Help with low bandwidth through pfSense router
-
I am volunteer tech support for our community wireless broadband network. We have about 16 users, connected via a separate wireless network to the LAN port of an HP Server with 8 GB of memory running psSense 2.0.2-RELEASE (amd64), which is connected to 3 ADSL lines via Netgear DG834 routers. All the lines show a connect speed of 3.5-4Mb/s.
When I first installed pfSense (a couple of weeks ago), everything functioned well. Users could get a speed test download speed of around 2Mb/s (provided they didn't all try at once, of course!).
Lately their speed test results have dropped to around 0.5Mb/s.
I have it set up to balance most traffic between the 3 WAN ports, with the following exceptions:
SMTP is balanced between through WAN2 & 3 (WAN1 uses a different IP, and I wanted to make sure all the users could use the same SMTP gateway at the ISP, if they wanted to).
HTTPS is fixed - about 1/3 of the users each use 1 of the gateways (with fallback to the other 2) - this is because I understand that some web sites do not take kindly to transactions in the same session coming from different IP addresses.
Before it all went wrong, I did experiment with using the bandwidth limiter to limit download speed to 2Mb/s, and upload to 500kb/s, but I have since removed all that, in case that was the cause of the problem.
I have rebooted the pfSense box a number of times, and that does not seem to help.
I have had a look at the firewall logs, and traffic patterns, and I cannot see a huge amount of virus activity (this was a problem a few weeks ago, and led me to replace the old EdiMax router with the pfSense, to make it easier to monitor).
If I look at the traffic graphs (which I have installed in the dashboard), the WAN traffic never goes above about 1Mb/s, even during a speed test.
I tried following the multi-WAN/single LAN traffic limiting wizard, and that seemed to roughly half the result of a speed test!
I also tried installing the bandwidthd package, in the hope it might reveal a bandwidth hog, but I never managed to get it to work, and a cursory web search implied it was no good with my version of pfSense. And, anyway, I would expect a bandwidth hog to show at least one of the WAN ports as saturated.
Can anyone suggest a cause, a means of diagnosing the problem, or a solution?
[Later] The situation has suddenly improved, even though I have changed nothing since the last time I tested. This is even more frustrating, as it is bound to go wrong again tomorrow!
-
It happened again this morning.
It looks like the problem was one of our lines - despite the modem saying it was connected at 3700 kb/s, throughput to the ISP's speed tester was more like 500kb/s. The ISP has done something, and it is better.
The situation is complicated by the fact that my access to the system is through a wireless network to where the router is, a mile or two away, and the router load balancing means the problem comes and goes, depending on which line a given connection gets.
However, to help diagnose, I put a temporary firewall rule to direct all traffic from my IP through a particular modem, and, by editing the rule, was able to pin down which modem it was. I have kept the rule (disabled) for future use if it happens again.
I am still mystified as to what I might be doing wrong with the traffic limiting wizard, that it would halve the bandwidth, so any suggestions gratefully received.