gigabit internet with Zotac ci323 Speed bottleneck



  • For years, I've been happy with my pfSense firewall acting as my home internet gateway.

    Recently, I was offered a good deal on gigabit cable (1000Mb/30Mb) internet here. Jumping from 100Mb/10Mb service.

    I know it's not easy to achieve full gigabit speed. When hardwired directly into ISP's modem/router box, I get about 800Mb down.

    Putting the ISP router in bridge mode and go through my Zotac CI323 box however, only gives me at most 480MB. This is after I compiled and loaded the new Realtek 1.95 driver for FreeBSD 11.2. I was in mid 300 range using the built-in driver I'm on 2.4.4Dev by the way.

    I tried turn off some services. Turning off bandwidthD seems to bump the speed to up 600Mb. I don't have any other non-stock services running other than OpenVPN. I tried disable HW checksum offload and no difference there.
    Any further suggestions from you guys on additional tweaking from software perspective? I don't want to move to new hardware.



  • @chevywu said in gigabit internet with Zotac ci323 Speed bottleneck:

    Recently, I was offered a good deal on gigabit cable (1000Mb/30Mb) internet here.

    I wonder why fibre ISPs still have asymetric bandwidth. With coax and also ADSL, there were valid reasons for it. Not so with fibre.



  • @jknott what I got is coax. It's offered by cable company Rogers here in Canada.



  • Have you tried running iperf against the LAN port from a client on your local network? I run a CI323 also, just tested mine and got about 860Mbps UDP but only 350Mbps TCP. I also run snort though . . . not sure if that could plausibly impact TCP throughput significantly more than UDP. But the fact that disabling bandwidthD got you a speed increase of roughly 120Mbps would seem to suggest that your bottleneck is not necessarily the NIC. Have you monitored CPU and other resource utilization during your speed testing?



  • CPU usage doesnt seem to be problem. It's always low (<10%).

    Just ran iperf on TCP towards a local server:

    Client connecting to 10.0.5.11, TCP port 5201
    TCP window size: 64.2 KByte (default)

    [ 3] local 10.0.5.1 port 41649 connected with 10.0.5.11 port 5201
    [ ID] Interval Transfer Bandwidth
    [ 3] 0.0-10.0 sec 844 MBytes 708 Mbits/sec

    Just curious, is snort limiting your speed because of CPU usage?



  • Hi @JKnott

    I found so much information from you and other contributors about pfSense on Rogers. Your response was very, very helpful.

    I changed out my motherboard, NIC's, SSD and still my intermittent disconnects did not go away until I turned off gateway monitoring and gateway action. I also followed your other advice here in this forum on how to setup DHCP6, DHC4 on the WAN.

    BTW, after all the trouble shooting, I am actually back to an old ASUS motherboard that has Intel Ethernet on board and then I have one genuine Intel single port stick in a PCI Slot.

    I am thinking of starting a new thread regarding all my investments in a new motherboard (in the past 2 weeks) (AMD APU) with a dual Intel ethernet card installed.

    Seems to boot but pfsense crashes within 2 to 3 days.

    Any thoughts would be much appreciated.

    Mark



  • @redstonemason said in gigabit internet with Zotac ci323 Speed bottleneck:

    I turned off gateway monitoring and gateway action. I also followed your other advice here in this forum on how to setup DHCP6, DHC4 on the WAN.
    BTW, after all the trouble shooting, I am actually back to an old ASUS motherboard that h

    That's quite an investment Mark.
    For me, I think if I can't get close to 800Mb, I will probably downgrade to their 500Mb plan and save 10 buck.



  • @chevywu said in gigabit internet with Zotac ci323 Speed bottleneck:

    @redstonemason said in gigabit internet with Zotac ci323 Speed bottleneck:

    I turned off gateway monitoring and gateway action. I also followed your other advice here in this forum on how to setup DHCP6, DHC4 on the WAN.
    BTW, after all the trouble shooting, I am actually back to an old ASUS motherboard that h

    That's quite an investment Mark.
    For me, I think if I can't get close to 800Mb, I will probably downgrade to their 500Mb plan and save 10 buck.

    Did you ever succeed in improving your download speed? I am also stuck around 550Mbs



  • No, I didn't.
    I feel it's a combination of both NIC and CPU.
    So, I went with a full workstation setup with a i7 3700 CPU and a eBay fake Intel NIC.



  • @chevywu said in gigabit internet with Zotac ci323 Speed bottleneck:

    No, I didn't.
    I feel it's a combination of both NIC and CPU.
    So, I went with a full workstation setup with a i7 3700 CPU and a eBay fake Intel NIC.

    In case you were wondering, i was able to get 750/750 working by tweaking it:

    sysctl net.isr.dispatch=deferred AND Disabling the Kernel PTI workaround for Meltdown in System > Advanced > Misc.



  • Thanks for letting me know.
    I decided to upgrade on HW mainly because I want the box to do more. IDP, bandwidth monitoring and Traffic shaping...


Log in to reply