Bad Performance 5mb link
-
Hi all, hope you can give me a hand with this. My setup is as follows
___Public IP 001
|
|
WAN –-- pfSense ------Public IP 002 (CARP IF)
|
|__Public IP 003 (CARP IF)The link is a 5mb link. pfSense 1.2.3
My ISP stats 001.png and 002.png.
The problem seems to be a bottleneck affecting my link, as fas as the ISP concerns our fw is misconfigured or performing poorly. I've checked http://doc.pfsense.org/index.php/High_Load_Troubleshooting and all the commands shows an almost idle box
#systat -vmstat 1
Load 0.00 0.01 0.00 |
0.0%Sys 0.0%Intr 0.0%User 0.0%Nice 100%Idle %ozfod 44 em0 irq21
| | | | | | | | | | |sometimes it reads 95% idle
#netstat -m
516/1149/1665 mbufs in use (current/cache/total)
514/694/1208/0 mbuf clusters in use (current/cache/total/max)
512/512 mbuf+clusters out of packet secondary zone in use (current/cache)
0/44/44/12800 4k (page size) jumbo clusters in use (current/cache/total/max)
0/0/0/6400 9k jumbo clusters in use (current/cache/total/max)
0/0/0/3200 16k jumbo clusters in use (current/cache/total/max)
1157K/1851K/3008K bytes allocated to network (current/cache/total)
0/0/0 requests for mbufs denied (mbufs/clusters/mbuf+clusters)
0/0/0 requests for jumbo clusters denied (4k/9k/16k)
0/7/6656 sfbufs in use (current/peak/max)
0 requests for sfbufs denied
0 requests for sfbufs delayed
0 requests for I/O initiated by sendfile
0 calls to protocol drain routinestop -S
last pid: 15831; load averages: 0.00, 0.00, 0.00 up 0+23:35:54 16:31:09
107 processes: 3 running, 88 sleeping, 16 waiting
CPU: 0.0% user, 0.0% nice, 0.7% system, 0.6% interrupt, 98.7% idle
Mem: 34M Active, 13M Inact, 49M Wired, 4K Cache, 53M Buf, 1887M Free
Swap: 4096M Total, 4096M FreePID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
11 root 1 171 ki31 0K 8K RUN 1 23.3H 100.00% idle: cpu1
12 root 1 171 ki31 0K 8K CPU0 0 23.2H 100.00% idle: cpu0
13 root 1 -32 - 0K 8K WAIT 0 8:17 0.00% swi4: clock sio
18 root 1 -28 - 0K 8K WAIT 0 3:48 0.00% swi5: +
38 root 1 -68 - 0K 8K - 0 3:04 0.00% em0 taskq
16 root 1 44 - 0K 8K - 0 0:26 0.00% yarrow
728 root 1 8 20 3492K 1552K wait 1 0:13 0.00% sh
13468 root 1 4 0 40712K 14640K accept 0 0:13 0.00% php
494 root 1 4 0 7192K 5052K kqread 1 0:09 0.00% lighttpd
22 root 1 8 - 0K 8K - 1 0:07 0.00% thread taskq
5 root 1 -8 - 0K 8K - 1 0:07 0.00% g_up
44 root 1 8 - 0K 8K pftm 1 0:06 0.00% pfpurge
864 root 1 8 20 3156K 800K nanslp 1 0:05 0.00% check_reload_status
6 root 1 -8 - 0K 8K - 1 0:05 0.00% g_down
363 root 1 44 0 3268K 1152K select 0 0:04 0.00% syslogd
378 root 1 -58 0 5716K 2684K bpf 1 0:04 0.00% tcpdump
51 root 1 20 - 0K 8K syncer 0 0:04 0.00% syncer#systat -iostat 1
/0 /1 /2 /3 /4 /5 /6 /7 /8 /9 /10
Load Average/0% /10 /20 /30 /40 /50 /60 /70 /80 /90 /100
cpu user|
nice|
system|
interrupt|
idle|XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/0% /10 /20 /30 /40 /50 /60 /70 /80 /90 /100
ad4 MB/s
tps|systat -netstat 1
/0 /1 /2 /3 /4 /5 /6 /7 /8 /9 /10
Load Average#systat -netstat 1
Local Address Foreign Address Proto Recv-Q Send-Q (state)
localhost.19009 . udp4 0 0
localhost.19008 . udp4 0 0
localhost.19017 . udp4 0 0
profw.mysite.40403 webserver.mysite.domai udp4 0 0
190.96.88.142.51476 ntp.reuna.cl.ntp udp4 0 0
190.96.88.142.14003 inti.inf.utfsm.c.ntp udp4 0 0
localhost.19000 . tcp4 0 0 LISTEN
localhost.19001 . tcp4 0 0 LISTEN
localhost.19002 . tcp4 0 0 LISTEN
localhost.19004 . tcp4 0 0 LISTEN
localhost.19005 . tcp4 0 0 LISTEN
localhost.19006 . tcp4 0 0 LISTEN
localhost.19007 . tcp4 0 0 LISTEN
localhost.19010 . tcp4 0 0 LISTEN
localhost.19011 . tcp4 0 0 LISTEN
localhost.19012 . tcp4 0 0 LISTEN
localhost.19013 . tcp4 0 0 LISTEN
localhost.19014 . tcp4 0 0 LISTEN
localhost.19015 . tcp4 0 0 LISTEN
localhost.19016 . tcp4 0 0 LISTEN
profw.mysite.ssh 200-142-136-236.s.55977 tcp4 0 0 ESTABLISHED
localhost.19003 . tcp4 0 0 LISTEN
localhost.ftp-prox . tcp4 0 0 LISTEN
profw.mysite.48108 webserver.mysite.domai tcp4 0 0 ESTABLISHEDI've got more or less 5 rules per IP. Incoming services mostly, my LAN is about 6 machines.
So the questions, is there any different you can tell between a Proxy ARP V/S CARP IF ? I use CARP because i need to ping on it.
What on earth could be affecting the fw performance? By the way, I know I can't reach 5 mb, but my ISP insists that we should.
What more test could I carry out?PS: I plugged a laptop onto the ISP modem and speed was fairly what they sold to us, 5mb.
Hope all relevant information is clear and present.