Connection speed %50 of normal



  • I'm running pfSense for some time now and never have big issues anymore.

    Today I noticed that the speedtest.net results are %50 of what it should be.
    I did a test by connection my mac directly to the modem and than it's normal.
    After that I did test it again after disabling "Transparent HTTP proxy" and than is it normal to.
    When I enable "Transparent HTTP proxy" again it's at %50.

    I already edited "/boot/loader.conf" and looks like this.

    
    autoboot_delay="1"
    vm.kmem_size="435544320"
    vm.kmem_size_max="535544320"
    #kern.ipc.nmbclusters="0"
    kern.hz=100
    #for squid
    kern.ipc.nmbclusters="32768"
    kern.maxfiles="65536"
    kern.maxfilesperproc="32768"
    net.inet.ip.portrange.last="65535"
    hw.usb.no_pf="1"
    
    

    Anyone have a idea what the problem can be?

    I'm running
    2.1-BETA1 (i386) - built on Thu Mar 14 23:00:40 EDT 2013
    with squid3 - 3.1.20 pkg 2.0.6



  • let check proxy config



  • Builds get compiled every day, this post was from march 15th.
    I suggest installing/updating to a more current build first.



  • Config should be good, never had problems and blocked domains are indeed blocked.
    Only the speed is different.

    I'm updated to the newest version and it's still the same.

    Any tips are still welcome!



  • Would be nice to know a bit more about your setup.



  • The systeem is running on a P4 1.7GHz

    With Wan, Lan and OPT1 with captive portal.
    And a transparent proxy to block a view domains.

    Everything is running fine and fast, except the internet speed…

    Do you need to know more?





  • I already have some that trips running.
    Worked fine before.

    I'm now considering removing the proxy, I only use it to block two domains.
    Does anyone have tips on how to easily block domains without a proxy on both LAN and OPT1?

    Regards, R



  • @rcktboy:

    Does anyone have tips on how to easily block domains without a proxy on both LAN and OPT1?

    Well, the two easiest ways that come to mind would be to

    1. use the DNS forwarder to point those two domains to 127.0.0.1 or
    2. block their IP ranges (using aliases makes it easier)

    If you want to be thorough, you can use both ways.


Locked