Throughput performance
-
I have pfsense rc4 installed on a dell poweredge 2950. It has 6 nics.
The pfsense box is connected to our switch and its used as the default gateway.
By some users on the network the login times are very slow, also loading profiles takes about 30 minutes.
Does this has something to do with MTU?
I'm not using traffic shaping.Setup:
WANModem –--- Pfsense --- switch ---- Domain controller
-
I have tried changing the mtu but it doenst work. Users still experience slow login times.
-
Your users are on the same switch than the domain-controller. Right?
-
yes, now i put the rc2 version on my new server and i still have the same problems. the only thing that is different is that my server has 2 broadcom gigabit network cards. and one intel quat port card. Both are detected by bsd but on both i have the same performance problems.
i have a running workstation here that works perfect with realtek network cards.100 mbit.
-
Well if the users are on the same switch than the server there is no way pfSense has any influence on your problem.
–> The users can connect directly to the server and never send anything to pfSense. -
my pfsense is the default gateway
-
Traffic from the Client will not pass through pfsense as the Domain controller is on the same network L2/L3.
-
why is the problem then fixed… when i put my pfsense workstation in place?
-
Now i'm confused.
You will have to give way more details on what exactly you're doing
(crystalball about what you're changing in your setup is broken) -
hehe i'm confused too.
This is the situation.
Test workstation with 6 realtek nics works fine:
nic1:lan
nic2:servers
nic3:printers
nic4:wan1
nic5:wan2
nic6:sparedell poweredge 2950 III
Server with 2 onboard broadcom nics
nic1:lan
nic2:servers
quad port intel pro 1000 vt nic:
nic3:printers
nic4:wan1
nic5:wan2
nic6:sparedhcp server active, dns from 2 dc's .
Clients get the ip from the pfsense server and are using dns from the dc's. Lookups and internet everything is working well except some users experience very slow login times. When using the pfsense workstation it will all work great.
On the server i switched the interfaces so the servers where on the quad port nic.. still same performance issues.
Does it have something to do with the Broadcom TCP/IP Offload Engine functionality? -
I will try to disable TEO for all the nics tomorrow. I have read that it can even cause backup problems when using windoze servers.
See http://en.community.dell.com/forums/t/18330117.aspx?c=us&l=en&cs=04&s=bsd
And this is for the intell card:
http://downloadmirror.intel.com/10957/ENG/README.txt -
Why oh why is there the need for all those subnets? They are different right? Usually, unusually long log in times in a domain are because of the DNS setting pointing to the gateway rather than the Domain controller as DNS server. Another thing that jumps out is whether the DNS server is using ITSELF or the default gateway as it's DNS source.
Have you tried pinging one of the servers or clients by their dns name?
Usually in a domain situation there is a dns server on each subnet which replicates with all the other dns servers to allow speedy resource access.
This sounds like a basic configuration problem. My knee jerk reaction is to get rid of all those subnets.
-
Delays in loading profiles inside your network indicates you're breaking your DNS somehow. Maybe by assigning pfSense as your DNS server, without configuring it appropriately to resolve your AD domain.
-
My dns server was my primary DC and it still is.
Sorry to say.. i have installed isa 2006 configured it. and now all my problems are gone.
Thanks for all your help anyway!
