Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlocker & slow speeds

    pfBlockerNG
    8
    24
    6.0k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • johnpozJ
      johnpoz LAYER 8 Global Moderator @jrey
      last edited by

      @jrey said in pfBlocker & slow speeds:

      I use pfB, understand what and how it is doing what it is doing. Zero throughput issues.

      Exactly - my point from years ago, was once something is resolved - it has no bearing on latency to the ip it resolved to or as the OP was saying his speedtest.

      Now in theory could some site take a while to load if your dns was horrible and took forever to resolve stuff that was being loaded by the page, like images or ads or frames, etc..

      But once something is resolves to the IP - dns is out of the picture to speed or latency of talking to something..

      An intelligent man is sometimes forced to be drunk to spend time with his fools
      If you get confused: Listen to the Music Play
      Please don't Chat/PM me for help, unless mod related
      SG-4860 24.11 | Lab VMs 2.7.2, 24.11

      O J 2 Replies Last reply Reply Quote 0
      • O
        Orwi @johnpoz
        last edited by

        yeah, the theory is well known to me. The reaction here what I expected.
        We all agree, once a name is resolved, DNS is out of question.
        Then let's have a closer look, because pfBlocker isn't done here.

        First let me narrow it a bit down:
        pfBlocker had times it works as expected, also with expected speed, then it doesn't.
        Then, changing DNS, still not the greatest results, as pfsense at all is out of question here - regards DNS, it is still in the game with routing, so is pfblocker.
        ...or.. do the lists, pfBlocker adds to the floating or interface tabs a DNS thing? If yes, I am eager to hear the technical explanation.

        2 reasons, I violated the dead:

        • this thread is stil high in search ranking
        • the reactions here are not helpful, but blaming the victim(s). It is a 'simple solution' to a more complicated problem.

        Back to technical topic:
        If pfBlocker isn#t the problem, how do you explain the problem be gone, by disabling it at all?
        This is nor correlation, this is causal.

        What I not care anymore is why it SOMETIMES behaves correct, and often not. But for this, I don't invest time anymore.

        1 Reply Last reply Reply Quote 0
        • J
          jrey @johnpoz
          last edited by

          @johnpoz said in pfBlocker & slow speeds:

          Exactly - my point from years ago,

          Yup.

          Now in theory could some site take a while to load if your dns was horrible and took forever to resolve stuff that was being loaded by the page, like images or ads or frames, etc..

          Hypothetically speaking -- yes.
          -->> "if your dns was horrible". , or the connection, or the web server at the other end, or, or, or.

          a) if you are visiting a page that has say 100 things that need to be looked up, and your dns was horrible, that would take longer to render than a page that has say 10 things to lookup. (but would you notice?)
          b) if your machine is undersized for the volume of traffic you are trying to put through it. (two tin cans on a string?)
          c) if you have every possible list in the world added and trying to parse huge lists
          d) if you have the frequency of updates for lists set too frequently
          e) maybe if it is Tuesday 😆

          @Orwi

          Speaking about teams - with another sense and it's integrated lists, I was able to circumvent this - half way. The other half: Just using another unbound didn't do the trick for me. But after I disabled pfBlocker - my internet experience was blazing again - also without ads.

          because why?.. sounds like and is purely a guess at this point, but that something was off loaded - "with another sense"
          "half way" whatever that means?
          "just using another unbound didn't do the trick" - what does that mean? that the DNS was pointed somewhere else?
          "But after I disabled pfBlocker - my internet experience was blazing again - also without ads." - was this on the first or second "with another sense" -- what is blocking the ads now?

          Either way the OP adding the new comment, should open a new thread, not bring back the dead, and just assume " the behavior still exists". Just because it is something that "sounds the same" as a problem being experienced today. So we have a classic case, IMHO. of someone that is seeing a result and labelling it, and not a cause.

          johnpozJ 1 Reply Last reply Reply Quote 0
          • johnpozJ
            johnpoz LAYER 8 Global Moderator @jrey
            last edited by johnpoz

            @jrey said in pfBlocker & slow speeds:

            a) if you are visiting a page that has say 100 things that need to be looked up, and your dns was horrible, that would take longer to render than a page that has say 10 things to lookup. (but would you notice?)

            Prob not even if your dns was talking like 300ms for each query. still doesn't add up to alot to be honest even if 10 different fqdn to look up.. And then on your next reload of that page all the dns would be cached anyway - unless you didn't come back to until after the cache or your dns restarted and lost the cache.

            And if the page was designed correctly - even if some of the stuff didnt resolve you should still get a partial render of the page, etc.

            Where did the OP go? Says he hasn't been online since 2021.. The new poster is not the OP.. I am going to lock this thread.. If the new poster is having issues he should create a thread with his specifics and his troubleshooting efforts showing that dns or pfblocker is the problem - because that was never the case with this very old thread.

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 24.11 | Lab VMs 2.7.2, 24.11

            1 Reply Last reply Reply Quote 2
            • johnpozJ johnpoz locked this topic on
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.