WiFi is slower with pfsense vs Untangle. Any thoughts?
- 
 Hmm, hard to see how. Do you see the same latency in each setup? 
- 
 @stephenw10 For the yellow results, jitter for both download and upload is less than 10 ms. But when speeds hit more than 600 in any of the results, jitter increases to ~15 ms, both for pfSense and Untangle. I really want pfSense to work like the green and blue results... 
- 
 @bokolobs said in WiFi is slower with pfsense vs Untangle. Any thoughts?: Yeah, Iโm about 2 feet away from the AP FWIW there is such a thing as too close to the AP. 
- 
 Yup, that's true. What I really meant there was how far is the pfSense hardware from the AP. Or the test client. 
 But since Untangle is being run on the same hardware (?) that shouldn't make any difference.Steve 
- 
 This is starting to feel a bit like the old story about the janitor who removed the network (cable) terminator during lunch to replace a missing pawn in their chess game.  [just that itโs something weird and unexpected] [just that itโs something weird and unexpected]@bokolobs is there a switch between the AP and your router? If not Iโd connect one and test from the iMac to wireless through the switch, to isolate from the router. 
- 
 @stephenw10 
 Hi! AP is in another room separated from the router appliance by two concrete walls.@steveits 
 Hi! Yes, there is an Omada PoE switch between the router and the AP. I tested the wired connection to the iMac two ways: directly connected to the router (router as server: ~2.35Gbps -R: ~2.20Gpbs); connected to the Omada switch (940/920 Mbps).@rcoleman-netgate 
 Yeah. But I tested from the distance for both.
- 
 Could it be related to the bios setup? 
- 
 @bokolobs Does your AP have a (second) Ethernet port on it? Just thinking about testing wired through the AP. Because pfSense on a router can't affect a device-to-AP connection, where it's not in the middle. So it seems like you should somehow narrow down where the slowdown is happening. All that said, wireless connections do change over time. My Windows PC doesn't move, yet the network properties window often shows a different link speed whenever I look at its wireless settings. I would think that sort of thing would be inconsistent though. 
- 
 Thanks! Unfortunately, my AP only has one port. I know WiFi can be inconsistent. What's boggling is I've done the tests 3 times now, using fresh install of 23.01 and Untangle 16.6.2, but the results are consistent. Which, to summarize, are two points: 1)I'm getting slower WiFi downloads and uploads when using pfSense vs Untangle, with or without traffic shaping and 2) I'm getting slower uploads when using wired connection AND traffic shaping, fq_codel limiters (650). When using wired connection without traffic shaping, I get the same download and upload speeds. It's driving me nuts. 
- 
 @bokolobs I see the same with VPN. Pfsense is unusable using SMB working on 20+ ms latency connections. If I work via RDP it superfast. Connection is 4ms without pfsense in between. With pfsense and VPN it adds 22ms of latency and I bet thats what you see. Something has happened with releases since 2.4.5 that has a performance hit. 
- 
 Just to add, here's my wired speedtest.net results. pfsense, bottom 3 without shaping, top 3 with shaping (650 Mbps both ways). I tried configurations from the Netgate documentation, Tom from Lawrence Systems, and SANS Internet Storm Center. They give similar results. 
  Untangle results, bottom two without QoS, top 3 with QoS. 
  I'm thinking it's related to my WiFi issue. Could it be driver and/or CPU related? Also, correction: I have a 800 Mb/1 Gb connection not 1/1 Gb. Thanks to all who replied. 
- 
 @bokolobs 
 I'd ignore all data with QoS enabled as Untangle and pfSense use FQ_CoDel in subtly different ways.Looking at the unfettered data the bandwidth delivery over copper looks pretty much identical, even with ToD changes, which is nice. Over wifi the results are comparable with upload bandwidth and within normal run-to-run variance, especially with the significant ToD changes. Wifi is a shared medium and the AP and client have to wait their turn if there are other neighbouring wifi users sharing the same channels. Pretty-much all phones have only 2 streams available, limiting their co-channel options as well as the total physical bandwidth, no matter what the AP is physically capable of. In real-world conditions we don't tend to focus at all on wifi download bandwidth as interference, co-channel systems and (increasingly) more than one BSSIDs in use even on home AP equipment. As well as additional BSSIDs, beacons, frame spacing, packet wrapping et al, we also have the 'issue' of UDP packets requiring 'acks' when they traverse a wifi segment. Testing on upload-only reduces the effect of these as the bottlenecks move closer to the device under test. [Clearly this is not how we test devices on a chamber run.] To gain more insight you could run Wireshark / pcap on the wifi side of the network, to see if there are an unusual amount of failures and/or retransmits or increased fragmentation between the 2 different router OS's, but this would probably be more for curiosity than anything else. In either case you are getting reasonably high throughput on both setups in a short-range single-client test. In reality wifi tends to be used for multiple clients at more intermediate or longer ranges, where air-time limitations dominate over simple single-client bandwidth tests.  ๏ธ ๏ธ
- 
 @bokolobs said in WiFi is slower with pfsense vs Untangle. Any thoughts?: Could it be related to the bios setup? Very unlikely. There's nothing there that could affect it like this. Really there's nothing pfSense can do to that would affect the wifi connection. It sees that connection exactly the same as a wired connection. So I agree I would be trying to check the wired connection between pfSense and the AP. And I would double check the latency between the various setups because that can make a significant difference to throughput and it is something pfSense could influence. Steve 
- 
 @robbiett @stephenw10 
 Thank you for your insights.In real-world conditions we don't tend to focus at all on wifi download bandwidth as interference,... 
 Very unlikely. There's nothing there that could affect it like this.Really there's nothing pfSense can do to that would affect the wifi connection. It sees that connection exactly the same as a wired connection. I get this. And I hope really that this was the case for me. But it's the consistent difference in the test results between Untangle and pfSense (single AP, single client) that I want to understand. To gain more insight you could run Wireshark / pcap on the wifi side of the network,... Yeah, this is the next step. I had the house to myself last weekend so I was able to do these tests. But... In either case you are getting reasonably high throughput on both setups in a short-range single-client test. In reality wifi tends to be used for multiple clients at more intermediate or longer ranges, where air-time limitations dominate over simple single-client bandwidth tests. You're right about this. My wife and kids didn't notice any difference between one year of Untangle, followed by months of pfSense, followed by one week of Untangle, followed by one week of pfSense, etc. It's me who is bothered by that marginal difference. I also notice a lower latency when I play online in my Playstation when using pfSense. The rest of my vanilla network set up is pretty much the same between the two OS's (Wireguard, DNS/IP blocking, VPN client). 
- 
 @cool_corona SMB is its own thing...pretty sure I've seen a thread or two this year about SMB over Internet but am not finding it in a quick search. Typical things to check are the RSC setting and SMB version. Also this thread is only about Wi-Fi speeds not wired which are apparently just fine for OP. Just for fun, in our data center: 
 PING google.com (142.250.190.46) 56(84) bytes of data.
 64 bytes from ord37s33-in-f14.1e100.net (142.250.190.46): icmp_seq=1 ttl=121 time=1.41 ms
 64 bytes from ord37s33-in-f14.1e100.net (142.250.190.46): icmp_seq=2 ttl=121 time=1.33 ms
- 
 @bokolobs said in WiFi is slower with pfsense vs Untangle. Any thoughts?: I also notice a lower latency when I play online in my Playstation when using pfSense Hmm, interesting. Is that wifi connected? When looking at wifi vs wired connections what I might expect to see it increased latency and packet loss. Both of which would affect maximum throughput significantly. Any additional latency pfSense might introduce could affect it further and potentially more than you might expect. More than it would over the very low latency on a wired connection. 
- 
 @steveits said in WiFi is slower with pfsense vs Untangle. Any thoughts?: SMB over Internet I think this is answer to wrong thread? @Cool_Corona hasn't posted in this thread - and smb over the internet is not the topic of this thread ;) hehehe 
- 
 @johnpoz said I think this is answer to wrong thread? @Cool_Corona hasn't posted in this thread - and smb over the internet is not the topic of this thread ;) hehehe Well, apart from when he did.   ๏ธ ๏ธ
- 
 Yeah I will say that smb is a good indicator of latency!  smb v3 less so but still... smb v3 less so but still...
- 
 Hmm, interesting. Is that wifi connected? Playstation is wired. By lower latency, I mean I get 30 ms ping when playing using pfSense compared to ~35 ms when in Untangle. I also noticed that when I do the network test, NAT Type 2 gets recognized quicker in pfSense than in Untangle. I'm sorry if we're veering off topic. I view these things as related as everything is the same except the OS of the router appliance. It may be possible that I have not been using the optimized setting for my particular box. I will try pfSense again this weekend and post my settings here. Thanks again! 




