20Mbps dl connection intermittently drops severely

tojaktoty

I'm a pfsense newb and am testing v 1.2.2 and one thing that I've noticed is when I saturate my download my pfsense routers slow the stream by spiking it in half or more and then spike back up.

Coming from a wrt54gl dd-wrt I'm able to saturate my 20Mbit down with a steady download of 18-19Mbit without a hiccup 24/7. There is no drooping or intermittent slowdowns with a wrt54gl. With either of the following systems running pfsense I am unable to maintain anything near a steady download rate.

I've got two pfsense systems which I'm testing and I believe the specs are not causing the bottleneck:
laptop- 800mhz p3, 256mb sdram, onboard nic, pcmcia nic
case- 1.6ghz axp, 512mb ddram, onboard nic, pci nic

When observing cpu and memory usage on both pfsense systems either of them rarely go over 15%. Yet, my download speed could fall to 5Mbps or sometimes lower… and then it jumps back to 18Mbps+.

What could be causing the slowdowns I am experiencing? I am dismissing the possibility of it being caused by the transmitter because I know for fact that I can sustain a steady ~20Mbps observable at least with a wrt54gl.

Thanks for any advice.

syro

Hi there,

first you should give some explanation about your current system configuration and answer yourself the following questions:

• is hw checksum offloading currently in use? (nic related and can be found in top menu under system -> advanced setup)
• which wan connection do you have? (pppoe, dhcp, pptp, static)
• which protocol did you used for testing?
• maybe you've done some settings in the traffic management of squid? (if you're using a proxy at all)
• are you actively using the embedded traffic shaper?
• did you reset the modem?
• did you changed/tested the patch cable that is connected between the modem and the wan interface?

maybe it would be the best to reset your current setup to the factory defaults and disable checksum offloading.

best regards
syro

tojaktoty

The pfsense systems are fresh installs with no features enabled beyond default. There is no traffic shaping or proxy enabled.

The wan is dhcp using comcast cable and a sb5101. The dl speed test protocol is usenet/newsgroup which always saturates line.

I will look into the checksum settings and report back as I am unfamiliar with them atm.

thenewguy1979

Hey bud I have the same problem here. With modem direct to PC connection I can sustain a 16mbit download speed with any slowdown or throttling as you mentioned.

After setting up a pfsense unit with everything default like you're my download speed is only half at 4mbit and constantly goes up and down by itself.

Testing is also by newgroup server.

For example before with direct modem to PC I can fully sustain 16mbit download with only 4 active connection. Now I can only get 8mbit with the same 4 connection.

I later found if I enable 8 active connection my speed would then be a full 16mbit. It seem like Pfsense by default is capping a single download connection to perhaps 2mbit max?  Perhaps there is a setting somewhere we can change this?

wallabybob

I don't know the details of how pfSense/FreeBSD handles the TCP window size (amount of data in transit) when establishing a new TCP connection and NAT'ing.

A large window size is good for higher throughput. However its more likely to lead to packet loss due to congestion in intermediate routers, particularly when data is moving from a faster link to a slower link.

When TCP realises data has been lost it drops the window size then as data comes through without loss gradually increases the window size to configured maximum.

I believe many of the appliances running dd-wrt have small amounts of memory so probably have "small" TCP window sizes. pfSense systems would generally have considerably more memory than dd-wrt systems so may allow larger TCP window sizes and so consequently be more susceptible to packet loss and the kind of throughput spiking you have observed.

tojaktoty

@thenewguy1979:

Hey bud I have the same problem here. With modem direct to PC connection I can sustain a 16mbit download speed with any slowdown or throttling as you mentioned.

After setting up a pfsense unit with everything default like you're my download speed is only half at 4mbit and constantly goes up and down by itself.

Testing is also by newgroup server.

For example before with direct modem to PC I can fully sustain 16mbit download with only 4 active connection. Now I can only get 8mbit with the same 4 connection.

I later found if I enable 8 active connection my speed would then be a full 16mbit. It seem like Pfsense by default is capping a single download connection to perhaps 2mbit max?  Perhaps there is a setting somewhere we can change this?

I recommend you try syro's advice and at least test checking "Disable Hardware Checksum Offloading". After checking this feature thereby disabling it and doing a reboot my dl stream is significantly less volatile. I also installed new cat5e cables and ordered new intel nics.

@syro:

• is hw checksum offloading currently in use? (nic related and can be found in top menu under system -> advanced setup)