Excellent speed, except on pfSense itself
-
I googled and searched the forum a lot. There are many reports of slow speeds BEHIND pfSense box.
But my problem is a bit different. I'm running pfSense for some years now. I have 7 VLAN's and have fantastic speeds everywhere. Except on the pfSense VM itself.pfSense is running in vmWare ESXi 6.5 and has 7 virtual NIC's in different VLAN's.
WAN is a Draytek VDSL modem (bridge) with pfSense doing the PPPoE part.Everything runs really smooth and stable. Fantastic speed and full IPv4 and IPv6 on all VLAN's. The only problem i face, and that for years and multiple pfSense versions, is that internet on pfSense itself is very very very slow. I mean really slow. Think of upgrading a package takes 10-15 minutes. Most of the time it even tells me that it can't load the list of packages ...
If i am in bash on pfSense i can't find any problem. DNS is running fine, ping to internet is working, no apparent problem except incredibly slow speed.
Has anyone a pointer to where i can start debugging ? Upgrading a pfSense version takes half a day, if it doesn't abort meanwhile ...
Cheers,
S.
-
Does IPv6 work on the pfSense itself, try to turn on "Prefer IPv4 over IPv6" in System -> Advanced -> Networking and see if it improves the speed.
-
Oh my god. I can't understand i didn't think of this myself before ... a ping6 www.google.lu indeed showed that ipv6 is not working on the pfSense itself. Your workaround did the trick.
Now comes the next challenge: Why does IPv6 work on all VLAN's except pfSense itself ....
-
Is it set to prefix delegation only? If it has an IP on the LAN side only it may not be using it. Check the v6 routing table has a default route.
Steve
-
@stephenw10 said in Excellent speed, except on pfSense itself:
Is it set to prefix delegation only? If it has an IP on the LAN side only it may not be using it. Check the v6 routing table has a default route.
On IPv6, the link local address is normally used for routing, not an assigned public address. It's entirely possible it would work without a routeable address on the WAN side.
Here's what mine shows:
Internet6:
Destination Gateway Flags Netif Expire
default fe80::217:10ff:fe9 UGS re0As long as the OP has something similar, he has a default route.
-
Indeed I have something very similar to that but I cannot use that as a source address. Obviously, it's link-local.
I would not expect the OP to be using that as source for a pkg update though.
Steve