is it normal to loose WAN speed to compared to to Pfsense?

  • hi i had a question .. i have slow dsl internet as thats all i can get
    but i noticed doing speed test from Pfense and from my desktop computer are 2 different speeds

    pfsense gets

    Retrieving configuration...
    Testing from Bell Canada (########)...
    Retrieving server list...
    Selecting best server based on ping...
    Hosted by (#####, ON) [81.99 km]: 123.984 ms
    Testing download speed................................................................................
    Download: 5.87 Mbit/s
    Testing upload speed......................................................................................................
    Upload: 1.00 Mbit/s

    and when i use Bells (internet speed test from Desktop)

    Modem to device
    Download 5.91Mbps
    Upload 0.62Mbps
    Latency 12ms

    is that normal to loose 0.4mbps to the desktop.. or anything i can tweak it to get to that 1Mbps

    i realize you guys have faster internet not necessary need to tweak yours.. but was wondering if i can tweak mine to get to the 1mbps to maximize my slow internet

    or is that just because now your going through Router and Windows and there is some loss

  • The difference can be down to various factors.

    Is it ethernet or wifi (yes wifi can affect even low speeds).
    Network configuration, related to things like RWIN and congestion provider's.
    Browser problems, especially with an a/v that sends via its own proxy.
    NIC driver issues, could be buggy implementation of checksumming or other NIC tech's.

    It is not normal to see that kind of % performance difference when everything is working properly, and assuming you have no configured QoS that would cause that.

  • well i noticed issues today after Windows 10 roll out updates they did yesterday that automaticlly updated in middle of night and today i was having issues.. made sure i was up todate..

    i dont know what QoS is .. or the RWIN
    i use telephone line to modem and modem directly to Pfsense..
    then pfsense is cable to a switch and switch is cabled to my desktop computer.. so no wifi there

    and wouldnt know where to look for QoS

    i have changed my server a couple of times bad motherboards.. so i had to edit the config file.. search and rename nics so i can just boot up normally.. and then i had extra nics saved and pppoe under the ppp assignments.. so had to delete those

  • RWIN is the receive buffer for TCP downloads, it determines how much data can be sent per acknowledgement, most modern OS are designed now for fast connections and a too high RWIN can cause performance problems. This been your problem is I dont think it is likely, but I mentioned as an avenue to check.

    It sounds like you have no QoS (is off by default), so I dont know, hopefully someone else can help you figure it out.

    Potentially it could be MTU problems. But changing that on the windows client is a bit too much for me to explain now as I am tired, if you are still stuck tomorrow I can offer help on that.

    If you want to try a lower RWIN, try these commandsin a admin command prompt.

    netsh int tcp set global autotuning=highlyrestricted
    netsh int tcp set global autotuning=disabled

    no reboot needed.

    to revert to default setting

    netsh int tcp set global autotuning=normal

  • @chrcoluk sure sounds good no rush..
    as i was googling PPPOE and pfsense they talked about your providers MTU so i googled it... with Bell its 1492 and i had it blank so defaults 1500 i take it.. not sure what that does either.. but it didnt help.. i edited that in the PPP or it was the WAN assignnment forgot at the moment..

    but i can wait i just noticed it.. as i know i can receive it shows.. just sending backuploading is an issue.. well hopefully you can get unstuck (:

  • i have disabled my VPN's as i had a couple VPNS running so i made sure it wasnt also leaking... and maybe its my NAT settings as i have set to get the XBOX setting to work damn that double nat stuff lol
    so maybe its one of those issues too i not sure

  • @comet424 , yes you can tweak it so you can get double speed 11.74 Mbit/s (5.87 Mbit/s x 2 ).
    Do you have two separate fax and phone line? and are they both active?

  • I wish you disclosed you are using a VPN initially, that is probably the most likely reason. When you tested from pfsense that probably didnt route via the VPN hence the difference.

  • Netgate Administrator

    On a faster connection 400kbps would be a negligible difference.

    It's not clear if you're even testing against the same server here and that alone could easily account for it.

    Better to run a test like iperf where you can set the server you're testing against and then try that from both pfSense and a client behind it.

    A PPPoE connection from pfSense will default to 1492 anyway. Which is how you should have this setup.
    You mentioned double NAT though....

    And yeah if you're testing over VPN that changes everything so a difference like that would be expected.


  • sorry for the delay

    no i dont have 2nd line.. was looking at getting one ad go with different internet provider.. as i pay 90+ for 5mbp download 600k(ish up)
    how can i double it

    didnt disclose it as desktop as it doesnt use VPN never through of it.. doesnt matter.. Desktop like i mentioned still gets slow speed with OpenVPn client and Site to Site is turned off at pfsense.. so its still slow

    so how do i test it with iperf .. not at home to test it.. and ok so i changed that to 1492 as it said in video change it to it.. and pfsense said it defaults to 1500 if you down change... what does it actually do.

    ya Windows is Double natting. desktop isnt behind the VPN its supposed to be open.. but i usually have to click the FIX button under xbox gaming. but ya wasnt testing at vpn this computer supposed to be free no vpn.. its supposed to be setup just like my xboxs where they open

  • Netgate Administrator

    There are public iperf servers you can test against, find one close to you. Doing so means you can use the same server from pfSense and the client behind it for a much closer test.


  • @stephenw10
    ok ill look it up and try when i get home
    then post results. havent been home and just checking emails today... borrowed internet.. damn pandemic has ruining lot of things

    i appreciate the help from you and the others.. and ill give it a try hopefully today or tomorrow (:

