Am I in over my head?
-
So... I scavenged this industrial motherboard from the recycling bin at work. Its a first gen intel i7 with two realtek gigabit NICs. I fabricated a neat little box, soldered a DB9 serial port. installed pfSence through the console. No problem at all. supper easy and was happily in my element with all of that (fun!). The WAN is up, the LAN is up and I can browse into the web GUI. Piece of cake!.... Well that's where my comfort level abruptly ends. I can setup a dumb $50 router from BestBuy. You plug it in and set a password done! that s my level of networking knowledge pretty much.
So I want to lean and set up a decent firewall and VPN and strictly for home use only I also want to learn a little network engineering along the way. However I am so overwhelmed by pfSence that I'm just lost. Even though I was able to easily install pfSence on some junk I found lying around, it dose not work at all... well I consider 0.03mbps to be a failure of throughput. That's all I can get it to do. I have been reading guides and searching google for a couple of days but I'm a bit cross eyed now.
Would anyone here be willing to help? I'm usually really good at learning things on my own but this subject has got overwhelmed.
-
Oh I will be willing to donate to anyone who teaches me my complete hardware setup. I scavenged a few of these. I have the last one up on ebay right now. No one seems to want it and i will give it away now. link text
-
pfsense in its default form is very usable and safe. Change the default password if you haven't..
What kind of internet connection are you using? Model of modem? Draw us a mental picture of your whole setup.
What does this test tell you? http://www.dslreports.com/speedtest
-
@badfrogg said in Am I in over my head?:
well I consider 0.03mbps to be a failure of throughput.
Ha, yeah I'd agree with that! Realtek NICs are not great but.... not that bad.
With that sort of throttling I would first check the Status > Interfaces page for errors/collisions on the interfaces. Make sure they both show 1Gbps full duplex with autonegotiation. Assuming that that both are connected to Gigabit devices that autonegotiating.
Steve
-
@chpalmer said in Am I in over my head?:
What kind of internet connection are you using? Model of modem? Draw us a mental picture of your whole setup.
Ok, it couldnt be much simpler. At the moment I have two different ISPs
The one I'm currently testing is Frontier FiOS (old verison ONT - Motorola ONT1000GJ2) No router, I get a WAN address directly from the ONT.
So the topology is:
FiOS ONT > pfSense WAN (re0) - LAN (re1) > computer. That's it. -
This is what the Status > Interfaces page looks like.
-
Did you have to call frontier to ask them to make any changes to take their router out of the equation?
Such as convert from the cable connection to the ethernet port? (if the Motorola ONT has that..)
Have you ever used any other device on the FIOS? Do you get full speed from a direct connection?
Just trying to rule items out to locate the source.
-
@chpalmer said in Am I in over my head?:
Did you have to call frontier to ask them to make any changes to take their router out of the equation?
Such as convert from the cable connection to the ethernet port? (if the Motorola ONT has that..)
Have you ever used any other device on the FIOS? Do you get full speed from a direct connection?
Just trying to rule items out to locate the source.
You may be on to something. I originally asked them to set me up with the direct WAN connection and never used their router. Instead I used a DD-WRT router and that has been set that way for many years.
Maybe they see a new MAC and shut me down...?
Oh, and yes. I just plugged the ONT directly to the computer and it did not work,
-
Yeah that is highly possible. We had to pull the battery at one of our sites when we installed.
-
So. while I wait on the phone with Frontier to reset my ONT. I wanted to ask; Do you guys think that this hack job router pieced together out of 10 year old parts is better then a Walmart router for my home?
Or maybe I was thinking of just getting a Ubiquiti EdgeRouter X for $60
-
Well. Frontier would not provide any support as soon as they figured out that I was using a third party router. It must be some WAN setting specific to this modem but I just dont know.
-
Try spoofing the MAC address on WAN to whatever the DD-WRT device was.
https://docs.netgate.com/pfsense/en/latest/interfaces/interface-settings.html#mac-spoofingSteve
-
@stephenw10 said in Am I in over my head?:
Try spoofing the MAC address on WAN to whatever the DD-WRT device was.
https://docs.netgate.com/pfsense/en/latest/interfaces/interface-settings.html#mac-spoofingSteve
So following these directions to spoof the MAC it says to add a shell command into the config XML. "may require running the NIC in promiscuous mode" I put the MAC of the DD-WRT router in and that did nothing
Can you tell me what that syntax would be? The example given is:
"/sbin/ifconfig em0 promisc"
But for my NIC wouldnt it be, and is the parameter "promisc" even valid for a realtek NIC?
"/sbin/ifconfig re0 promisc" -
That's only in some special cases. Almost all NICs can be spoofed in the WAN interface settings directly, there's a field for it in Interfaces > WAN.
Steve
-
I was just doing due diligence since putting in the MAC did not fix the problem. I found an example of a NIC command for promiscuous mode.
I added the line into the config XML.So I was trying to post in the code but I cannot because it flags the post as spam???
-
So here is some more information. I switched over from my Frontier FiOS modem to my Spectrum cable modem and now my speed is 100 time faster. That's 0.03mbps to 3mbps.
While that is clearly still broken, why would the two ISPs act differently. The FiOS is tested at >50mbps and the Spectum was tested to >400mbps. (with a direct connection to the PC)
Should I chuck this hardware into the recycle bin where I found it?
-
So this whole time I have been running "speed tests" from my browser. All the top ones when you find with a search for "speed test". They all fail or report less then 3mbps. So then I though to go download real world stuff and this is what happened;
(I let each test run for at least 15 minutes)
these were the max speeds reached
Nvidia Geforce driver - 3mbps
Download A game from GOG - 3mbps
Download Windows 10 ISO with the Microsoft media creation tool 1mbpsHere is where it gets weird.
So windows 10 was abysmal and was still at only 1% after 15 minutes so I decide to try to download something big at a torrent site. So I go and turn on my VPN and the Microsoft speed instantly goes to 15mbps. So that's interesting. So I turn off VPN, now I'm getting 30mbps. Ok, so I turn it back on and that kills the download...
So I want to get back to testing stuff after geting derailed by the whole VPN thing. so i just reboot everything and do all the above test over just to make sure its still the same. It is.
Ok I wanted to download a torrent so I turn on VPN and find something big from the top 100 list so there are plenty of seeds.
one torrent = about 1 mbps. I loaded up 3 and got about 3mbpsNow here goes the craziness...
The VPN is off and i open Steam and download a big game "Whitcher 3" and I get 298mbps !!! peak and no less then 250mbps sustained.I turn on the VPN just for fun and nothing changed. (That dip is when I turned the VPN on)
I tried the other test with VPN on and other then that weird spike from the Microsoft too it seemed to have no impact.
-
@badfrogg said in Am I in over my head?:
Should I chuck this hardware into the recycle bin where I found it?
Really knowing nothing about the hardware at all Im curious what is slowing your system down so much. None of my boxes do not do wire speed. But even the one box I have that still is running 32bit (soon to be replaced) will easily do the 100mbps connection that the customer pays for.
Remember that 8 bits equals 1 byte. If you are seeing download sizes of 10 MBPS when you are expecting 80mbps that is a difference. 10 megabytes per second is 80 megabits per second. Not something to throw into the mix is it?
pfsense will do 10gbps on the correct hardware. Easily.
-
I've been using megabit per second as a unit of measure this whole time. It's that like using the metric system in America? LOL. because I do that too.
Well now I'm off to bed. the hardware can clearly do 300 Mbps (or 37 MB/s). But only downloading the Witcher 3 with Steam.
What that means, I have no idea. I did say I was completely inept with network engineering.
-
Sleep well! I know the frustration.
