Fast speeds web browsing - grinds to a halt if torrenting



  • Hi all,

    Per the title, I have PFSense installed on a dedicated server with AirVPN configured on the OpenVPN module.  I am running the exact same setup as my friend.  He configured both of our firewalls - he happens to be a network engineer himself - his works fine and mine doesn't and we're both stumped.

    Web browsing, streaming, anything you would consider to be normal Internet usage shifts along at 250mbps+ but attempt to download some torrents and everything grinds to a halt with a max download throughput of 10mbps (not just torrenting, regular browsing is also throttled).  This is not a seeding issue - switch back to using ISP only and I'm getting full 300-400mbps no problem.

    Here's a list of things we have tried:

    • Updating from latest stable to latest development build

    • Reinstalling pfSense and reapplying backed up config

    • Reinstalling pfSense and recreating the config from scratch

    • Downloading to different computer and with different torrent client

    • Updating to latest server BIOS

    • Purchasing a new network card

    • Swapping WAN to onboard from dedicated card, then back again when that didn't help

    • Double and triple-checked port forward was configured correctly and rules and NAT configured

    Here's the server:

    • Dell Poweredge T110 ii

    • Intel(R) Xeon(R) CPU E31230 @ 3.20GHz

    • Intel D33682 NIC

    The maximum CPU usage we've seen is 8% so CPU power is absolutely not a factor.  In fact, the server from a hardware standpoint appears to be in top shape and more than capable.  We bought a replacement NIC just because it was something we could try but ultimately made no difference.

    Any help in this matter is appreciated.  Please ask questions of us, with any luck we may find a clue as to just what the hell is going on.  Thank you.



  • Verify you don't have any rogue traffic shaping rules or limiters.

    Are you routing all traffic over the AirVPN tunnel?

    Do you have a site-to-site tunnel to your friend's firewall?  I doubt this is it, but double check that your rules are not routing traffic through your friend's connection

    I would need to see your OpenVPN config's and your firewall rules to offer more targeted troubleshooting.



  • Thank you for your response.

    Verify you don't have any rogue traffic shaping rules or limiters.
    There is nothing unusual

    Are you routing all traffic over the AirVPN tunnel?
    Yes

    Do you have a site-to-site tunnel to your friend's firewall?  I doubt this is it, but double check that your rules are not routing traffic through your friend's connection
    No

    I have attached my config xml, obviously with all PID elements redacted.  Feel free to see if you can find anything out of the ordinary.

    config-pfSense.localdomain-20180323100433.xml.zip



  • from what i can read of your log you are using the wrong encryption:

    the airwatch pfsense states: Encryption Algorithm = [ AES-256-CBC (256 bit) ▼]    you are not utilizing that

    i would start there, not saying that will fix it though



  • AES-256-CBC (256 bit key, 128 bit block) is utilised on both AirVPN clients.  See attached screenshot.