Not your average "internet speed" problem...

Panja

I'm having a really weird problem...

When I'm connected to one of the ports on the TL-SG108E, I'm getting a really inconsistent internet speed. When doing Speedtest (doing 5 different sites) I'm not getting no where near full speed, sometimes around 400mbit but most of the times <150mbit. Also pretty high pings (>40ms).

Doing file transfers from a Synology NAS (vlan20) connected to the TL-SG108E and from my laptop (vlan40) connected to the TL-SG108E or connected to the Archer C7 I'm getting a normal connection and speeds are around 113MB/s (900mbit ish).
So the problem is only when using "the internet".
All cables in my house are CAT6 SFTP or CAT7 SFTP.

Things I tried to resolve the problem but did not succeed:

• New cable from Archer C7 to TL-SG108E
• Replaced the TL-SG108E with a Negear GS108Ev3
• Swapped the Archer C7 with a different C7 running OpenWRT v19.07.9
• Tried different laptops (all connected to a power supply, so no energy savings)

Things I tried, that eliminated the probem:

• Put a cable in port 3 or 4 on the Archer C7 and in my laptop
• Put the cable, that goes in to the TL-SG108E, directly in my laptop after changing the port from tagged (20/30/40/50) to untagged 40
• Put the cable, that goes in to the TL-SG108E, in an unmanaged/dumb switch, than a cable from the unmanaged swith to a second Archer C7 (OpenWRT) with same config as the other and from that Archer a cable to my laptop

At first I thought was the TL-SG108E that was causing the problems so I purchased a Netgear GS108Ev3 which gives me the same problems.
I'm really confused what the exact problem is here... Any help is appreciated!

mcury

These switches are L2, which means that all inter-vlan traffic would go through that 1Gb uplink to pfsense.

You are probably getting a bottleneck, in which affects everything that goes to the gateway (pfsense), internet included of course.

This is just something I observed, sure it may not be your problem stated that I don't know how much data you are sending through those vlans/internet.

Panja

@mcury

All tests are done when there are no people in the house and when there is no other traffic.

What I find strange is that file transfers are not limited and are intervlan as well. Vlan 20 -> 40.

mcury

I would check the speed of your inter-vlan setup by setting an iperf3 server in one VLAN, and testing from a client in another VLAN.
If both devices (server and client) are on the same VLAN, the traffic would go through the switch, thus not testing everything.

Then, I would connect a laptop directly to pfsense, and test the Internet bandwidth from there, it could be something with your ISP..

Also, its always a good idea to confirm if you have interface with errors, if they are full-duplex 1G and etc..

mcury

@panja said in Not your average "internet speed" problem...:

What I find strange is that file transfers are not limited and are intervlan as well. Vlan 20 -> 40.

Answered your question before you wrote that..

Well, if the problem is only with Internet, I would be its something with the ISP..

Lastly, what are you running in pfsense?
Snort/Suricata? Maybe a proxy like Squid?

If so, check your pfsense CPU by connecting through SSH, or console, and type

top -aSH

Gertjan

@panja said in Not your average "internet speed" problem...:

When doing Speedtest (doing 5 different sites) I'm not getting no where near full speed,

and (I recap) :

When I test my local networks, overall speed is about 8 times faster, latency is an order of magnitude smaller.

So, easy : follow the wires, starting at the WAN port of Q box, up to these "5 sites" and redo them ( redo the Internet, sorry ).
Where are these 5 sites ? How is your peer to the Internet ? These 5 sites, how they are peered ? There are so many factors, and there is so little you can do.

You've checked Configuring CoDel Limiters for Bufferbloat ?

Btw : get another cable, drill some holes, and connect your SG108 to the Q-box directly instead of using the switch of the Archer TPLink.
Depending what your internal network usage is, you might get a better result.

stephenw10

Make sure your test traffic between VLANs is actually going through pfSense. Check the traffic graphs whilst testing.
It would be possible to configure OpenWRT on the C7 to route between those VLANs and that could be masking/causing the problem.

Panja

All ports are 1GB Full Duplex. Not running any additional packages except Wireguard. Cpu does not give a sweat at all, i5 5250u processor. Also when connected to the Archer C7 I do not have any problems.

A problem with my ISP is what I thought first but when connected directly to the Archer C7 gives me full speed when doing speedtests. So I don't think it has to do with peering either.

mcury

Take a look in the previous posts.
It could be a limiter set as @Gertjan said..
Or, it could be what @stephenw10 said about the OpenWRT on the C7 (I didn't know about that possibility).

stephenw10

Yeah if OpenWRT is configured with all the VLAN as interfaces it will route between them and that could cause all sorts of problems.
Only the switch config there should be aware of the VLANs in order to trunk them.

Steve

Panja

Sorry forgot to add. It’s a really plain install of pfSense. No limiters are setup at all.

If vlan traffic is handled by the Archer instead of pfSense would file transfers not be limited as well?
I’m getting 113MB/s when transferring files between VLANs

Panja

The VLANS are indeed configured as interfaces on OpenWRT. I will have a look if that can be changed.

Panja

@stephenw10 said in Not your average "internet speed" problem...:

Yeah if OpenWRT is configured with all the VLAN as interfaces it will route between them and that could cause all sorts of problems.
Only the switch config there should be aware of the VLANs in order to trunk them.

What I don't understand is why does file transer between vlans work as it supposted to getting near gigabit speeds.

Also I already tried:

• Put the cable, that goes in to the TL-SG108E, in an unmanaged/dumb switch, than a cable from the unmanaged swith to a second Archer C7 (OpenWRT) with same config as the other and from that Archer a cable to my laptop

Which resulted in full (internet) speeds.

stephenw10

Can you swap the positions of the switch and AP?

They should all be on the same layer2 so it would make no difference but something is not right.

Panja

@stephenw10

Will give that a try. No problem!
Though I will do that tomorrow. The room where the switch is located is occupied by a sleeping little girl at the moment.

SteveITS

@panja Did you connect a computer directly to the pfSense as suggested above? If it is still slow that would rule out the other hardware.

A few things I've found out about inconsistent results, that may or may not help...

Afternoon/evening background traffic is usually higher. People get home from work or school and stream video. While not everyone can run speed tests at 4-5 am that is often where peak speed is seen. At this point I'm rather surprised to get full/expected speed tests from around 3-4 pm to midnight, even at business clients. If your neighborhood's connection is "full" then it doesn't matter if your house is idle.

Different speed test sites can give wildly different results even when run within seconds of each other, especially during busy evenings.

IPv4 vs IPv6 can be different, especially so if using a tunnel like Hurricane Electric.

Depending on the ISP, using your ISP's speed test site might be faster than third party test sites.

JKnott

@panja

Some TP-Link switches, including I believe that model, have problems with VLANs. That might be your issue.

mcury

@jknott said in Not your average "internet speed" problem...:

TP-Link switches, including I believe that model, have problems with VLANs

The VLAN problem is fixed in hardware revision 3.0 and above

JKnott

@mcury said in Not your average "internet speed" problem...:

@jknott said in Not your average "internet speed" problem...:

TP-Link switches, including I believe that model, have problems with VLANs

The VLAN problem is fixed in hardware revision 3.0 and above

Well, we can still blame them.

Panja

I have tried to put my laptop directly into the pfSense box which gives me full speeds. Also when connect to the Archer C7 I get full speeds.

The TP-Link switch has also been replaced by a Netgear as mentioned in my OP.
Getting the same problems with the Netgear.

Speedtest are done right after each other.
Maybe 2 minutes between them. Which always results in the same problems.