Bandwidth Throttling ?
I have a 1gbps line, right now on the LAN (LAN interface) I am only getting 320mpbs (poor me ) ). If I plug into the providers router via LAN and do a test I get 1.5gbps. So I am looking between the FW and the provider.
Firstly some info on the firewall:
RELEASE VERSION: 2.4.4-RELEASE-p3 (amd64) built on Thu May 16 06:01:19 EDT 2019 FreeBSD 11.2-RELEASE-p10 HARDWARE VERSION: Netgate XG-7100 CORE BOOT VERSION: Vendor: coreboot Version: ADI_PLCC-01.00.00.10 Release Date: Thu Sep 13 2018
Now what I have checked:
- Any settings on the WAN and LAN interface that could limit - Result none.
- Checked the throttling or traffic shaping settings - I have nothing set on: by interface (LAN and WAN) by queue, by limiters and Wizards - Nothing set
These are the only two area's I could think that there would be anything that could or would limit it. I checked the logs nothing abnormal w.r.t. speed, throttling or such.
This behavior (speed degradation) only happens when behind the firewall when in front of the firewall (directly into providers router) I get the full 1.5gpbs - drop in speed is significant 1.2gbps. The provider has checked everything on thier side and has verified, I can attest to that as on their router at my house I get the speed I am paying for.
Is there anywhere else I should check?
what isp is it? we had a similar discussion just yesterday ...
Do you have a complicated setup - lots of VLANs, static DHCP leases, piles of firewall rules or NAT rules, etc.?
What I'm getting at is if you don't have a setup like this, refresh the XG-7100 to factory defaults and check your speed test again. A factory fresh box like this should be able to easily keep up with a WAN connection like that.
By the way, how are you connecting your WAN port to your ISP - static, DHCP, PPPOE? PPPOE has some overhead, but not that much.
@kiokoman hi there it is a ISP called VUMA in ZA.
Thank you for the answer.
- Don't have complex Rules or many of them tbh - I know overkill but I run this at my home. I have three over and above the default ones. Mostly blocking a group of IP's which are all my cameras out and inbound (about 10 of them)
- No VLANs what so ever
- Yes I have three statics one of which is the firewall two others are for laptops that I use in case of anything I need to do directly on the firewall.
- On the WAN port you correct it is PPPOE
On refreshing to factory default, can I restore my settings back that I had would really hate to reinstall all the packages and configure them.
I have the following:
However snort and suricata are stopped and I have them off for a while so it was not done as part of this fault finding:
i will try also to clone the MAC address from the providers router to pfsense pppoe interface