Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT appears to be splitting my bandwidth in 3….

    Scheduled Pinned Locked Moved NAT
    5 Posts 3 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      dlawless
      last edited by

      I have 2 firewalls set up with CARP and 2 ISP's so we have fail over and redundancy on the network.  We route all web traffic over ISP1 and NAT all other traffic over ISP2.  However the ISP we are routing our web traffic over has divided our download connection by 3 when I have Manual Outbound NAT enabled, as well it has significantly increased ping times when large file transfers occur (~900ms, should be somewhere around 250ms - 300ms), upload is unaffected, as soon as I go to Automatic Outbound NAT I get the full speeds back, I can not go to Automatic Outbound NAT due to the configuration of the firewalls will not route mail outbound properly.  It seems like it is something to do with the ISP and how it interprets the packets but I am not positive.

      I made sure that ISP1 was routing our IP addresses to the respective CARP address.

      Without alot of reconfiguration I am unable to test if this same behavior would happen with ISP2

      I have tested speeds on the WAN side of the firewall and I have full down speeds.

      I have double checked that all the VHID's are unique with the CARP interfaces so their is no conflict (as noted in the pfsense book).

      I have double check that all the VIP's are set up correctly with the correct networks.

      I have the correct Manual Outbound NAT rule configured.

      Any help would be appreciated.

      I guess my question is has anyone seen and ISP do this with a similar set up and if so what is the direction I should try to go in?

      1 Reply Last reply Reply Quote 0
      • D
        dlawless
        last edited by

        This is definitely a firewall only issue as I have hooked up a computer on each end of the problematic firewall and transfered a file at ~10mb/s, I configured an identical set up on a fresh install of pfSense and was getting ~30mb/s.  I would really appreciate any insight on something I may be doing wrong?

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          You have traffic shaping enabled? Sounds like it.

          1 Reply Last reply Reply Quote 0
          • D
            dlawless
            last edited by

            I thought that was the case as well but I checked and it is not enabled.  I also double checked the configuration file just to make sure the gui wasn't telling me the whole story.  Does anyone else have any other suggestions, I may have to move away from pfSense if I can not resolve this problem and I would hate to do that because of how nice the platform is.

            1 Reply Last reply Reply Quote 0
            • D
              danny_248
              last edited by

              Are you using 1:1 nat? or port forward?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.