4Mb/s WAN but 90Mb/s upload? PFSense 2.0

  • I am running 2.0 Release on a dual WAN setup with one of the WANs @ 2Mb/s and other one at 4Mb/s.

    WAN1 is the on-board Realtek 100Mbps RTL8111C (re0) ethernet. WAN2 and LAn interfaces are on a dual port Intel Gigabit PCI-X card (em0, em1)  utilising 32-bit PCI slot of the board.

    WAN2 is em1 while LAN (em0) is connected to 100base TX switch.

    The box is Atom 1.8GHz single core processor and 2GB RAM and the cleartext throughput calculated using iperf was:

    WAN1 - LAN = 93Mbps
    WAN2 - LAN = 400Mbps

    Today evening, suddenly the Internet browsing became really slow and that's when I checked the box. It was running under full load and there was nothing that I could  do apart from powercycling it.

    After it came up, I was surprised to see the following RRD graphs:

    How is it possible when neither of the WAN links are more than 4Mbps?

  • Your rate limiting doesn't happen at the firewall (unless you're using traffic shaping), it happens upstream. Your firewall can push wire speed through, doesn't mean it's going to get passed. Generally that doesn't happen because most traffic is TCP and it will throttle itself to your Internet connection's speed, but there are other scenarios where that won't matter. DDoS bot on your network is the first that comes to mind and the only I can recall seeing on anyone's network offhand. If they're of the bandwidth exhaustion type, they commonly use UDP (to avoid TCP rate limiting itself) and send huge floods of large UDP packets.

  • Thanks Chris for the explanation.

    I have already created limiters on the LAN side with 5Mbps up and 5Mbps down limits for all the hosts in the LAN. And have made it a point to create limiters on all the installations just to safeguard the box.

Log in to reply