Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Help with network design and diagnosis of slow FTP

    General pfSense Questions
    4
    5
    2975
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      simonthorpe last edited by

      I'm moderately knowledgeable about networks and have had some problems with my Comcast performance recently. I was using a D-Link DIR655 and this didn't allow me to have good visibility of what was happening on the WAN interface. So I decided to build a pfSense machine so I could see in more detail what was going on. My network setup is attached and I have two questions.

      1. Any comments on the numbering/design of the network?
      2. I am having some real problems with FTP performance. The desktop on the LAN is getting 500k speeds over FTP to the Server in the DMZ.

      Before I switch to this new design, I could download from the server at speeds around 5-6mb, but now I can't get anything above 500k. Anyone know where I start diagnosing this? FTP performance to public websites is fine, it just seems to be an issue going from LAN->DMZ. I've also tried transferring data from the HTTP server in the DMZ and I also get very poor network performance.

      Details of my configuration are on this website, http://www.daftdonkey.com/external/network/design/index.html

      D-Link DIR655

      WAN Static setup
      IP: 192.168.150.2
      Subnet: 255.255.255.0
      Gateway: 192.168.150.1
      Primary DNS: 68.87.76.178
      Secondary DNS: 68.87.76.130
      MTU: 1500

      LAN setup
      IP: 192.168.1.1
      Subnet: 255.255.255.0
      Enable DNS relay: Yes
      Enable DHCP Server: Yes
      DHCP Range: 192.168.1.100 - 199
      DHCP lease (mins): 1440

      Wireless setup
      SSID: Wireless
      802.11 mode: Mixed 802.11n, g, b
      Channel auto scan: Yes
      Channel width: Auto 20/40 MHz
      Security: WPA-Personal

      Other settings
      No virtual servers, port forwards or any rules defined.
      Traffic shaping disabled.
      SPI firewall disabled.
      Anti spoof checking disabled.
      UPNP enabled.

      pfSense
      WAN: DHCP
      Disabled userland FTP-Proxy application
      Block private networks
      Block bogon networks

      LAN: 192.168.150.1/24
      DMZ: 192.168.200.1/24

      1 Reply Last reply Reply Quote 0
      • K
        ktims last edited by

        What's the hardware you're running pfSense on? Why do you have the DIR-655 doing NAT? And I wouldn't expect much from a USB NIC. If you must use one, use it for your slowest link (ie. the WAN side).

        1 Reply Last reply Reply Quote 0
        • S
          simonthorpe last edited by

          Actually i've solved this by changing the design of the network. Thanks!

          1 Reply Last reply Reply Quote 0
          • M
            mberryman last edited by

            Hi, I am a pfsense newbie!  Here at work we connect to the Medicare site by first dialing up and then through ftp.  Right now we have to disable our local area network everytime we are sending a file.  Can you tell me what I need to change where we won't have to disable our network every time?  Do I need to uncheck any of the settings under 'FTP helper'?

            Thanks
            Marty :-\

            1 Reply Last reply Reply Quote 0
            • Cry Havok
              Cry Havok last edited by

              A little more information is required.  At the very least why you have to disable the LAN.  What happens if you don't?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post