LACP Not work
-
I have a pfSense 2.0.1 x64 installed on a server with 9 1Gbps network ports each, 1 of them integrated and the other 8 into 2 PCI-X cards with 4 ports each have two interfaces configured LAGG each with 4 ports and the "PROTO" in "LACP"
LAGG-LAN (em0, em1, em2, em3)
LAGG-DMZ (em4, em5, em6, em7)The first LAGG-LAN is connected to a 3Com 4500G switch set to "Link Aggregation" static from port 1 to 4
The second LAGG-DMZ is connected to a 3Com 4500G switch set to "Link Aggregation" static from port 1 to 4when running tests with Iperf not increase the bandwidth, I have tried from different computers and different vlan but does not exceed the bandwidth provided by a single port. The next exit was executed from a computer and is reaching the maximum, when run from several teams this starts a decrease depending on the equipment used by others.
Client connecting to 192.168.210.21, TCP port 5001
TCP window size: 0.13 MByte (default)
–----------------------------------------------------------
[ 4] local 192.168.1.133 port 55251 connected with 192.168.210.21 port 5001
[ ID] Interval Transfer Bandwidth
[ 4] 0.0- 1.0 sec 63.1 MBytes 530 Mbits/sec
[ 4] 1.0- 2.0 sec 60.5 MBytes 508 Mbits/sec
[ 4] 2.0- 3.0 sec 61.9 MBytes 519 Mbits/sec
[ 4] 3.0- 4.0 sec 64.4 MBytes 540 Mbits/sec
[ 4] 4.0- 5.0 sec 61.6 MBytes 517 Mbits/sec
[ 4] 5.0- 6.0 sec 63.2 MBytes 531 Mbits/sec
[ 4] 6.0- 7.0 sec 63.0 MBytes 528 Mbits/sec
[ 4] 7.0- 8.0 sec 62.2 MBytes 522 Mbits/sec
[ 4] 8.0- 9.0 sec 63.2 MBytes 531 Mbits/sec
[ 4] 9.0-10.0 sec 56.8 MBytes 476 Mbits/sec
[ 4] 0.0-10.0 sec 620 MBytes 520 Mbits/secLAGG - LACP (4 NIC 1 NIC
pc1 –------ ------- srv1 pc1 srv1
pfSense equal to ------- pfSense -------
pc2 -------- ------- srv2 pc2 srv2Thanks beforehand for any contribution.
-
From a single source to a single destination with LACP you'll never get more than the speed of one of the ports, as the balancing is done by MAC addresses, just the nature of how LACP works. The fact you can't get 1 Gbps wire speed is another matter, what kind of CPU is in that system, and is it at 100% when you're pushing 500 Mbps?
-
I am using the dmz side 1 xeon server with two ports and two vm esxi only do the work of iperf in server mode.
in the lan I have two computers which make iperf clients pointing to each of the servers.Clients. Servers
192.168.1.131 => 192.168.210.21
192.168.1.132 => 192.168.210.254 -
the firewall is running on bare metal, just the iperf client and server in ESX? I'd run all of it on bare metal to eliminate any hypervisor-induced limits on throughput.
What speed Xeon? A "Xeon" could be anything from a Pentium II to the latest and greatest new procs.
-
pfSense server has a Xeon 2 processor 3.2 GHz 1 MB cache and memory 8GB 350ml hp g4, the server in the DMZ is a ml380 g4 processor 3.6GHz with 2MB and two network ports there is the esxi with two virtual machines.
In the area of the LAN I have two computers a macbook pro and a vostro 400 intel processors both with each having a port 1Gbs
-
That's plenty to push a gigabit.
-
What would be the recommended hardware for an infrastructure where the DMZ has 7 servers each with a gigabit port, the LAN has 200 computers.
-
What you have is more than adequate for most networks like you describe. That of course depends, if you need to route 7 Gbps between those servers and your LAN, you don't want a firewall at all, you need a very fast router.