Improving internal network speed



  • I'm using pfsense 2 rc3 on a pentium 4 2.6GHz. Off the top of my head I think its only carrying 1GB on RAM. Basically an old machine that someone threw out as Windows wouldnt work on it any more. Utter overkill but there you have it. At the moment it has a separate ADSL modem and then feeds out to my wireless access point as well (TP Link 3 antenna'd number).

    Despite the house not being big the wireless cards in my "PC room" get about a 50-60% signal. So I've decided to wire the house instead as part of a bit of some general decorating work thats going on at the moment.

    My net connection is a staggering (?!?!?!) 6 Mbps so my WAN speed is fairly much stuck by that. But I do have a lot of internal traffic going on (file back ups, streaming, server handling of files). I've managed to pick up a couple of Gigabit NICs and am waiting for a Gigabit switch to arrive  any day now. The question is really this - I know there's clearly no point upgrading the WAN side card in the pfsense box to GB (it has 100Mbps just now) but is there any point upgrading the LAN side one that will now plug to the switch ie does internal traffic get redirected at the switch or does it go PC requesting info -> switch ->pfsense box->switch-> PC with info and back again? I think I know the answer but just want to check with those who know more about these things than me.

    Many thanks in advance.


  • Rebel Alliance

    If you only Have 2 interfaces ( WAN -LAN ) and put a Switch in LAN, ALL Traffic between the PCs (on LAN subnet) will pass ONLY trough the Switch,  The ONLY Traffic that pass trough LAN Card is the Internet Traffic.



  • @ptt:

    If you only Have 2 interfaces ( WAN -LAN ) and put a Switch in LAN, ALL Traffic between the PCs (on LAN subnet) will pass ONLY trough the Switch,  The ONLY Traffic that pass trough LAN Card is the Internet Traffic.

    This is true unless you are going to have multiple LAN connections via VLAN or if you are going to have something like a LAB network for with the main firewall will route back to another gateway inside your LAN. If that is not the case, I would just leave it until you have a blistering 100Mbit or more connection to the internet.



  • @ptt:

    If you only Have 2 interfaces ( WAN -LAN ) and put a Switch in LAN, ALL Traffic between the PCs (on LAN subnet) will pass ONLY trough the Switch,  The ONLY Traffic that pass trough LAN Card is the Internet Traffic.

    This is NOT the answer I was expecting. It is a simple WAN-LAN so just the one subnet which will run from the switch. So the traffic then routes via the switch to find its eventual destination? It doesn't go to the router to be told where to find its destination? (Oh yes, I am indeed that thick when it comes to networking!!)



  • @malcmail:

    This is NOT the answer I was expecting. It is a simple WAN-LAN so just the one subnet which will run from the switch. So the traffic then routes via the switch to find its eventual destination? It doesn't go to the router to be told where to find its destination? (Oh yes, I am indeed that thick when it comes to networking!!)

    If you have network like 192.168.1.0 / 24 and it resides on lan side of pfsense(switch between pfsense and lan computers). and you have also another lan network like 192.168.2.0 / 24 and that is connected to same switch. Correct assumption?

    if you try to connect from .1 network to .2 network (or vice versa), then trafic is sent to default gateway, because it leaves the network and tries to connect to another network.

    But, if pfsense(or any other router) has told only one network in lanside (ex. 192.168.1.0 / 24), then it tries to send that trafic to internet/next hop router/to it's own gateway. and thusfore it never get's to another network.



  • @Metu69salemi:

    @malcmail:

    This is NOT the answer I was expecting. It is a simple WAN-LAN so just the one subnet which will run from the switch. So the traffic then routes via the switch to find its eventual destination? It doesn't go to the router to be told where to find its destination? (Oh yes, I am indeed that thick when it comes to networking!!)

    If you have network like 192.168.1.0 / 24 and it resides on lan side of pfsense(switch between pfsense and lan computers). and you have also another lan network like 192.168.2.0 / 24 and that is connected to same switch. Correct assumption?

    if you try to connect from .1 network to .2 network (or vice versa), then trafic is sent to default gateway, because it leaves the network and tries to connect to another network.

    But, if pfsense(or any other router) has told only one network in lanside (ex. 192.168.1.0 / 24), then it tries to send that trafic to internet/next hop router/to it's own gateway. and thusfore it never get's to another network.

    Think I'm with you. The intention is the LAN side will be connected directly to an unmanaged 16 port swicth. That will then be linked to the PCs in the house. Probably a wireless access point as well. But all on 192.168.1.0. So if I've got you right the switch will handle the internal traffic and unless the request is to an external server ie the net as a whole, it won't touch the LAN card? Is that right?



  • Yes that is right.



  • @Metu69salemi:

    Yes that is right.

    Not at all what I expected. Thanks a tonne for your help my friend. Just saved me some cash too :)


Log in to reply