Slower via PFsense than direct WIFI

randombits

I've just noticed my internet connection is slightly slower via Pfsense than direct WIFI.
What I mean by this, I connect to the internet by my 'old' adsl router and it's WIFI, PFsense is connected to the same router it via ethernet (double nated)

Result via PFsense openspeedtest.com/results/31399202

Result via WIFI openspeedtest.com/results/31399254

I guess it's because of how I'm connected - but just seemed odd. It's very consistent and repeatable

stephenw10

Those results are to servers a long way apart, Amsterdam and Slough. I assume you are closer to Slough?

Steve

randombits

Yes, I'm in Cornwall (closer to Slough) . I'll repeat the tests with the same servers.

kiokoman

uhm 2.20 vs 2.36
too small difference to say it's pfsense
it wouldn't surprise me if you repeat the test and, it have, as results, the other way around

randombits

I've done some more tests with speedtest.net using the same server and turned off pfblocker to remove any bias. And again the results are about 10% slower via pfsense

WIFI 8/28/2019
9:24 AM 15 ms 2.45 down 0.66 up

PFsense 8/28/2019
9:22 AM 15ms 2.24down 0.65 up

I realise any online speed tests are notoriously inaccurate but still a bit odd. I'm guessing it could be frame size differences or something like that :-/

Also seems odd that pfsense always wants to use Amsterdam with Openspeedtest

randombits

@kiokoman I agree, but the results are consistently slower via pfsense. I'm just trying to find out why.

kiokoman

what are you using as pfsense machine ?

randombits

@kiokoman It's mini-itx DQ77KB with 3GB ram and an i5-2390T cpu using the two onboard Intel NICS WAN and LAN. That's connected to a adsl wifi router via one of it's Ethernet ports therefore, pfsense is double NATed

When I do an iperf to a local raspberry pi connected to the wifi router via ethernet I get around 92.5 Mbits/sec!

A VERY poor network diagram

kiokoman

check this tuning maybe they can make it better https://docs.netgate.com/pfsense/en/latest/hardware/tuning-and-troubleshooting-network-cards.html

johnpoz

@randombits said in Slower via PFsense than direct WIFI:

WIFI 8/28/2019
9:24 AM 15 ms 2.45 down 0.66 up
PFsense 8/28/2019
9:22 AM 15ms 2.24down 0.65 up

How are you running these 2 tests only 2 min apart, if your switching your laptop.. And your doing pfsense first, then your wifi router.. And your doing one wired and one wireless? So you have the laptop connected to both at the same time?

So your doing one test via wifi, and other test via wired - maybe its your wifi router.. Test from your pi what speeds do you get with it?

randombits

@johnpoz I physically disconnect the ethernet from the laptop then turn on wifi then vise-versa turn off wifi then plug in the ethernet so no one time is both on.

I looked at and changed some of the applicable turning examples with no change. I'm now looking at my elderly Draytek router as the main suspect.

Just VNC'd into the PI and did a openspeedtest.com/results/31410751 I think confirms your suspicions - (I don't know how to do a command line speed test out over the internet)

Yep I guess this confirms it ...
Test done with a Rasp-PI on ethernet>adsl (wifi router)

Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Clouvider Limited (Enfield) [24.18 km]: 21.114 ms
Testing download speed................................................................................
Download: 2.18 Mbit/s
Testing upload speed................................................................................................
Upload: 0.74 Mbit/s

stephenw10

You might try running the speedtest-cli test directlly from pfSense:

pkg install py27-speedtest-cli
rehash
speedtest-cli

I guess every kilobit counts!

I imagine you've looked into it already but using a dedicated modem and connecting it as close to the master socket as possible can improve the dsl sync rate, sometimes significantly.

Steve

randombits

Thanks Steve, As luck would have it the power here just blipped and now the router is back at 3.5 mbs for how long I don't know - it's tends to unstable above 3.

Yes, I intend to replace my old Draytek 2600VG with a Draytek 130 modem and a Ubiquiti AC pro AP and, of course, Pfsense.

I have four Raspberry PI's for Node-red, Grafana, Pi-hole, ads-b, FreePBX, OSMC

The only phone wiring in the house is over a door frame maybe 16ft in total from the master socket (I removed some other wiring that did speed up the line when we move here)

I'll give speedtest a go on Pfsense.

stephenw10

Ah, I never used the V130 but I did use the V120 for years with great success. Just the link data it provided was useful.

What connection do you actually have there? adsl2(+), vdsl? Just plain adsl even for <8Mbps?

I guess you're in one of those areas providers like to pretend doesn't exist.

Steve

randombits

The V130 sounds very good, they also do PCIe version 132 I think.
Plain old ADSL - Samknows reports - We're about 3.5Km from the exchange and ~600m from the 'FTTC' box

BT Wholesale ADSL
BT Wholesale ADSL Max
BT FTTC

As you see we could get FTTC but until very recently I've had a VERY CRAP line, noisy all the time Openreach dug up outside a replaced a junction box ...

More or less the same using speedtest-cli on PFS, but of course now messed up with the 'new' line adsl connection speed

randombits

As expected, the speeds are slower via Ethernet to the internet than WIFI to internet

The numbers being
WIFI 3.01 down 0.74 up
Ethernet 2.54 down 1.02 up

Numbers are different from previously because I had a short power outage and now line speed has negotiated to a higher speed at 3mbp/s

So it's a 'issue' with my router rather than PFsense going from ethernet to the internet.

stephenw10

Well it's hard to say. Certainly I would not expect that hardware to even notice 3Mbps. It is capable of 1Gbps easily.

I would not recommend the PCIe card version of the modem. It's interesting but unless you are massively space restricted it really just limits your options. Better to put the V130 a close to your master socket as possible and then run Ethernet to where ever the firewall is conveniently located. Unless you're lucky enough to have those in the same location.

Steve

randombits

Thanks Steve, Yes, It's quite difficult to nail it down to why I get these speed variations between WIFI and ethernet.

The master socket is one side of a door frame and the other is a phone extension socket along with a twin power socket. Don't worry I won't get the PCI version. The whole idea is to have separate devices. It's a pity the V130 isn't POE that would make life easier. I did think about using an existing phone wire (4pairs) as a power cable(12V) for the V130 and power it from another location over that. That would put a V130 right next to the incoming master socket. Then I could use another pair in the same cable as a VOIP extension to the existing phone extension socket. I would only need put CAT6 up the wall next to the phone cable into the loft.