OPT1 extremely slow
-
My installation of PFSense 1.2.3 is showing very slow download speeds on OPT1. These speeds vary between 15 and 25 Kb/s (KiloBits) which is extremely slow as I have a 30Mb/s connection and my LAN connection happily downloads at 3500Kb/s on occasion. My PFSense box has a 100Mb/s WAN interface and two 1Gb/s interfaces, one of which is the LAN and one of which is OPT1.
I have traced the issue to internal to PFSense as:
1. Speeds between my PC and another point on the OPT1 Network are at full 1Gb/s network speed.
2. Speeds between my PC and the PFSense box using SSH are at full 1GB/s network speed
3. Speeds between any network point and the WAN via the LAN connection are at the correct internet speed.
4. PFSense is reporting LAN and OPT1 up at 1000Mb/s
I have Squid running on the LAN interface only (was on OPT1 but I disabled it for testing - no difference). I do not have a traffic shaper or any other packages installed (except lightSquid, but I don't think that is relevant).
I have firewall rules in place blocking any traffic from LAN to OPT1 and vice versa. I have a rule on OPT1 allowing OPT1 to all in the manner of the default allow rule in the default LAN configuration.
Please let me know if you need any more information to determine why the OPT1 connection is running so slow.
EDIT: Both NICs are identical (I forget the make & model) and both are connected to the PFSense box via PCI
-
anyone?
-
It is pretty odd.
Hardware conflict?
What hardware are you using?Steve
-
Hardware conflict is unlikely as speeds into & out of the box itself are OK, it's just throughput from WAN to OPT1. OPT1 to any point on the network is at full gigabit speed.
Hardware for WAN is a 100Mb/s Intel network controller built into the motherboard of a Dell Optiplex GX60 from around 2004. LAN and OPT1 are a pair of PCI realtek gigabit network cards.
-
Have you tried switching the NIC assignments?
I can't imagine what might make it run so slowly but still actually work.
Steve
-
Haven't tried that yet. I will try it as soon as possible.
Do you mean physically switch the cards or reinstall with each LAN-side NIC doing the opposite of what it is now?
-
I mean go to the console, vga/keyboard or serial, and select assign interfaces from the menu. Assign LAN as the other card.
You may find that resetting your config like this resolves your problem. That's never a satisfying fix as you don't find the cause but better than no fix. ::)Steve
-
OK, I will try it in the next downtime period. Thanks!
-
The problem has now been traced to my PC rather than the PFSense box.
-
I have now reassessed the situation after a reinstall and testing on my desktop and a complete network tear-down and I have traced the issue to PFSense, not my desktop. The initial problem still remains of download speeds being between 15 and 25 Kb/s on a 30Mb/s line on OPT1 only, the LAN connection is fine.
Could it be that the PFSense configuration is for some reason allocating the entire bandwidth to the LAN connection, even when not in use, and OPT1 is just taking up the spare? Please note there are no traffic shaping rules enabled and I have not changed much in the default config.
-
Did you try re-assigning the NICs yet?
It seems very strange that pfSense would be doing any throttling if you've never used it.Steve
-
Did you try re-assigning the NICs yet?
It seems very strange that pfSense would be doing any throttling if you've never used it.Steve
Sorry, forgot to mention, yes I did. It made no difference.
Just for reference I did swap out the NIC cards as well and this also made no difference.
If I get a chance sometime soon I will reinstall PFSense and see if that makes a difference.
-
I have now reinstalled PFSense and the issue has been corrected… I hope. I will post back if it doesn't work, but in the man time thank you for all your efforts and suggestions.
-
You'll note that none of my suggestions actually did any good! ::)
Anyway good to see you're up and running at a useful speed. Did you reinstall 1.2.3 or go to 2.0RC2?Steve
-
I have stuck with 1.2.3 as I never implemented any new features of 2.0RC1 when I tried it and it has bugs with Squid at the time. I haven't tried 2.0RC2 yet but I will test it out and see if I get the same problems with it that it had with 2.0RC1.
EDIT: I cannot seem to find 2.0RC2 anywhere, unless it is still going under the 2.0RC1 name.
-
Yes, no official word yet on an RC2 release yet but the version reported by the interface has been rc2 for a while now.
See: https://rcs.pfsense.org/projects/pfsense/repos/mainline/commits/00c36201460dc88d4248ea9647b4131f40e5a79eSteve
-
OK, thanks!
