Extremely slow inter-vlan routing
-
Hello all,
I have a fairly simple setup, with evidently a not so simple problem.Pfsense box has 1 x 10G NIC (rj45).
It connects to a Dell Powerconnect switch via a trunk port with 2 vlans (wan=10, lan=20).
All IPs are public. For the purpose of testing, filtering is disabled (routing only).
Servers on vlan 20 are connected to the Dell also via 1G NIC.
Traffic passes, and latency is great, but throughput is extremely slow (20 k/s and gets slower). Bypassing pfsense gives expected speeds.
Speeds TO pfsense are normal, but speeds THROUGH pfsense not so much.
Oh, there is no traffic shaping or any other services enabled.Anyone have any pointers? My next step is to try 2 separate 1G NIC's instead of 2 vlans on the same NIC.
Thanks!
-
What is your Dell? What is the NIC? Which switch is it?
-
Traffic passes, and latency is great, but throughput is extremely slow (20 k/s and gets slower).
What sort of traffic? How are you measuring latency? 20 k/s is k what (bits? bytes? packets? disk blocks? …)
-
Did you ever find a solution for this problem? I'm having the exact same issue. 10G intel card attached to a Dell PowerConnect Switch (M8024) via a trunk. Traffic to the 10G interface on the PFSense is very fast but traffic traversing the PFSense to any other interface is very slow, 20-25k. If I switch from a trunk to access vlan, it works fine.
-
I can verify that I also get this. I am using an HP switch with HP DA cables. I have a dual Intel 10G DA NIC (ix0 & ix1). If I use tagged vlans it becomes basically unusable.
-
Judging by this (I have no 10G equipment at all), the Intel 10G driver in FreeBSD 8.1 must be somehow broken with VLANs. I would try 8.3-based 2.1 from snapshots.pfsense.org.
-
@cmb:
Judging by this (I have no 10G equipment at all), the Intel 10G driver in FreeBSD 8.1 must be somehow broken with VLANs. I would try 8.3-based 2.1 from snapshots.pfsense.org.
I had severe problems with VLAN with Intel 1 Gb (Intel Pro 1000 network, em0 & em1) NIC's also. Upgrading to FreeBSD snapshot solved the issue.
BR, Tommi