Slow speed behind pfsense
-
Hello all
I have a pfsense 1.2.3 installed on a server with 2 broadcom NICs.
The configuration as below:public IP <–-> pfSense <---> private IP
In the private side, a machine named A wants to connect a SMTP server outside the pfSense and send a mail with 300k attachment, but spends about 2 minutes to send. (1kB/s average)
Another machine named B has public IP, doing the same thing as A, only spends 1 seconds to send.
top -SH & netstat -ni don't see anything irregular.
What the situation would it be? and how to solve it?
(Note: my pfSense has run squid, but the loading is very low)
Thanks a lot
-
Hello
Does anyone know about it?Thanks a lot
-
So are you currently running squid?
If yes: search the forum for "slow internet with squid". There are dozens of threads about this. -
Hello
Yes, I've running squid on it,
but it seems fine to download a file behind pfSense, it usually runs at 3~4MB/s
but while send a mail with 300k attachment to the smtp server outside pfSense,
it runs about 5~7sec to finish a mailthis thing confuses me a while ???
-
Can you see the dialog or log messages between your SMTP device and the remote server? The problem may be with one of those, not pfSense.
-
Hello Cry
Seems not the problem of SMTP server
while I disable firewall and use public IP to send mail
it only spends < 1s to finishthere is nothing wrong about nat settings…
and I've checked if this would be a MTU mismatch problem, but seems not
all pfsense, machines inside pfsense, and SMTP server were the same MTU as 1500 -
Without seeing a packet capture during a slow SMTP send, it's hard to comment.
-
Try using your pfsense box without other services like squid, disable all and try???
-
Without seeing a packet capture during a slow SMTP send, it's hard to comment.
^ this. If you can attach a pcap of only that SMTP traffic we can probably tell you why. My first guess is you have a PMTUD problem of some sort. Dropping the MTU on your mail server to 1400 is one way to test that.
-
Thanks all,
I found it might be a MTU problem while I tuning the MTU down on mail server….