Bandwidth Throttling ?

  • Hi all,

    I have a 1gbps line, right now on the LAN (LAN interface) I am only getting 320mpbs (poor me ☺ ) ). If I plug into the providers router via LAN and do a test I get 1.5gbps. So I am looking between the FW and the provider.

    Firstly some info on the firewall:

    2.4.4-RELEASE-p3 (amd64) 
    built on Thu May 16 06:01:19 EDT 2019 
    FreeBSD 11.2-RELEASE-p10 
    Netgate XG-7100
    Vendor: coreboot
    Version: ADI_PLCC-
    Release Date: Thu Sep 13 2018 

    Now what I have checked:

    • Any settings on the WAN and LAN interface that could limit - Result none.
    • Checked the throttling or traffic shaping settings - I have nothing set on: by interface (LAN and WAN) by queue, by limiters and Wizards - Nothing set

    These are the only two area's I could think that there would be anything that could or would limit it. I checked the logs nothing abnormal w.r.t. speed, throttling or such.

    This behavior (speed degradation) only happens when behind the firewall when in front of the firewall (directly into providers router) I get the full 1.5gpbs - drop in speed is significant 1.2gbps. The provider has checked everything on thier side and has verified, I can attest to that as on their router at my house I get the speed I am paying for.

    Is there anywhere else I should check?

  • LAYER 8

    what isp is it? we had a similar discussion just yesterday ...

  • Do you have a complicated setup - lots of VLANs, static DHCP leases, piles of firewall rules or NAT rules, etc.?

    What I'm getting at is if you don't have a setup like this, refresh the XG-7100 to factory defaults and check your speed test again. A factory fresh box like this should be able to easily keep up with a WAN connection like that.

    By the way, how are you connecting your WAN port to your ISP - static, DHCP, PPPOE? PPPOE has some overhead, but not that much.


  • @kiokoman hi there it is a ISP called VUMA in ZA.

  • @akuma1x

    Thank you for the answer.

    • Don't have complex Rules or many of them tbh - I know overkill but I run this at my home. I have three over and above the default ones. Mostly blocking a group of IP's which are all my cameras out and inbound (about 10 of them)
    • No VLANs what so ever
    • Yes I have three statics one of which is the firewall two others are for laptops that I use in case of anything I need to do directly on the firewall.
    • On the WAN port you correct it is PPPOE

    On refreshing to factory default, can I restore my settings back that I had would really hate to reinstall all the packages and configure them.

  • @Carlos-Magalhaes said in Bandwidth Throttling ?:

    On refreshing to factory default, can I restore my settings back that I had would really hate to reinstall all the packages and configure them.

    What packages do you have installed?


  • @akuma1x

    • I have the following: Packages.jpg

    • However snort and suricata are stopped and I have them off for a while so it was not done as part of this fault finding: Runstate.jpg

  • LAYER 8

    i will try also to clone the MAC address from the providers router to pfsense pppoe interface

Log in to reply