Slow throughput on SG-4860 (~600mbs on 1gbs line)
-
What happens when you plug the SG-4860 WAN interface directly into the ONT - do you still experience throughput issues? From what I can gather form your first post, the pfSense box is actually downstream of the Verizon gateway - is there any particular reason why you decided to set it up that way?
Hope this helps.
-
What happens when you plug the SG-4860 WAN interface directly into the ONT - do you still experience throughput issues? From what I can gather form your first post, the pfSense box is actually downstream of the Verizon gateway - is there any particular reason why you decided to set it up that way?
Hope this helps.
You might be on to something. Admittedly it’s years since I could claim even a working understanding of how VZ was implementing FiOS. Back then I’d get a huge ONT on the side of my house.
In this install they ran a really super slim single strand fiber from the pole straight through my exterior wall and into a Verizon router. That router has an AD/DC supply zip tied to it. Otherwise there’s no ONT that I can see.
Should I get a fiber to ether exchanger for my PF box? I have a jar full of gbics I haven’t used in years ;)
-
I think there might be some confusion as to what we are calling the Verizon Gateway and ONT. The ONT includes the device (looks like a modem) that takes fiber as input and provides ethernet/coax outputs. The Verizon Gateway (at least to me) is the router/firewall Verizon provides - with gigabit I assume they would have given you the black G1100 (Fios Quantum Gateway) unless you decided to keep the (red colored) Actiontec. Do you have your pfSense box currently plugged into the ONT directly or into the Verizon Gateway (router/firewall)?
Hope this helps.
-
Are these results from speedtest trough the tunnel? Sorry, it's not that clear to me.
Totally on me! I wasn't clear!
~600mbs is from the LAN side of the firewall and LAN clients straight to 'the internet'…
I did the ole curl -o spedtest , Fast.com and several public iperf servers(through OVPN tunnel I max out at 50 mbs...again, another thread I need to start once I resolve this :) )
Keep in mind FIOS is rated UP TO @940 megabits even though they advertise gigabit. It may not be anything with your gear you might jsut be hitting a bandwidth limitation in your aarea. I ahve a freind that subs to VZ Gb and he rarely sees above 800 himself.
-
940 Mbps happens to be about what most people will see with a single 1 Gbps interface, after taking into account protocol overhead, so they're still pushing 1 Gbps through the line.
Of course, the caveat is that they're providing "Up to 940 Mbps"… if you're in-depth on the technology behind FiOS, it is actually shared connectivity between you and possibly up to 31 other neighbors, so if a couple of your neighbors also have gigabit service and have major downloads going on, that could actually prevent you from getting full speed.
-
The poster did mention that he was able to achieve a higher speed when connected directly to the Verizon gateway (back in the first post), so I'm not convinced it's an issue with the connection.
I'm still curious though as to how exactly this is setup: Is the pfSense box hooked into the gateway and gateway into the ONT, or is the pfSense box hooked directly into the ONT? I would recommend connecting the pfSense box into the ONT and then using the Verizon gateway downstream of the pfSense box (if it's required to be in use, e.g. to provide internet connectivity to STB's).
Hope this helps.
-
Having the exact same issue. When my computer is plugged straight into the ONT, I get 940 Mbps each way every time. When downstream of the SG-4860 running a 2.4-RC snapshot (Oct 4), download tops out at 400-500 Mbps. Upload can usually hit 700 Mbps, strangely.
This is a fresh install, so no old config slowing it down.
Let me know how I can help triage this. Thanks.
-
Fixed it- was necessary to enable PowerD, and set to Hiadaptive or Maximum (slightly faster). Hey, maybe this thing should be enabled by default, huh?
-
I'm still curious though as to how exactly this is setup: Is the pfSense box hooked into the gateway and gateway into the ONT, or is the pfSense box hooked directly into the ONT? I would recommend connecting the pfSense box into the ONT and then using the Verizon gateway downstream of the pfSense box (if it's required to be in use, e.g. to provide internet connectivity to STB's).
Hope this helps.
VZ box (where fiber terminates) –cat6-->PF Wan port
I know it sounds confusing because I've seen different FiOS set ups, but in this install, fiber runs from the pole, through a hole in my wall all the way to the Vz box (let's just call it the VZ Box). The VZ box has a locked port where the fiber terminates. And it has a switch built in. One switch port is connected to my PF box.
Wifi and routing are disabled on the VZ box (it's in bridge mode).
We don't have phone or TV through Verizon - internet only. No STBs in the mix.
-
Are you sure the computer on the lan is capable of 1gb speeds?
Its far from a given.
-
Are you sure the computer on the lan is capable of 1gb speeds?
Its far from a given.
That's a valid concern - I've tried a few machines including a current (ha!!!) MacPro, a 2017 MacBook Pro (15" with USB-C GigE adaptor), a 2015 iMac and my main workstation, an i7 4770k with 32gb of ram and dual gig NICs running Ubuntu 17.04 … thank goodness for super long ethernet cables! (which I've also tested by using shorter ones and newer ones).
But here's the real proof - those machines get ~900mbs when wired directly to the VZ Box.
-
I'd say take your Mac and plug it into the LAN port of your pfsense directly with a very short cable and run the test again.
If its still bad, save the config, install the previous version and restore the config. Test again.
If its not fixed, its a nic problem or isp problem. Or maybe a Mac problem.
Otherwise, a pfsense problem if a rollback fixes it.
-
I'm still curious though as to how exactly this is setup: Is the pfSense box hooked into the gateway and gateway into the ONT, or is the pfSense box hooked directly into the ONT? I would recommend connecting the pfSense box into the ONT and then using the Verizon gateway downstream of the pfSense box (if it's required to be in use, e.g. to provide internet connectivity to STB's).
Hope this helps.
VZ box (where fiber terminates) –cat6-->PF Wan port
I know it sounds confusing because I've seen different FiOS set ups, but in this install, fiber runs from the pole, through a hole in my wall all the way to the Vz box (let's just call it the VZ Box). The VZ box has a locked port where the fiber terminates. And it has a switch built in. One switch port is connected to my PF box.
Wifi and routing are disabled on the VZ box (it's in bridge mode).
We don't have phone or TV through Verizon - internet only. No STBs in the mix.
This is an interesting configuration that I have not come across before. Are you saying that the fiber terminates into a box/device that does Firewalling/WiFi/NAT routing as well? Usually what I've seen the fiber tends to terminate into the ONT where the outputs are ethernet, coax, and phone jack(s) and the routing is done by the Verizon supplied router/gateway (which connects via coax/ethernet back to the ONT). Are you implying that in your case the ONT and router/gateway are all just one box/device where the fiber connects to?
Thanks in advance for the clarification.
-
I think he is describing fiber terminating at an ONT with ethernet to pfsense. Thats the best way to do it.
-
I think he is describing fiber terminating at an ONT with ethernet to pfsense. Thats the best way to do it.
Gotcha - I guess the part about putting the Vz Box in bridge mode is what threw me off since the ONT usually does not do any routing/wifi.
-
If he is putting a VZ box in bridge mode then he is most likely not connected directly to the ONT. Rather he is connected to the VZ router which has a MOCA connection back to the ONT.
My bad. Still, direct connect to the ONT is best.
Not really sure what verizon was thinking when they decided to go with that architecture.
-
I think he is describing fiber terminating at an ONT with ethernet to pfsense. Thats the best way to do it.
Looks like what I have (and all I have) from VZ is the current ONT. Sorry if I've confused everyone with terms or lack there of :)
-
Ah ok, so it looks like the ONT is connected directly to the WAN port on pfSense (i.e. no Verizon router/gateway inbetween).
In trying to isolate the problem I assume you have already tried to do am iperf/iperf3 test between your laptop and the pfSense box to make sure that the LAN interface(s) on the pfSense boxes are able to push out 1 gbit of traffic to downstream devices? Also, have you looked at your network statistics? Are you seeing any dropped packets and/or errors?
One other thing I might recommend is trying to tune your network a little bit since you have a very high speed connection.
https://forum.pfsense.org/index.php?topic=113496.0
https://calomel.org/freebsd_network_tuning.htmlHope this helps.
-
assume you have already tried to do am iperf/iperf3 test between your laptop and the pfSense box to make sure that the LAN interface(s) on the pfSense boxes are able to push out 1 gbit of traffic to downstream devices?
Hope this helps.you know…. for all the iperf tests I've done (VPNs, server to server, host to server, etc) I dont think I've done one from a workstation to pfSense... what a simple thing and silly thing to over look! Thank you!
(now I just have to wait :) lost my SG-4860 to a [potential] HW failure. As soon as I have one back in commission, I'll test that).
Thank you!!
-
In a connection where you have A linked to the WAN of B and the lan of B connected to the wan of C,
an iperf test from A to C will tell you the most about the health of B, which is hopefully the pfsense.
Nice picture. You couldn't take a bigger one? (kidding)
