New to Pfsense
-
Hello I am very new to Pfsense. I just built my fire standalone server. I have confirmed using my normal router I can get speed upwards of 900 Mbps when the same machine was running windows 10. Running the same system on Pfsense I am unable to get above 300 Mbps now.
My plan is to replace my asus router and make it into just a switch and use the Pfsense machine to be my router. Uptil now I have only tested the speeds I get through the Pfsense machine when its connected behind the asus router. I have a single client machine using the Pfsense machine as its router and the rest of my machines are using the asus router at the moment.
Does running Pfsense behind another router slow down the speeds it gets or if I remove the router and just use the Pfsense machine and a stand alone unmanaged switch will I be able to get back up to the 900Mbps + that I get now through the asus router?
-
@tunnlrat I think pfSense has the ability to work with vlans, I know you can manage the switch from the menu in pfSense plus.
-
https://docs.netgate.com/pfsense/en/latest/vlan/configuration.html
-
What hardware are you using?
How are you testing the thoughput?
300Mbps is quite low for anything relatively modern.
It shouldn't make any difference where in the chain it us placed as long as there are no subnet conflicts.Steve
-
@stephenw10 Honestly just been doing the standard online web browse test through Ookla maybe not the best way to be doing it. I'm tired of my asus router needing to be reset once every 2 weeks because the connections are starting to drop. I'm running 4 pcs a ps4 a fire stick 4 phones and more and I'm pretty sure moving my current router to be just an access point and using PfSense will be way better for me in the long run.
My internet speed should be closer to 1000Mbps and all the connection in PfSense on the dashboard show everything connected at 1000baseT full duplex.
-
Would it help for testing purposes for when I am ready to make the full jump to add the PfSense machine to the DMZ on the Asus router and once I can achieve the speeds I'm hoping for just move off the Asus router all together and just use its as an access point?
-
What hardware are you using to run pfSense though?
-
@stephenw10 I'm not at home at the moment or would add a screen cap of it but Its an HP quad core 3.0ghz. I have been able to get it to hit the 900Mbps speed in windows 10.
However I am using something out of the ordinary that may be causing the issue. The one network card that is my WAN connection is the onboard card. The other one is the odd man out. Its a usb 3.0 Startech Gigabit Ethernet I have used it to also achieve the 900Mbps and its my Lan connector from the HP PfSense machine.
Maybe thats my issue?
-
Yup, it's almost certainly the USB NIC. Any other arrangement is preferable to USB Ethernet including just one NIC and VLANs.
Even the most ancient 4 core 3GHz CPU should be able to get at or close to Gigabit line rate for a large packet TCP test like Ookla. Given decent NICs.
Steve
-
@stephenw10 Ok maybe I will have to change my plan of attack and try see if I can get a second NIC to go inside the HP machine instead of using the USB ethernet
-
Is that a limitation with PfSense not being able to reach the same speed using a USB nic? Can PfSense be run on a linux box instead of stand alone and would that maybe help me get the speed I want out of it?
-
@tunnlrat USB nics are usually used for "in a pinch" situations. Your firewall shouldn't be one of those situations. I believe the problem resides in the FreeBSD operating system, the OS that pfsense runs on top of, not supporting (or not liking) USB network cards. Or, the tech inside the adapter is absolutely garbage.
Generally, there are no problems (or much fewer) when run in say Windows, Linux, Mac OS, because the driver software is already there, or can be added. FreeBSD, not so much...
-
@tunnlrat said in New to Pfsense:
Can PfSense be run on a linux box instead of stand alone and would that maybe help me get the speed I want out of it?
No. pfSense is a complete operating system built on FreeBSD (which is not Linux).
You can run is as a VM in a Linux box if you need to but you then have a far complex routing situation.Manufacturers of USB NICs don't care about FreeBSD. If you're lucky they care about Windows and (maybe) OSX. For it work in Linux or FreeBSD the drivers need to be written and that is often done without full documentation etc. The result is often a reduced feature set ot varying compatibility.
There are users here who are running USB Ethernet without issue but it's impossible to recommend it especially for a 1G link.Steve
-
@stephenw10 Ok thank you! I still have use for the USB nic not a problem I will seek out a second NIC for my HP system so I can run it like I want and probably end up having to build a custom case for it all at the same time! May as well go full on DIY thank you very much for the patience and answers I know where to go from here now much appreciated.
-
@akuma1x I will move that USB NIC to a system that can use it then thank you for the input.
-
@stephenw10 I really appreciate the advice. Went out and got an intel NIC for my LAN connection just swapping out the USB NIC and changing nothing else has got me back up to my 1Gigbit speeds. I took the week off my next step now is to make the full jump and turn my current asus router into just an AP
-
@stephenw10 So I'm running into a new unexpected issues now that I'm trying to run my PfSense machine by itself now as the router. I removed everything from the network but it, but when the LAN should grab an IP from my ISP like my normal router does its always making the WAN ip 192.168.1.92 and not getting a proper IP from the modem. My modem is in bridge mode and has been so since I got it.
If I run the PfSense machine I built behind my Asus router it works just fine and can hit all the speeds I want. I'm guess its something I am configuring incorrectly from the start. I've been using the setup wizard for now to let it set everything until I am more comfortable with more advanced setup of it.
Not sure where I am going wrong.
-
@tunnlrat said in New to Pfsense:
but when the LAN should grab an IP from my ISP like my normal router does its always making the WAN ip 192.168.1.92 and not getting a proper IP from the modem.
1:
I suppose you mean WAN , not LAN in the above line.
It should be the WAN IF , that is conencted to the ISP.2:
What ip address does the ASUS get from the ISP ?3:
What does Status --> System Logs --> DHCP show ??
Should give some info about the WAN getting the DHCP address.
/Bingo
-
-
You are correct yes I meant WAN not LAN
-
The asus router is grabbing a proper IP from my ISP starting with 68.145.xx.xxx
-
I read another post on the forums that suggested maybe since my modem is and always has been in bridge mode its not re issuing an IP because its locked to the MAC address of my Asus router? Should I be powering off the modem while I shift the cables around to remove the Asus router?
Its 11:48pm here am in tired enough im gettin WAN and LAN mixed up I will try again in the morning and post what the Logs say after I attempt again in the AM
-
-
1:
Powering down the ISP Modem , before connecting the pfSense WAN would be a good thing to do. Try that first.2:
Spoofing the ASUS WAN Mac address on the pfSense WAN interface could be worth a try , if the above doesn't work
But i'm not sure if it could lead to issues later on , if/when you want to connect the ASUS as an AP. Tecnically you now have that MAC twice in your setup (1= pfSense Wan , 2= Asus Wan).
I might be seeing ghosts here. As your Asus WAN would NOT be active , so maybe it wouldn't respond to an ARP or worse proxy ARP.
It is worth a try ...
But i would turn off the ASUS while trying ...Edit:
If you're going to sleep now, and can "live wo. internet" while sleeping , i'd disconnect & turn off the ASUS. And hope the ASUS DHCP reservation would be released , when you wake up. Now try to connect the pfSense WAN./Bingo
