots 1Gbit/s)
      • both managable over the UNFI Controller, so Support of VLAN is provided

      WLAN

      • Unfi AP AC PRO

      VLAN

      • Management Lan (untagged or ID 1)
      • WLan internal
      • WLan guest
      • Floor 1
      • Floor 2
      • Floor 3
      • DMZ
      • Servers

      All connections are over Cat6a Cables, so there shouldn't be an issue on that side.

      The connections from pfSense Box are WAN to Cable Modem and LAN+Opt1 over LAG to Switch24, that again with LAG(2x1Gbit/s) to switch 16.
      Not sure if it makes more sense to remove the LAGS and connect both Switch direclty, but that isn't part of the issue, as all connections are on the larger Switch.

      I also set up all Ports of the Switches to Tag the VLANs.
      So routing between the different VLAN works correctly accordign to my Firewall rules, so far no problem on that side.
      This includes a Gatway Group for failover WAN connection.

      Anyone an idea why VLAN connection/routing is so slow? I know the LAG from the Swith to the pfSense Box is a botle neck for VLANs, especially when access goes from one VLAN to another or muttiple access to the internet happens from different VLANS. Then they share the LAG (2x1Gbit/s).
      But in my Test setup this isn't the case as I don't have any concurrent access and just try to reach the Internet (works, but slow)

      Could it be a driver issue that the Intel drivers are not working well with VLANS over a trunkated Port? Or the hardware just isn't good enough?

      Thanks for any help

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Difficult to say. Is the LAG LACP?

        Are any of the interfaces on pfSense or the switch logging any errors? Anything interesting in the system log? The log on the switch?

        There is certainly nothing known regarding intel NICs and LACP/LAG + VLANs.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.