Will a different NIC give me more bandwidth/performance?

  • Hi,

    first time user of pfsense here and so far, I am very pleased and happy with it.

    For my test machine, I pulled a thin client with a VIA C7 1 GHz CPU, 256 Megs of RAM and a 1GB CF card as boot drive. It has an onboard VIA Fast Ethernet port (currently my LAN) and I added a very very old Asante 590 Fast Ethernet PCI card as my WAN port to test with (my Intel Desktop gigabit PCI card from ebay is not here yet).

    Anyway, I installed 1.2.3 release as the 2.0b5 installer gave me a hard time and then upgraded to 2.0b5.

    I connected the WAN port to my gigabit network and hooked up my laptop to the LAN port. I have both networks (my normal lan which is the wan for pfsense and the lan behind pfsense) set up as class c networks (but with different ip ranges of course).

    When I copy a file from or to an Ubuntu smb share through pfsense, I only get around 75MBit/s of bandwidth according to the web gui of pfsense, my laptop shows about 8.2MByte/s of throughput. Where are the other 25% of bandwidth? The cpu seems bored (according to the web interface) peaking out at about 50% max. This bandwidth is both with 1.2.3 release and 2.0b5.

    Will I gain any more performance when I switch LAN <-> WAN after I put the Intel card into the PCI slot? What can I do to increase the bandwidth to the maximum of ~100MBit/s? I want to upgrade to DOCSIS 3.0 cable with 100MBit/s, so I'd love to use pfsense as my firewall/router for that… but if it "steals" 25% of bandwidth, there must be something I can do...


  • Netgate Administrator

    You should be able to max out a 100Mb/s connection with that hardware. As you say the cpu isn't running at 100%. You'll never quite get 100Mb/s because of overheads in the connection but I would have thought 95Mb+.
    It could be a driver problem if the card is very old and hasn't been updated in a while. What drivers are your cards using?
    Have you tried transfering a file from the pfSense box it'self? That way you could test each interface individually.


  • Have you tried transfering a file from the pfSense box it'self? That way you could test each interface individually.

    Durrr, thanks for pointing me into that direction… I will of course try that first before asking more questions... thanks! I am pretty sure it could be a driver conflict... The card is roughly 10 years old I would say, it's some vintage PNIC II chipset... I'll do the testing and also wait for my Intel card. Have a nice weekend :-)

  • How exactly would I measure the bandwidth of every port individually? I thought I was clever and scp'ed a file through the individual interfaces, but… since the compact flash card tops out at around 4MB/s, that was of no use.

    Anway, with the Intel Desktop NIC I get 97MBit/s with 100%CPU, I think that is pretty good considering I will rarely receive a full 100MBit/s from the interwebs :-)

  • Netgate Administrator

    When doing some bandwidth testing recently I used the TTCP tool. It's available as a package from FreeBSD so easy to install on pfSense. Also there are versions for Windows and Linux so you will probably have other machines to run it on already. It runs client/server and generates and sinks traffic on the fly so it's not slowed by disk performance.


Log in to reply