Installed PfSense, but the whole internet is slow! Help!

Gertjan

@pifiu:

lol so if they didnt get faster, whats the point! :P

…cause it's seems completely non logic to me to use a PPPoE ADSL modem as a DNS intermediate hop. pfSense keeps a list op 'up-stream' DSNS devices – and the ones connected (remember: the initital state of a pfSense box is DHCP-client on his WAN port – so he will log the obtained address as a DNS relayer in a file like i.e. nameserver_sis0).
The first IP was the one from my PPPoE modem device, which isn't a DNS relay at all. But it could be one when it’s in router mode – and it has still this IP at the interface side that is connected to the WAN interface of the pfSense box.
The second IP one is the real ISP DNS, obtained by the PPPoE connection.

When pfSense fires of a DNS request, it will try to use my (local) 10.0.0.138 device – which will be useless – it can’t route to this address anyway (it’s ‘local’ and can’t be routed to the net). pfSense will shift over to the second DNS - this time it's always jack-pot.

That why.... just to win some ‘resolve’ time…….

Anyway, having a 10.0.0.138 as a DNS on a adsm modem - and a PPPOE connection on it - is not 'logic'.

hoba

@Gertjan:

@pifiu:

lol so if they didnt get faster, whats the point! :P

…cause it's seems completely non logic to me to use a PPPoE ADSL modem as a DNS intermediate hop. pfSense keeps a list op 'up-stream' DSNS devices – and the ones connected (remember: the initital state of a pfSense box is DHCP-client on his WAN port – so he will log the obtained address as a DNS relayer in a file like i.e. nameserver_sis0).
The first IP was the one from my PPPoE modem device, which isn't a DNS relay at all. But it could be one when it’s in router mode – and it has still this IP at the interface side that is connected to the WAN interface of the pfSense box.
The second IP one is the real ISP DNS, obtained by the PPPoE connection.

When pfSense fires of a DNS request, it will try to use my (local) 10.0.0.138 device – which will be useless – it can’t route to this address anyway (it’s ‘local’ and can’t be routed to the net). pfSense will shift over to the second DNS - this time it's always jack-pot.

That why.... just to win some ‘resolve’ time…….

Anyway, having a 10.0.0.138 as a DNS on a adsm modem - and a PPPOE connection on it - is not 'logic'.

This was just fixed by scott. Thanks for reporting.

pifiu

@Gertjan:

@pifiu:

lol so if they didnt get faster, whats the point! :P

…cause it's seems completely non logic to me to use a PPPoE ADSL modem as a DNS intermediate hop. pfSense keeps a list op 'up-stream' DSNS devices – and the ones connected (remember: the initital state of a pfSense box is DHCP-client on his WAN port – so he will log the obtained address as a DNS relayer in a file like i.e. nameserver_sis0).
The first IP was the one from my PPPoE modem device, which isn't a DNS relay at all. But it could be one when it’s in router mode – and it has still this IP at the interface side that is connected to the WAN interface of the pfSense box.
The second IP one is the real ISP DNS, obtained by the PPPoE connection.

When pfSense fires of a DNS request, it will try to use my (local) 10.0.0.138 device – which will be useless – it can’t route to this address anyway (it’s ‘local’ and can’t be routed to the net). pfSense will shift over to the second DNS - this time it's always jack-pot.

That why.... just to win some ‘resolve’ time…….

Anyway, having a 10.0.0.138 as a DNS on a adsm modem - and a PPPOE connection on it - is not 'logic'.

I understand now. However I dont think that might be the issue at hand. Although yes the resolving will be quicker, once it resolves, there should not be a constant slowdown correct?

I just think the issue is somewhere else. Any other suggestions? I appreciate the input, and at least we got something corrected :)

Gertjan

What about skipping one hop ?

Connect with SSH to pfSEnse and download this (like this) :

fetch -o /tmp/firmware.tgz http://pfsense.untouchable.net/downloads/pfSense-1.0-RC3-LiveCD-Installer.iso.gz

If this is also slow, then at least you know that it's your WAN connection to blaim - local LAN will be excluded.
Try several download servers before drawing conclusions.

Another tip: swap WAN and LAN.
I also use a classic Intel onboard NIC, and two Realtek 'free with a box of rise' NIC's on PCI slots.
Your 'dual head' NIC (Intel) isn't supported well maybay by FreeBSD - declare it OPT1 for now to isolate it.
Put the WAN and LAN on the two Realteks.

What about some special BIOS NIC settings in your PC to toy with ?

pifiu

Couple of things that I am not sure if I mentioned.

I cant seem to access IRC. It starts to connect and then says "(no identd (auth) response)".

I changed the cable today that went from the WAN to the DSL modem, and then tried to download that file directly from the pfsense box, and got normal working speeds 200-300KBps.

I dont know if it was the cable or pure coincidence, but IRC seemed to start working again!

Went ahead and tried to browse at random sites, but still it wasnt really working, speeds are slower than 56k, and sometimes pages dont finish loading.

I also went ahead and deleted that 192.168.1.1 address from the DNS as was mentioned up top.

hoba

Do you have another modem to try?

pifiu

@hoba:

Do you have another modem to try?

no I dont. :-[ :-[

but you think that might be the problem? It works fine when I connect it either straight to the modem or through the Linksys router. I think the modem is fine?

hoba

Sometimes devices negotiate with some nics just fine and have problems with other ones. Would be worth a try. What does status>interfaces show for your nics? collisions? errors, maybe a wrong duplex mode somewhere?

pifiu

@hoba:

Sometimes devices negotiate with some nics just fine and have problems with other ones. Would be worth a try. What does status>interfaces show for your nics? collisions? errors, maybe a wrong duplex mode somewhere?

it did show some errors, like 30 over the span of an hour.

I have some 3com NICs I will try today, and I also want to try to re-format and re-install.

pifiu

Well I really dont know what to do now.

I went ahead and took the Realtek cards out of the system completely. I installed some 3com ones that are supported according to the list. (cant remember their models exactly). Installed pfsense again and now it only detects one of them. yes both are connected since I have a link light on both of the 3com ones.

ARGH I think I am really going to give pfsense a rest and come back in a couple of months and see if its changed in any way.

Back to clark connect I go.  :-[

hoba

You must have some rally strange hardware issues. Replacing the box most likely will fix it. Strange as I have a similiar 1U IBM Serversystem (e330) at home that runs just fine with pfSense. Maybe a Biosupdate would help?

pifiu

@hoba:

You must have some rally strange hardware issues. Replacing the box most likely will fix it. Strange as I have a similiar 1U IBM Serversystem (e330) at home that runs just fine with pfSense. Maybe a Biosupdate would help?

actually I believe it IS a 330?

i dont know, finding a bios through the IBM site is a mess!

hoba

Here's everything for this server: http://www-307.ibm.com/pc/support/site.wss/product.do?template=/product.do?template=%2Fproductpage%2Flandingpages%2FproductPageLandingPage.vm&sitestyle=ibm&brandind=8&familyind=50276&machineind=0&modelind=0&partnumberind=0&subcategoryind=0&doctypeind=9&doccategoryind=0&operatingsystemind=49977&validate=true

My one has 1,2 GB, 1x1,4 GHz PIII-S (512kb cache, second cpu socket not used). 2x 18GB SCSI RAID1. Additional to the 2 fxp onboard nics I have a 4port switchcard that is realtek based in it. The only thing that I had to do to make the live-cd boot completely is to disable dma for the atapi cdrom and disable the fdd in bios or it would halt somewhere on bootup (see http://wiki.pfsense.com/wikka.php?wakka=BootOptions for how to disable the dma mode).

pifiu

@hoba:

Here's everything for this server: http://www-307.ibm.com/pc/support/site.wss/product.do?template=/product.do?template=%2Fproductpage%2Flandingpages%2FproductPageLandingPage.vm&sitestyle=ibm&brandind=8&familyind=50276&machineind=0&modelind=0&partnumberind=0&subcategoryind=0&doctypeind=9&doccategoryind=0&operatingsystemind=49977&validate=true

My one has 1,2 GB, 1x1,4 GHz PIII-S (512kb cache, second cpu socket not used). 2x 18GB SCSI RAID1. Additional to the 2 fxp onboard nics I have a 4port switchcard that is realtek based in it. The only thing that I had to do to make the live-cd boot completely is to disable dma for the atapi cdrom and disable the fdd in bios or it would halt somewhere on bootup (see http://wiki.pfsense.com/wikka.php?wakka=BootOptions for how to disable the dma mode).

wow that is very helpful! I really appreciate your input and dedication to the community!

I will certaintly give that a try sometime this week.

Yes random it was also halting at the drive detection screen, but sometimes it went through? Also though one of my cards wasnt being detected though on the PCI bus. I had 2 onboard + 2 realteks and only one realtek got picked up.

I will do a bios update and try those settings and maybe report back this weekend.

Again thanks!