Fiber through switch to WAN port speeds?
-
I have Fiber that is advertised at 200mbps up and down.
I have a dedicated VLAN on one SFP port and one copper port on a layer 2 switch to translate the fiber to copper for either the gateway or pfsense.My ISP gateway gets about 270mbps down and up.
Previously, with pfsense 2.6, directly connecting the same copper line used for the ISP gateway to the WAN port on the pfsense device resulted in a capped speed of about 24mbps up and down.
After upgrading to pfsense 2.7.2, I now get 1000mbps down and about 35-40 mbps up with pfsense.
Obviously, 1000mbps is faster than my advertised connection by about 5X, but the upload speed is still throttled.
My question is, what would be causing this?
I read that pfsense recently upgraded to OpenSSL v3 as v1.1 reached end of life. That likely explains the huge speed boost on downloads, but why would the uploads only still be capped, although still a bit faster than it initially was?
-
The switch to OpenSSL would make no difference at all the connection speeds when testing from LAN side clients.
What NIC type is your WAN? There were some fixes in 2.7.X for some drivers that might apply. Especially if your ISP sends or requires priority tagged traffic.
So check exactly how the ISP router has it's WAN configured. Check if there are any docs for using 3rd party routers with your ISP.
Steve
-
@stephenw10
I've done some testing over the past couple days.
It seems on the hardware side, everything is happening as it should happen.
I tired directly attaching the copper side of the switch directly to my computer(arch linux - no gateway in-between) and there is no difference in speed.
1 gigabit down and 35-40Mbs up.
The ISP gateway still gets around 270Mb/s up and down.
I checked the settings on the ISP gateway and there is nothing that is different from the default DHCP settings in pfsense.
I will say that there is one step on the ISP gateway that is not accounted for with pfsense.
When the ISP gateway was first connected to the fiber, it had to go through an update and signing process.
What this automated setup did is not visible to the end users in the U.I. of the gateway.
So I can only speculate at what this automated setup did.
I have tried cloning the MAC address in the WAN port to the MAC address of the ISP gateway and it did not solve the issue. -
If it has some client side signing then the ISP might be falling back to a default profile when it sees an unknown client. Surprising that would be 1G down though.
What is the ISP? I'd be amazed if no-one else has ever tried to use a 3rd party router.
-
@stephenw10 North Frontenac Telephone Company
the Gateway is Calix GigaSpire GS4220E -
Hmm well I know nothing about them but others may.
