SG-4860 - throughput question
-
I have multiple SG-4860 boxes with ver. 2.4.4 pf. For years I noticed that even when I do no extra packages very limited NAT if any, the throughput is not fast, at least in my case is top 800, maybe 850Mbs. Why? why isn't this close to 1Gb like when I test directly from hand off? It happens on multiple boxes, multiple firmwares I had. The situations is not far better with SG-8860 or XG-7100(the last one I did not tested extensively) What am I missing?
What are your speeds assuming minimal load at the time of test? -
Here is another thread on more or less the same topic though no solution was ever reached:
https://forum.netgate.com/topic/135540/gigabit-wan-sg-4860-slow-throughput/5 -
Yeah that bothers me because e.g much cheaper fortigate 60E gets 1Gbs easily.
I would really like to know what other people are saying about that -
I'm pulling close to 950M when running a speed test through my 4860 with pf+NAT. I would verify a few things.
1.) What are your PowerD settings, try both Hiadaptive and MAX with it enabled.
2.) What duplex settings are on the WAN port.A note on speed testing, testing on the firewall is a 'bad' plan, it's designed for routing. Have your speed test on a separate machine behind the firewall. While running the test, don't be logged into the WebUI, if you want to see what processes are running, ssh or console in and run TOP.
-
- PowerD is disabled by default, all 3 options there are selected to Hiadaptive but I guess that does not work till not enabled?
- Duplex is auto, testing on Macbook
-
PowerD should be enabled. Should be set to either MAX or Hiadaptive.
How is your Macbook connected to the firewall?
-
It is connected straight to LAN port or OPT1 to gig switch
By default it is unchecked every box I have and that is how it comes
-
Click enable, does that speed things up?
-
I will give it a try when it will be doable for me and let you know what results I get.
-
Please let us know.
-
Ok so this gets little more complicated, there is a bunch o ways to test it, in these days people tend to use speedtest.net which is good imo for lower than 500Mbs speeds. Once it faster it gets not so good results way to often. Most of those websites use same Ookla for their speed test, VZ, Spectrum all sucks. I tried also dslreports.com/speedtest but most accurate i got from different one. So far I tested using two different thurnerbolt 3 adapters on MB pro on SG-8860 and I had a feeling that event on speedtest hiadaptive was not enough to get speed past 900, no matter what end server I was choosing. Maximum setting was definitely the most efficient. With the speedsmart I was able to get something close to ideal like 960, 970. Another puzzle is when you try to loadbalance few ciructs like I sometimes do e.g. 1Gbs + 300Mbs or 2x500Mbs, usually less effective with higher speeds than single pipe. I will try to get more result from different circuts, differnet configurations and let you know.
-
@mke said in SG-4860 - throughput question:
I was able to get something close to ideal like 960, 970.
I doubt that. Even in perfect "lab" conditions, max thruput on 1Gbe Ethernet (without using jumbo frames) is ~941Mbps. You can read more on that here. I've never seen anything higher than that in my testing. The good news is I have been able to hit 940 very reliably when I run Ookla speedtest on a 1G fiber line w/ Netgate 4860 & now 5100.
