Poor performance with pfsense

mirmit

Hi,

I have a network with a modem/router connecting the wan to pfsense.

When I plug a computer on the WAN router and do a transfert with pfsense also pluged in, I get a transfert rate of about 100ko/s to 200ko/s maximum.

If I unplug the pfsense, I can go over 400ko/s.

The wan is supposed to be able to deliver 6556 kbs.

What could cause this?

I end up to this test, as I get verry poor conection bandwith with the current system. It seem the CPU load is around 10% on the appliance.

eirikz

What kind of installation are you running ?

Bare metal ? Virtualized ?

What version of pfsense is this ?

1.2.3 ? 2.0Beta?

How is the WAN configured ?

Bridged ? Nat'ed ?

mirmit

Hi,

It's an 1.2.3 running on its own machine.

The wan is NATed. It's has been a pretty straightforward installation.

chpalmer

Pinto?  Fiat?  Porsche?

What are the specs of your box that you are running pfSense on?

http://www.pfsense.org/index.php?option=com_content&task=view&id=52&Itemid=49

danswartz

This kind of degradation sounds like maybe an ethernet autonegotiation issue.  What do you see if you do 'ifconfig xxx', where xxx is the WAN nic?  (the LAN too, I guess, it might be speed issue talking to the pfsense not going upstream.)

mirmit

Here is the output of the ifconfigs:

# ifconfig re0
re0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=389b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_ucast,wol_mcast,wol_magic>ether 00:08:a1:7b:16:6e
        inet6 fe80::208:a1ff:fe7b:166e%re0 prefixlen 64 scopeid 0x1
        inet 192.168.0.103 netmask 0xffffff00 broadcast 255.255.255.255
        media: Ethernet autoselect (10baseT/UTP <half-duplex>)
        status: active
# ifconfig em0
em0: flags=8843 <up,broadcast,running,simplex,multicast>metric 0 mtu 1500
        options=9b <rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum>ether 00:08:74:1a:59:5f
        inet 10.42.0.254 netmask 0xffff0000 broadcast 10.42.255.255
        inet6 fe80::208:74ff:fe1a:595f%em0 prefixlen 64 scopeid 0x5
        media: Ethernet autoselect (1000baseTX <full-duplex>)
        status: active</full-duplex></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum></up,broadcast,running,simplex,multicast></half-duplex></rxcsum,txcsum,vlan_mtu,vlan_hwtagging,vlan_hwcsum,wol_ucast,wol_mcast,wol_magic></up,broadcast,running,simplex,multicast> 

The host is a DellGX280 with P4 2.4Ghz with 1G mem.

I think it should be sufficent for the purpose.

danswartz

How about netstat -I on each interface?

mirmit

Here the output:

# netstat -I re0
Name    Mtu Network       Address              Ipkts Ierrs    Opkts Oerrs  Coll
re0    1500 <link#1>00:08:a1:7b:16:6e 10185120     0  7024550     0     0
re0    1500 fe80:1::208:a fe80:1::208:a1ff:        0     -        1     -     -
re0    1500 192.168.0.0   192.168.0.103        26481     -    36633     -     -
# netstat -I em0
Name    Mtu Network       Address              Ipkts Ierrs    Opkts Oerrs  Coll
em0    1500 <link#5>00:08:74:1a:59:5f  7526432     0 10693799     0     0
em0    1500 10.42.0.0     pfsense             585160     -   597030     -     -
em0    1500 fe80:5::208:7 fe80:5::208:74ff:        0     -        1     -     -</link#5></link#1> 

danswartz

Hmmm, well doesn't look like an ethernet issue :(  For your speeds, are you meaing KB/sec (kilobytes?)

mirmit

Yes, it's Kilobytes per seconds.

chpalmer

(10baseT/UTP <half-duplex>)</half-duplex>

This catches my eye…  Are you forcing this on the computer end?

mirmit

I didn't. I guess it's the Netopia 4541 router on the WAN end which bring this. There is no option in the menus to act on this.