1. Home
  2. pfSense® Software
  3. NAT
  4. Slow speed behind pfsense

Slow speed behind pfsense

  • S

    Hello all

    I have a pfsense 1.2.3 installed on a server with 2 broadcom NICs.
    The configuration as below:

    public IP  <–-> pfSense <---> private IP

    In the private side, a machine named A wants to connect a SMTP server outside the pfSense and send a mail with 300k attachment, but spends about 2 minutes to send. (1kB/s average)

    Another machine named B has public IP, doing the same thing as A, only spends 1 seconds to send.

    top -SH & netstat -ni don't see anything irregular.

    What the situation would it be? and how to solve it?

    (Note: my pfSense has run squid, but the loading is very low)

    Thanks a lot

    0
  • S

    Hello
    Does anyone know about it?

    Thanks a lot

    0
  • GruensFroeschli

    So are you currently running squid?
    If yes: search the forum for "slow internet with squid". There are dozens of threads about this.

    0
  • S

    Hello

    Yes, I've running squid on it,
    but it seems fine to download a file behind pfSense, it usually runs at 3~4MB/s
    but while send a mail with 300k attachment to the smtp server outside pfSense,
    it runs about 5~7sec to finish a mail

    this thing confuses me a while  ???

    0
  • Cry Havok

    Can you see the dialog or log messages between your SMTP device and the remote server?  The problem may be with one of those, not pfSense.

    0
  • S

    Hello Cry

    Seems not the problem of SMTP server
    while I disable firewall and use public IP to send mail
    it only spends < 1s to finish

    there is nothing wrong about nat settings…

    and I've checked if this would be a MTU mismatch problem, but seems not
    all pfsense, machines inside pfsense, and SMTP server were the same MTU as 1500

    0
  • D

    Without seeing a packet capture during a slow SMTP send, it's hard to comment.

    0
  • L

    Try using your pfsense box without other services like squid, disable all and try???

    0
  • C

    @danswartz:

    Without seeing a packet capture during a slow SMTP send, it's hard to comment.

    ^ this. If you can attach a pcap of only that SMTP traffic we can probably tell you why. My first guess is you have a PMTUD problem of some sort. Dropping the MTU on your mail server to 1400 is one way to test that.

    0
  • S

    Thanks all,
    I found it might be a MTU problem while I tuning the MTU down on mail server….

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy