Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Netgate/PfSense with JamKazam online band jamming tool.

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    13 Posts 4 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Steve C
      last edited by

      Hi. I'm considering moving to a Netgate/PfSense solution to improve the network security at my home.

      I have searched this forum but cannot find a specific reference to my issue so I decided to create a new topic here in the hope that someone can advise.

      I play guitar and I use the internet to have virtual jam sessions with my fellow band members using a software product called "JamKazam". It works very well. But one thing it does not like is high network/internet latency and its developers go to some lengths to overcome high latency problems when using their product. Its hard enough staying in time within a band without having network latency add to the problem. 😁

      Has anyone here had any experience specifically with JamKazam via a Netgate/PfSense setup?

      In general, should I expect latency to worsen if I introduce Netgate/PfSense in place of my vanilla ISP router/firewall/switch?

      P 1 Reply Last reply Reply Quote 0
      • P
        Paint @Steve C
        last edited by

        @steve-c

        no experience with JamKazam, but if you replace your current router with pfSense you should be able to control latency and buffer float better via QoS and limiter rules. I wouldnt run Snort or other IDS plugins for pfSense if you are worried about latency/buffer float. Also make sure your pfSense machine is powerful enough and you use intel server ethernet cards (i340 or i350 for example)

        with pfSense you will have way more control to prioritize the JamKazam traffic over other traffic on your network.

        pfSense i5-4590
        940/880 mbit Fiber Internet from FiOS
        BROCADE ICX6450 48Port L3-Managed Switch w/4x 10GB ports
        Netgear R8000 AP (DD-WRT)

        S 1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          In all likelihood it won't make a significant difference. There are a number of variables at play so.... it depends!

          I have worked with another customer who used JamKazam though and once we had the required port forwards open it worked fine. They were using an MBT-4220 for reference.

          Steve

          S S 2 Replies Last reply Reply Quote 0
          • S
            Steve C @Paint
            last edited by

            @paint

            Thanks for your reply. I had not considered QoS as a control for a (potential) latency issue, but I guess its an obvious thing to use when you think about it.

            I'll probably go ahead, but take time to chhose the hardware platform carefully, taking into account the NiC type.

            1 Reply Last reply Reply Quote 0
            • S
              Steve C @stephenw10
              last edited by

              @stephenw10

              Thanks for your reply. This is all new stuff for me.

              Bearing in mind comments from @paint regarding the choice of NiC and your mention of the MBT-4220, I'm now wondering which hardware platform to look at.

              I was considering the SG-2100, which I was thinking would be more than adequate in terms of processing power and throughput for my mostly single user home network, but I am now considering the SG-3100 on the basis that its more expensive and therefore more powerful. The problem I have is I dont know how "powerful" a platform I need.
              I obviously dont want to pay more than I need to but I also dont want to compromise given my particular use case, so I'm inclined to over-spend rather than under-spend.

              Is the SG-3100 likely to further minimise any potential latency issue? Any advise is welcomed.

              Steve

              P 1 Reply Last reply Reply Quote 0
              • P
                Paint @Steve C
                last edited by

                @steve-c said in Netgate/PfSense with JamKazam online band jamming tool.:

                nsidering the SG-2100, which I was thinking would be more than adequate in

                who is your internet provider and what are the upload and download speeds?

                pfSense i5-4590
                940/880 mbit Fiber Internet from FiOS
                BROCADE ICX6450 48Port L3-Managed Switch w/4x 10GB ports
                Netgear R8000 AP (DD-WRT)

                S 1 Reply Last reply Reply Quote 0
                • S
                  Steve C @Paint
                  last edited by

                  @paint Well I'm in the UK and the provider it BT (British Telecom). Download speed is 73Mbps, upload 20Mbps.

                  P 1 Reply Last reply Reply Quote 0
                  • P
                    Paint @Steve C
                    last edited by

                    @steve-c is it cable internet? With those speeds... I dont think QoS or pfSense will make much of a difference

                    pfSense i5-4590
                    940/880 mbit Fiber Internet from FiOS
                    BROCADE ICX6450 48Port L3-Managed Switch w/4x 10GB ports
                    Netgear R8000 AP (DD-WRT)

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S
                      stephenw10 Netgate Administrator
                      last edited by

                      It will be FTTC (VDSL) using PPPoE.

                      The SG-2100 will be more than sufficient there.

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • S
                        Spacecase @stephenw10
                        last edited by

                        @stephenw10 I wish I had seen this topic earlier.

                        Opening a port is not needed. What's working well is to set up a NAT 1:1 rule from the WAN to the IP address of the JamKazam client. Nothing else seems to be required, but I do have UDP ports of the JK application set to a starting number of 12000, primarily so I can pick out the States of the specific UDP connections being used by the application.

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S
                          stephenw10 Netgate Administrator
                          last edited by

                          If you setup a 1:1 rule (all ports) but don't add any firewall rules to pass that inbound on WAN then all you are actually doing it setting outbound NAT for that IP with static source ports.

                          In that case a single outbound NAT rule would also work and it would not redircet incoming traffic that you might otherwise need for, say, a VPN.

                          Steve

                          S 1 Reply Last reply Reply Quote 1
                          • S
                            Spacecase @stephenw10
                            last edited by

                            @stephenw10 Thanks, Steve. That's good to know.

                            Last year when I was trying to get things working with your help, I tried a number of strategies to get to a functional configuration. I had a rule for a range of forward ports based upon JamKazam guidance. Thinking that this could lead to a vulnerability, I tried disabling the rule and things still worked. The configuration hasn't changed since.

                            The application and the server algorithms have evolved quite a bit since I first started using the service. With that in mind, I just checked functionality with 1:1 NAT disabled and was surprised it was able to connect with the server and establish UDP peer connections. In addition, it didn't complain with a pop-up diagnostic as before. So, perhaps 1:1 NAT isn't necessary anymore. I'll try to see how well it works without it over the next few days and report back.

                            S 1 Reply Last reply Reply Quote 0
                            • S
                              Spacecase @Spacecase
                              last edited by

                              @spacecase I've tried a few spot checks during active sessions over the last few evenings, but my testing was limited. After experiencing what might've been disruptions of session stability when I disabled 1:1 NAT, I quickly reverted back to my baseline configuration.

                              Forwarding the configured UDP ports at the router doesn't seem to make a noticeable difference, which seems to be consistent with the alternate configuration approach at this link.

                              https://forum.jamkazam.com/showthread.php?tid=1371

                              1 Reply Last reply Reply Quote 0
                              • First post
                                Last post
                              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.