Slow internet!! HELP.
-
I decided to transfer over to pfsense from untangle the other night for reasons I don't want to disclose, needless to say I was pretty happy about the switch :D.
Now, I have a problem. It's not a unknown problem - I had this issue with untangle, and I found limiting both WAN and LAN to 50Mbps total transfer speed (cant remember if it was half duplex or full duplex, I believe half) fixed connection issue.
The problem is, I tried that with pfsense. And while I was definitely able to limit WAN, LAN never showed up as half-duplex. When I attempted to do this, it just removed the half-duplex and full-duplex from the LAN details and slapped on 100Mbps with nothing else.
Thinking it was a firmware issue, I updated to the 2.0 alpha build (love it by the way, great work.) But alas, I still have the issue.
With untangle properly configured:
With Pfsense (not configured properly, obviously):
Since I host servers (business FiOS connection + Static IP) this is very important to me. It appears to be a issue with per-connection and not global, since I can only dl files at 15KB/s now.
Help?. Please?.
-
I have a pfSense box protecting a home ADSL connection. The ADSL modem routinely reports download speeds of over 4Mbps. I have seen download rates of over 400kB/s (3,200kbits/sec) on bit torrents. You should certainly be able to get much better speeds than you are reporting.
I noticed your ping time is reported as over three times greater with pfSense in circuit. This is suspicious.You MIGHT get better results if you disable hardware checksums (web GUI: System -> Advanced, scroll down to Hardware Options and check the box Disable Hardware Checksum Offloading. SOME device drivers are known to erroneously think that certain devices have hardware checksum capability when the devices don't have that capability.
The problem is, I tried that with pfsense. And while I was definitely able to limit WAN, LAN never showed up as half-duplex. When I attempted to do this, it just removed the half-duplex and full-duplex from the LAN details and slapped on 100Mbps with nothing else.
I don't understand that: did you want to set BOTH the LAN and WAN interfaces to half duplex mode? If so, why?
-
I don't understand that: did you want to set BOTH the LAN and WAN interfaces to half duplex mode? If so, why?
Thats the only way I was able to get the correct upload/download speed with untangle. It had to be both, or it wouldn't work right.
-
disabling the checksum didn't help.
-
do you have a router such as cisco on your wan interface?
i have had issues at many sites where the isp supplied router is not set to autodetect link speed and duplex. the only way to cure it is to match link speed/duplex exactly or put a switch inbetween to handle this for you.gordon
-
I'm starting to suspect pfsense is throttling downloads, is there any way to confirm this?. Maybe the MTU needs to be set?. (not set currently).
I've tried another NIC, no luck.
-
Perhaps the "router" (box between pfSense and the Internet) is relying on flow control to stop the downstream box swamping it. As Gob suggested, it would be good to check the requirements the router places on downstream equipment.
I find it hard to guess why a pfSense box would triple the ping times. Apart from the speedtest apparently using a different server, what is the difference between the two tested configurations?
Does the pfSense box have plenty of idle time? (Perhaps its way underpowered; perhaps you have inadvertently started some sort of CPU hog on it.)
-
Perhaps the "router" (box between pfSense and the Internet) is relying on flow control to stop the downstream box swamping it. As Gob suggested, it would be good to check the requirements the router places on downstream equipment.
I find it hard to guess why a pfSense box would triple the ping times. Apart from the speedtest apparently using a different server, what is the difference between the two tested configurations?
Does the pfSense box have plenty of idle time? (Perhaps its way underpowered; perhaps you have inadvertently started some sort of CPU hog on it.)
It's a ONT, not a router. ONT > Pfsense > Switch > two computers.
Pfsense is on a box with 2Ghz processor and 1GB ram, and its hardly using any of the resources.
There is no difference between the configurations I used with pfsense and untangle other then the port speed. If you know some way to let me set 50Mbps full duplex or 100Mbps half duplex on both the LAN and WAN, let me know.
-
Alright, this is annoying me. If anyone can actually help me out, I would appreciate it (PM me, I'll give you SSH if you are trustworthy.)
It is starting to look like pfsense can't put more then 300KB/s download per connection. It's not a global thing - I can have multiple downloads running at 300KB/s.
It's not my ISP because this was not happening with untangle after setting the correct port speeds, or with the default router my ISP provided me (Which I replaced because of the small NAT table.. and I hated the router).
-
I'm happily pushing in excess of 20 Mb/s through my pfSense box without problems. It certainly isn't a pfSense limitation.
I wonder if you've got a hardware problem - can you swap the NICs for some Intel (server grade) cards?
-
I don't own any intel cards, and as I said I've tried another NIC with no luck.
Plus I don't see why it would be a NIC issue if I'm pushing 20Mbps up, and only 300KB/s down per connection.
-
It is starting to look like pfsense can't put more then 300KB/s download per connection. It's not a global thing - I can have multiple downloads running at 300KB/s.
I routinely run 900KB/s + on my system on per connection. Have another box you could try? Maybe swap the harddrive of your pfSense box into the one your running Untangle on…
-
Perhaps you don't understand what I'm saying?. Untangle gave me my full connection on the same box, same hardware. It's not a hardware issue.
Might be a driver issue, but not sure.
The "problem" I believe is the ONT is only capable of 10Mbps, 100Mbps and 1000Mbps. PFSense tries to negotiate it at 1000Mbps on a 100Mbps card.
Now, the solution to this is to set it to a certain port speed. Unfortunately PFSense seems to not be able to set it correctly, when I try setting both lan and wan to 100Mbps half duplex, it reverts the configuration back to the old.
It cant be one or the other for whatever strange reason, I had that same issue with untangle - it was either both cards or none at all. I can set the WAN to 100Mbps half duplex, but not both. I tried switching the LAN cards as well, but it still reverted back.
So I'm guessing running both cards in half-duplex 100Mbps is impossible on PFSense?.
Edit: Ah, just realized the last part of what you said. I replaced the untangle OS/Distro with PFSense.
-
The "problem" I believe is the ONT is only capable of 10Mbps, 100Mbps and 1000Mbps.
This is not surprising since these speeds are the only "standard" Ethernet speeds (except for 10Gbps).
PFSense tries to negotiate it at 1000Mbps on a 100Mbps card.
How did you determine that? Which card? What is the driver name in pfSense?
Now, the solution to this is to set it to a certain port speed. Unfortunately PFSense seems to not be able to set it correctly, when I try setting both lan and wan to 100Mbps half duplex, it reverts the configuration back to the old.
How do you set both lan and wan to 100Mbps half duplex? When does the configuration revert back to the old?
It cant be one or the other for whatever strange reason, I had that same issue with untangle - it was either both cards or none at all. I can set the WAN to 100Mbps half duplex, but not both. I tried switching the LAN cards as well, but it still reverted back.
What LAN cards have you tried?
Are you sure your "switch" is really a switch and not a hub? Hubs have simpler electronics than switches and have to operate in half duplex. Switches can normally operate in either full duplex or half duplex.
-
The "problem" I believe is the ONT is only capable of 10Mbps, 100Mbps and 1000Mbps.
This is not surprising since these speeds are the only "standard" Ethernet speeds (except for 10Gbps).
PFSense tries to negotiate it at 1000Mbps on a 100Mbps card.
How did you determine that? Which card? What is the driver name in pfSense?
Now, the solution to this is to set it to a certain port speed. Unfortunately PFSense seems to not be able to set it correctly, when I try setting both lan and wan to 100Mbps half duplex, it reverts the configuration back to the old.
How do you set both lan and wan to 100Mbps half duplex? When does the configuration revert back to the old?
It cant be one or the other for whatever strange reason, I had that same issue with untangle - it was either both cards or none at all. I can set the WAN to 100Mbps half duplex, but not both. I tried switching the LAN cards as well, but it still reverted back.
What LAN cards have you tried?
Are you sure your "switch" is really a switch and not a hub? Hubs have simpler electronics than switches and have to operate in half duplex. Switches can normally operate in either full duplex or half duplex.
Yes.. I'm sure its a switch.
I edit the configuration file in cf/conf to change the port speed. I was doing it right since I could do each of them separately but not at the same time.
As for how I determined it was at 1000Mbps… it told me in the status - interfaces page.
Right!. New issue!.
In/Out errors on WAN: 90109/0
In/Out errors on LAN: 1/0
Something is obviously wrong. It's not the card - I've tried another one.
-
I suspect its unlikely that an interface not capable of operating at 1000Mbps would negotiate to operate at 1000Mbps. Regardless, there is almost certainly a problem on your WAN link with that error count. Do you have the correct cable for the link between ONT and WAN interface of pfSense? Should it be crossover or straight through?
-
Have you tried a switch inline between WAN and ONT?
-
@Gob:
Have you tried a switch inline between WAN and ONT?
Assuming you mean directly accessing the ONT or changing the ethernet cable… no. Seeing as it was working 100% fine 3 days ago with untangle. I'm not trying to turn this into a pfsense vs untangle thread, since I like PFSense better then untangle by a mile - it's just I'm getting tired of people assuming the issue is hardware related when I've already said multiple times it worked fine before.
wallabybob:
The network card on pfsense is 100Mbps. The ONT can reach 1000Mbps speeds. PFSense was reporting it was linked at 1000Mbps. Obviously it can't reach those speeds, so its just bad negotiation.
Like I said above, same configuration that I was using for untangle 3 days ago that worked.
Is this a driver problem?.
-
"I had this issue with untangle, and I found limiting both WAN and LAN to 50Mbps total transfer speed (cant remember if it was half duplex or full duplex, I believe half) fixed connection issue."
Your first post tells me you have a hardware problem.
Roy…
-
Seeing as it was working 100% fine 3 days ago with untangle. I'm not trying to turn this into a pfsense vs untangle thread, since I like PFSense better then untangle by a mile - it's just I'm getting tired of people assuming the issue is hardware related when I've already said multiple times it worked fine before.
At least two people have pointed out their pfSense system gets much better bandwidth than you are able to report. So what's different about your configuration that causes you to get much lower bandwidth? pfSense software is common so perhaps its a device driver that you are using that others aren't using. Perhaps its "hardware". Perhaps you can suggest something else.
About working 100% fine 3 days ago with untangle: did you ever check the "wan" error counts in untangle? If not, how can you be sure you didn't just find a mode that worked "well enough" rather than one that worked 100%?
If you are not prepared to allow the possibility that there might be "hardware" error in a configuration that apparently should work correctly in full duplex mode but requires half duplex mode to give "good enough" performance then I think I'm probably wasting my time continuing the conversation. I'm not saying it must be a hardware problem, but it does look like one to me.
Is this a driver problem?.
Maybe. What are your interfaces (e.g. WAN is xl0, LAN is de0)? (This information can be obtained from the WEB GUI: Interfaces -> Assign or Status -> Interfaces or provide the output of the shell command ifconfig -a)
You haven't yet answered my question about the cable to the ONT: are you sure you have the correct cable (including that the cable is not too long etc)?
