Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PfSense internet browsing speed is not fast enough

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 4 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cpthk
      last edited by

      Hi:

      I used to have pfSense 2.0.1, and I also tried the version 2.1. I was hoping to be faster than my linksys router, but I can't feel any faster than it. I could get pretty high through-put (> 2MB download speed with comcast ISP). But I cannot feel any faster while browsing the internet. Site like microsoft.com, yahoo.com and ea.com takes about 5 seconds for the whole page to load. I was hoping these large sites to be under 2.5 seconds to load. I am able to achieve that in corporate network.

      Is this something to do with my pfsense? or is it my hardware not powerful (but my cpu is always <1%)? or is it just my ISP plan not fast enough?
      Is there any setting I could tweak?

      My hardware and system activities:
      CPU: Intel C2D 2.0 Ghz (<1% used)
      RAM: 1GB (<15% used)
      NIC: Intel 1000/S x2
      100Mbps wired ethernet, cat5e cables

      ISP:
      Comcast 25Mbps

      1 Reply Last reply Reply Quote 0
      • C
        Clear-Pixel
        last edited by

        Who told you it would speed your internet connection up? ….. Tehehe

        The creation of Pfsense was the simple idea that if you have a bigger engine under the hood you can perform more task and apply complex custom filtering rules. If your pfsense firewall is running slower than your off the shelf router, there is obviously something wrong with your software configuration or an odd hardware configuration.

        As for a default install, you should NOT see any difference in browsing speed at all.

        Depending on what packages you run, it may slow web browsing down somewhat ( Snort for example with all rules applied )...... but for the insignificant browsing slow down you have heighten security!

        HP EliteBook 2530p Laptop - Core2 Duo SL9600 @ 2.13Ghz - 4 GB Ram -128GB SSD
        Atheros Mini PCI-E as Access Point (AR5BXB63H/AR5007EG/AR2425)
        Single Ethernet Port - VLAN
        Cisco SG300 10-port Gigabit Managed Switch
        Cisco DPC3008 Cable Modem  30/4 Mbps
        Pfsense 2.1-RELEASE (amd64)
        –------------------------------------------------------------
        Total Network Power Consumption - 29 Watts

        1 Reply Last reply Reply Quote 0
        • stephenw10S
          stephenw10 Netgate Administrator
          last edited by

          Unless your Linksys router was particularly old or underpowered I would not expect any increase in speed. This is especially true of complex websites where often connection speed is not the limiting factor. They are usually served from multiple locations and you are restricted by the latency of these. Comcast will likely be adding latency by doing some filtering/caching.
          How is your pfSense box connected? If you have your modem in bridge mode and pfSense connecting via pppoe you may be able to optimise your connection via mtu etc. I've not needed to do that though.

          Steve

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            @stephenw10:

            Unless your Linksys router was particularly old or underpowered I would not expect any increase in speed.

            This. With the potential exception of an old Linksys and a fast connection, and the definite exception of scenarios where you're opening large numbers of simultaneous connections, like a bittorrent client set to open as much as it possibly can.

            Comcast is cable so should have a 1500 MTU end to end, no need for MSS clamping. That'd most always exhibit itself differently than slow page loads too, more likely to be some pages completely failing to load.

            That box is capable of pushing over 1 Gbps, it's not a question of hardware on the firewall at least. That box is significantly faster than any Linksys, but your Internet connection isn't fast enough that it matters. The latency through that box will be a good deal lower than the Linksys, but we're talking tiny fractions of a ms, not enough of a difference to be perceptible. Hardware or problems at the client are more likely the cause, there's vastly more involved client-side in rendering today's websites than there is for the firewall pushing packets.

            Try to narrow it down with further measurement - different client systems, different web browsers, etc. May just be a fact of life on your Internet connection. Business class connections are generally better quality and better connected, you may not be able to achieve the same level of service on a residential connection. There's a reason business connections cost as much as 5-10+ times as much.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.