WAN speed not what cable technician has verified
-
Hello.
First I'm sorry if this isn't in the right forum please move it if needed.
My hardware is a pc engines APU1D4 running pfSense 2.5.1 community edition.
https://www.pcengines.ch/apu1d4.htmSo I have a problem centered around bandwidth basically. The spectrum tech has been out twice and the first time the modems speed was somehow left on 100mbits down. Even though it was supposed to be set at 200mbits down for this service upgrade.
During the first visit I was unable to get any of the devices I have to achieve 200mbits. But he told me it's because most devices can't sustain 200mbits.
A week later during the second visit from the same tech no less. It turned out that the modem still was provisioned for 100mbits but peaked at 115mbits. Between the visits I did verify this with iperf3 from the console on pfSense. I ran "iperf3 -R -t 300 -c iperf.he.net". It would reach 115mbit then drop back down, I believe because of TCP windowing. All the devices I've tested have the same behavior during their speed tests.
To bring the issue together. Toward the end of the second visit the tech hooked his meter up and verified via its built in speedtest that he now got 200-240mbits down and 40mbits up directly connected to their modem via the RJ45 port. He then bypassed the modem and tested from the rg6 cable drop. Still everything was fine and he even says the line coming in can achieve up to 940mbits. He only was able to get 90mbits with his meter through my LAN and said my equipment is the bottleneck. Although after the fact I forgot that I have traffic shaping enabled for 200mbits in preparation for this upgrade.
Since all this has happened. I've tried the following and I'm at a lose and could use some guidance to understand why this is happening.
-
Even after turning the traffic shaping off I only get around 120mbits from my phone. (I think this is because the devices max is 150mbits on AC wifi.) LAN->WAN
-
From my laptop using a gigabit ethernet connection with CAT5E I can only get 120-150mbits. LAN->WAN
-
Here is the plot twist... I setup an iperf3 server on a spare machine. Connected into an OPT interface on pfSense no VLANs etc. Then used the same laptop from point 2 above and achieved 800-900mbits through pfSenses LAN->OPT interfaces.
Yet when I send LAN->WAN I have the speed issues.
How is my equipment the bottleneck if I've proven it can route/firewall at 800-900mbits?
Thank you for your time and any help you can provide.
-
-
@tman904 said in WAN speed not what cable technition has verified:
During the first visit I was unable to get any of the devices I have to achieve 200mbits. But he told me it's because most devices can't sustain 200mbits.
Ummm... 200 mbits would be d*mn slow. Perhaps you meant Mbits? As for devices can't sustain 200 Mb, there's this on a 500/20 connection with my Qotom mini PC. Previously, with an old HP desktop computer, i was getting well over 500. It sounds like that guy is making excuses.
-
@tman904 said in WAN speed not what cable technition has verified:
https://www.pcengines.ch/apu1d4.htm
Sorry its your APU1:
https://www.cpubenchmark.net/cpu.php?cpu=AMD+G-T40E&id=264
Its just have a very slow CPU, over 10 years old, no hw crypto support. -
@nocling said in WAN speed not what cable technition has verified:
Sorry its your APU1:
Respectfully I don't believe that is the case. I was able to route 800-900mbits from my laptop connected to the LAN interface through to an OPT interface that the server is connected off of. These are two separate IP subnets as well. Not bridged together or anything like that. The issue occurs when routing from my LAN to the WAN interface. The only part that is different there is that it's going through the modem. Also NAT is used to rewrite the source IP address in that case as well. But even still the stateful firewalling is working well above 200mbits when I test locally with iperf.
The only crypto intensive thing I do is a single road warrior OpenVPN connection from my phone. I'm aware why hardware crypto matters and all. It's just the fact that I don't need it at the moment.
-
@jknott Thank you for the link to your speed test results. Wouldn't you think our boxes are close enough in spec that they would produce similar results? Especially since I'm only trying to route 200mbits and I know the APU1D4 can sustain 900mbits of traffic using pfSense.
-
My Qotom box is described in my sig. The HP computer I was using before was just a compact desktop computer with 2 extra NICs added. Regardless, both show that guy wasn't being honest.
-
@tman904 Just a couple of thoughts. Did you set PFSense to stock settings (you had mentioned some traffic shaping, any other additions like PFBLocker, Slort?). Maybe check that the modem and WAN interface have negotiated a gigabit connection, not a 100TX...
Do you have a computer you can connect direct to the modem to test (with a software firewall) or one that you can install PFSense on, to eliminate the router as a possible cause? -
@tzvia Yes everything is stock except traffic shaping but I did turn that off and still experience this problem. I don't have any addons installed either.
The speeds through the modem are still below 200mbits from what he tested right before he left I should be able to get 200-240mbits through it.
I've tried multiple computers directly connected to the modem and all of them have the same issue. It peaks at about 120mbits and drops back down. The only time I've seen higher than that through pfSense is my local test between two interfaces on my pfSense. That iperf test was able to sustain 800-900mbits well above what the WAN speed is suppose to be.
What I keep wondering is maybe spectrum's WAN speed is up to speed X rather than a constant speed X. But I don't think that makes too much sense. Because if I'm paying for speed X I should get it most of the time correct?
I might add he said the modem was still provisioned for 100mbits on his second visit. Even though changing it to 200mbits was the whole purpose of the first visit. He chalked it up to something with the billing cycle still for the old speed, and or the tech support he calls to configure the modems messed up. But yet he wasn't very patient with the tech he called raising his voice and getting irritated at him etc. But I digress since this might be a pure technical issue and not a mistake by the tech.
I wonder if they have messed up though and don't want to own up to it. But if I have them come out a third time and they blame my equipment which I've proven isn't the bottleneck. I'll get charged $150
Do you think it would be wise to put the iperf server off of pfSenses WAN port and repeat the test just to make absolutely sure?
All three interfaces are gigabit ethernet and they have negotiated successfully at gigabit speeds.
-
One thing you can try is connect a computer directly to the modem and see what you get. My ISP consistently delivers better than advertised performance.
I still think that "tech" is not being honest.
-
@jknott I have tried hard wiring my computer into the modem bypassing pfSense 3 different times and still get the same results. Both ends of the link were running gigabit speeds as well.
I ran an iperf test directly from pfsense's console via ssh and today I hit 125mbits. Today the network is in use a little bit 40mbits was going through it. But hear me out even 125+40=165mbits. Still lower than what I should see.
All of the other tests have been the speedtest as the only traffic on the network.
-
I think you've proven he's "full of it". A few weeks ago I tried an experiement. I actually get 2 connnections from my ISP, including 2 public IPv4 addresses. Either delivered similar performance with speedtest, but a friend ask if they got those results at the same time, they didn't. However that test was done with pfsense & Qotom mini PC on one connection and a 10 year old ThinkPad E520 on the other. So, a 10 year old notebook computer has no issue at Gb bandwidth.
If that guy still claims PCs can't do better than 200 Mb, you could show him this video. Then call your ISP and complain about his incompetence or dishonesty.
-
@jknott Here is the speed I can really route through my pfsense box. Compared to the WAN speed.
LAN->DMZ speed test:
LAN->WAN speed test:
And these are the two /24 subnets I'm running the test between with stateful firewalling enabled:
-
-
@jknott Well I think I have my answer then don't I. Thank you and everyone for their help with this issue.
-
@tman904 Well, as you have tested with multiple devices connected to the modem, the issue is at the modem or beyond, on the Spectrum side. What modem is this? I've been assuming it's a modem only, not a modem/router set in bridge mode. I would have Spectrum replace it at the very least. As for what is provided in terms of service, I believe that residential service is 'best effort', they really don't make guarantees but should at least make an attempt to deliver at the end of the ethernet that comes from the final piece in the line that they provide, what they are selling. Is the modem the same one you had before the speed was increased? If so, have them replace it, as nothing you have connected to it was close to what they are promising, even though the tech indicated the line was capable of considerably higher speed.
-
@tzvia It's a router/modem combo in bridge mode and the tech did change it from an smc networks to an hitron router/modem combo before verifying the speeds. This is a business line I'm signed up for at the moment.
-
@tman904 Just picking through everything I have seen so far, looking for some info as to what the WAN side IP is, to verify that that Spectrum modem/router is in bridge mode, but I am only seeing the 192.168.... Do you have static IP(s) from Spectrum- Is that why you went with their 'Business' class service? I've never dealt with Spectrum routers in bridge mode, I would guess that only one of the ports would be bridged with the the internet IP, and the others nothing . I don't think Spectrum would allow multiple WAN internet IPs unless you've got a block of static IPs and each port is configured with a static...
-
@tzvia I'm positive the modem is in bridge mode my WAN interface does have a public IP address assigned to it. There isn't any cascading/double NAT or anything like that.
-
@tman904 Well, then that leaves you with what you can confirm. No matter what the device is that you connect to the ethernet from the Spectrum equipment, you do not get near the provisioned speed. If we take what the field tech said as being accurate, that the speed is correct when he connects his equipment to the cable, then that leaves the modem/router as the issue. You have confirmed through several devices, that they all get an internet IP with the modem bridged, negotiate a gigabit connection, but fail to come close to the speed provisioned. If this was my situation, I would take it out of bridge mode (assuming that you can log into the router to change it back and fourth and have not already done this) and connect one computer to the modem in a 'typical' setup as they would expect. Run an online speed test like at dslreports.com or similar, then contact Spectrum and advise that you are not getting the rated speed with just one computer connected to the router with the default settings. My gut feeling is that the issue is the line, not the modem, and that the field tech is full of it. But if the tech said 'your equipment", well now you tested it with their equipment set 'default' and it's still bad. "Fix it Spectrum- issue is your equipment."
-
@tman904 said in WAN speed not what cable technician has verified:
But he told me it's because most devices can't sustain 200mbits.
Such a statement just shows that he doesn't know what he is talking about.. I wouldn't believe anything he says to be honest.
example: Here is my getting quite old in the tooth PC, to my nas using cheap usb nics.. Ran 30 second iperf test.
[ ID] Interval Transfer Bitrate [ 5] 0.00-30.00 sec 8.25 GBytes 2.36 Gbits/sec sender [ 5] 0.00-30.01 sec 8.25 GBytes 2.36 Gbits/sec receiver
But most devices can't sustain crappy 200mbps? Really??