New to PFSense, trying to get gigabit to work



  • I'm brand new to PFsense and looking for some help.

    I am a gigabit FIOS subscriber.  My G1110 is on its last legs and I thought it would educational to setup a pfSense router to replace it.  I had a 5 year old PC laying around that I thought I could use.

    Bottom line:  I'm not getting the performance that I was getting when my old G1110 was working well.  I would routinely get 850-900 Mbps up and down with Verizon's router.  Now I seemed to be capped at 350 Mbps in each direction.  The connection has been stable.

    I'm trying to make this a fairly simple install for now.  I don't have any packages installed.  No traffic shaping yet.  I used the directions here to setup the WAN interface: https://forum.pfsense.org/index.php?topic=114389.msg716205#msg716205.  I did enable RAM disks for both VAR and TMP.  No reason… just have 12GB of RAM to use.

    (BTW, no FIOS STBs in the mix.)

    Here's all of the hardware specs that I think might be important.

    AMD Phenom(tm) II X4 965 Processor
    4 CPUs: 1 package(s) x 4 core(s)
    AES-NI CPU Crypto: No
    ASUS M4A87TD Motherboard
    12 GB RAM
    75Mb Intel SATA SSD
    Intel PWLA8492MT PRO/1000 MT PCI/PCI-X Dual Port Server Adapter

    Are there any tweaks to apply to improve performance?  Anything I should watch in the logs?  Is there an issue with my hardware selection?

    Thank you so much for your help and expertise!
    John



  • There is no issue with your hardware selection as it was free; however, bear in mind it's only good up to V2.5. Welcome to PFSense and I would suggest to get familiar over the month before stressing over speed tweaks. With that much memory, I would start adding packages that you know you'll use…just to get familiar.


  • Rebel Alliance Global Moderator

    Don't think he is interested in just tweaking.. Looks like he wants to be able to get the speed he was getting before..

    "Now I seemed to be capped at 350 Mbps in each direction. "

    If you were only getting 350 from your gig line I don't think you would be interested in using pfsense going forward..  Wish I could help more - but don't know enough about AMD.. But that is bit older than 5 years those came out in mid 2009… So your at 8.5 years.. Maybe it just can not handle it..  Remember cpu years are worse than dog years... That thing should of been put down long time ago ;)



  • PCI has a max theoretical throughput of 133MiB/s total. Gigabit is 125MiB/s bi-directional for a total of 250MiB/s. The PCI is shared with all other devices on the bus. Even worse is it uses split distribution of time-division.

    Now, you're talking about receiving from the LAN interface to the WAN interface. That means you need 125MiB/s to receive, and another 125MiB/s of IO to send, effectively cutting your PCI bandwidth in half. 350Mb/s sounds about right for ANY PCI NIC.



  • Harvy66 has it figured out. The old PCI bus is simply too slow for 1Gbit NICs, especially a dual port one.

    Since your motherboard also has PCIe slots, you should consider buying a used dual port NIC for PICe x1, which is fast enough.



  • PCI has a max theoretical throughput of 133MiB/s total.

    This is true for PCI 32bit 33 MHz but consumer grade motherboards run at 66 MHz (on Z170 it does). That would make it a theoretical throughput of 266MiB/s total.



  • @Cybermaze:

    Harvy66 has it figured out. The old PCI bus is simply too slow for 1Gbit NICs, especially a dual port one.

    Since your motherboard also has PCIe slots, you should consider buying a used dual port NIC for PICe x1, which is fast enough.

    Agree…his best bet would be to use the PCIe...I have similar age hardware and I use the single PCIe✕1 slot.



  • Thank you folks!  Certainly makes sense… didn't even think about bus limitations when I started the project.

    You all rock!

    Now I need to figure out if I can free up a PCIe slot... currently populated by a double-wide video card.  No on-board video, so I'll need a to figure out a cheap way around that. Bummer... my free project isn't so free anymore.

    I guess I need to sleep on it.

    Again, thank you all for the quick and thorough answers.  Impressive!  :)


  • Rebel Alliance Global Moderator

    " currently populated by a double-wide video card"

    Router doesn't even need a video card ;)