New SG-3100 with gigabit comcast line... can't get over 540Mbps



  • Hi:

    I recently upgraded my comcast internet service at home to gigabit and found that my older PFSense unit (Netgate SG-2440) couldn't get over 540Mbps when using speedtest.net.

    So I did some research (pfsense and reddit) and several people said that the newer SG-3100 from netgate could handle NATing gigabit no problems and with the Marvell crypto engine even handle OpenVPN connections around 600-700 Mbps which would be a total bonus.

    However, I'm just not seeing the speed now that I have installed my SG-3100.

    If I connect my laptop with a USB 3.0 Gigabit ethernet dongle, I'll get the expected gigabit speed of around ~985Mbps as shown in the speedtest test below:
    alt text

    But when I throw the SG-3100 into the mix, the most I can get is around 510-540Mbps
    alt text

    I know that speedtest.net isn't the perfect test, but it is fairly consistent with other testing that I have done.

    Does anyone know why I'm not getting closer to gigabit speeds?

    Factory default config yields the same poor speed results.

    CPU during testing never gets over 46%. Both LAN and WAN ports are linking up at gigabit speeds.

    Any insight you can offer is very much appreciated.

    -Ed


  • Rebel Alliance Global Moderator

    Well for starters you not even using the same server for testing. I have seen many a server on speedtest not capable of the speeds.. Your high speed test using server Cruzio (santa cruz) while your lower speed test using comcast (san fran).

    Make sure your using the same server you see the higher speed test with.


  • Netgate Administrator

    How exactly are you connecting the SG-3100?

    Is it pulling a public IP via DHCP?

    I would certainly expect it to get close to line rate there in straight firewall/NAT throughput.

    Steve


  • Netgate

    How is your WAN provisioned? DHCP? PPPoE? Static?



  • I'm pulling the WAN IP via DHCP.

    The server doesn't matter. After 10+ tests with different servers, the results are all pretty much the same.

    Like I said before, straight out of the box default configuration yields the same results.

    Any ideas are appreciated.

    Thank you,

    Ed


  • Rebel Alliance Global Moderator

    From your public IPs you listed there in your 2 tests - your clearly on a different ISP segment when your slower vs the segment your on when your faster.

    So it is possible its your isp. I would suggest for a valid test take your isp out of the equation. Why don't you put box on the wan side running iperf, and a box on the lan side and do some testing that way, etc.

    have a 3100 here, but its in production - and would get screamed at for taking it down for a test ;) Sorry but our connection here is not gig, so I can not just do a speed test to show getting gig, etc.



  • I figured out what the problem was... and it had nothing to do with the Netgate SG-3100!

    Speedtest through the SG-3100 now....
    alt text

    The issue was that another gigabit 8-port switch was in between my main machine and my core HP ProCurve switch. It simply could not handle the sustained throughput.

    Once I connected my main machine directly to the core switch... viola... issue gone.

    Shame on me for not testing better (and being consistent with my test machines) before posting. I should have done better apples to apples testing. I'm sorry to bother the group with a bad post.

    Hopefully others will see this and know that those little 8 port gigabit switches can't really handle gigabit sustained traffic and they should really test everything before posting.

    Mea culpa,

    Ed

    PS: Does anyone have a favorite Bootable USB linux distro that has some nice network testing tools built in like iperf? I'd like to add it to my toolbox.


  • Netgate Administrator

    Nice catch. I would not have expected that. Even from the lowest of low end switches!

    Steve


  • Netgate

    Please name names. ☺ What switch was that?



  • @derelict said in New SG-3100 with gigabit comcast line... can't get over 540Mbps:

    Please name names. ☺ What switch was that?

    So.. I tried two...

    The worst one (in the original post) in terms of speed was the Trendnet "GreenNet" switch model TEG-S81g (HW v2.0R) with 514 Mbps.

    I then tried a non-green 8 port switch from Netgear- one of those "business grade" units with a metal box and probably lead weight inside. Model GS108-400NAS. It yielded slightly better- around 580Mbps.

    Hope this helps.

    -Ed


  • Netgate

    Thanks. Trendnet and Netgear are some of my all-time favorites. 🙄

    Was kind of hoping you'd say TP-Link though. :)



  • @derelict said in New SG-3100 with gigabit comcast line... can't get over 540Mbps:

    Thanks. Trendnet and Netgear are some of my all-time favorites. 🙄

    Was kind of hoping you'd say TP-Link though. :)

    TBH, I was surprised too! I've had really good luck with Netgear and TPLink switches.



  • @teksavy said in New SG-3100 with gigabit comcast line... can't get over 540Mbps:

    @derelict said in New SG-3100 with gigabit comcast line... can't get over 540Mbps:

    Please name names. ☺ What switch was that?

    So.. I tried two...

    The worst one (in the original post) in terms of speed was the Trendnet "GreenNet" switch model TEG-S81g (HW v2.0R) with 514 Mbps.

    I then tried a non-green 8 port switch from Netgear- one of those "business grade" units with a metal box and probably lead weight inside. Model GS108-400NAS. It yielded slightly better- around 580Mbps.

    Hope this helps.

    -Ed

    Thanks for the info. I have a TEG-S80g. I'll need to keep this in mind if I ever get gig internet.



  • My 3100 has been rock solid running Comcast Gig. Make sure you test with [speedtest.xfinity.com], it will use a dedicated server that is always able to do gig, when you just use speedtest you use other peoples servers, and most of the time they dont have gig bandwidth.

    I did have weird issues with my modem firmware causing slower speeds, but they appear to have fixed that. What modem model are you running btw?



  • I'm running a Motorola MB8600 (32 channels down and 8 channels up). Total speed demon and very reliable. Only thing I wish it had was more than one port. (It actually has 4 ports, but three are masked off- for use with bonded connections only).

    @behemyth said in New SG-3100 with gigabit comcast line... can't get over 540Mbps:

    My 3100 has been rock solid running Comcast Gig. Make sure you test with [speedtest.xfinity.com], it will use a dedicated server that is always able to do gig, when you just use speedtest you use other peoples servers, and most of the time they dont have gig bandwidth.

    I did have weird issues with my modem firmware causing slower speeds, but they appear to have fixed that. What modem model are you running btw?