PFsense gives slower download/upload when under VM

  • I cannot, for the life of me find what's wrong with PFSense.

    I tried version 2.1 386 and x64, both finals but the problem persisted on the RCs.

    When I connect my ptp link directly to my server with dhcp,  I get about 8mbits down and 6mbits up, my current limits in the night.

    When I connect the same device through VMWare Workstation, VM Ware Player and Hyper-V through PFSense (on the same box)  I get 5mbits down and 1.4mbytes up.

    I tried almost any conceivable combination, disabling protocols, QOS, microsoft networks, changing variables on PFSense, trying the beta versions…

    It is always the same.

    I have 3 realtek gigabit networks on a Xeon Server (yes I know, I can't find any Intel adapters around here) but the same adapters gives perfect performance when the link is use directly, as soon as I do bridging, I lost all this performance.

    I am currently running this server on a Windows 8 Box with 12Gb or RAM so, I am sure the server is not maxing out.

    ANy ideas?

  • Banned

    Network interface mismatch??

  • I've been running virtualized pfSense VMs for a few years (since 1.2.3, or maybe even earlier). I always get full speed with a virtualized pfSense (under VMWare and under Hyper-V), usually testing against (and observing normal traffic that maxes out the connection).

    Have you tried using the synthetic Hyper-V drivers using the custom build I made available from,56565.msg364122.html#msg364122?

    What do you mean about "bridging"? Bridging can mean different things in different contexts and different hypervisors, so I just wanted to point it out. Are you connecting the pfSense VM to a hypervisor "bridge" network (ie, sharing the hosts external IP)? Or are you placing the pfSense VM directly outside (ie, having pfSense route/firewall traffic, taking the place of the host on the external network)?

    The NAT bridged network would be vmnet8 (NAT) under VMWare (by default) and I believe the Internal Hyper-V network  (never had much use for this type fo connection, usually prefer to connect Hyper-V directly to the network).

    pfSense should be taking the place of the host on the external network (the host shouldn't be bound to TCP/IP, it shouldn't have an external IP). And you should make sure you're not creating an IP conflict in your internal network (ie, that you're not testing pfSense while you have another router on the same internal IP). This is a bit obvious, just making sure of the basics (both duplicate IPs and double NAT can cause the type of performance drop you're experiencing, among many others).

    Also, if under VMWare,  you should install the VM Tools package.

    [edit to mention the VM Tools Package]

  • LAYER 8 Global Moderator

    I run my pfsense on vm on a esxi box with not a lot of power hp n40l with giving the vm only 512mb - and max out my 25 and 5 connection.  I get normally get 27 or so down and 5.x up…

    thing just screams..  And my n40l box AMD Turion II Neo 1.5ghz is not a screamer for sure and can easy handle my bandwidth with multiple other vms running as well.

    so yeah you got something not right for sure if your not even doing 8mbps..  So more details of your hardware and actual configuration vs just mentioning vmware player, workstation or hyper-v might be helpful in finding out where your issue is.  Can you not just install esxi on the xeon server you mention and work from there?  Are you wanting to use the box your running your vms on as a workstation as well as you vm host?  Or can you dedicate this hardware to just running vms

  • @Supermule:

    Network interface mismatch??

    I have the same scenation and I changed my NIC to DLINK and I got the speed I am expecting. I don't know sometimes, hardware just don't much sometimes.

  • hi all, as i found this thread suitable and similar to my problem i will  post my situation here.

    i have a Server 2008r2 standard edition running on a Supermicro motherboard with Q6600 cpu and 8GB of ram. it has 2 intel gigabit ports and an additional card with 2 more gigabit intel ports.

    i am running the windows os as host and have some servers running on it (torrent, wamp, internet cafe accounting, file server)

    also i have pfsense and pbx running on virtualbox.

    my problem started when i upgrade my adsl to vdsl connection.

    i cant max out my vdsl line. i use providers modem (speedport 724) at bridge mode and pppoe on pfsense.

    the connection is 50/5. when i use the provider as modem-router i can max out at 47/4.7 but when i use the pfsense pppoe i barely reach 20/4.6

    pfsense running on the dual port server intel gigabit pci-x card. nothing else running on those 2 ports. (wan,lan)

    my download speed is less than half. i tried different mtu/mss combinations but cant figure it out.

    cpu on pfsense on pppoe setup reach 40% not more and on host pc under 15%.

    i need to solve it out so any advice is welcome.

    thank you in advance.

  • mariosfx,

    What virtualization technology are you using? I'm guessing Hyper-V since you mention WSrv 2008R2 (but it could be VMWare Workstation). Are you using the Legacy (deX) or Synthetic (hnX) network adapters?

    The speeds you mention almost sound like you're maxing out on a 10 Mbps full duplex connection, either because it is connected to a switch that is slower than the physical NIC (or the switch is negotiating down to 10 Mbps connection), or the drivers being used by the VM think the network card is 10 Mbps (which is in itself irregular, since the Legacy adapter is supposed to be 100 Mbps).

    I posted a much improved new version for the Hyper-V synthetic adapter drivers on Hyper-V ICS 1.0 (w/Synthethic Network Driver) for pfSense 2.1 & 2.1.1. You might want to give this VM a try. I've been running tests, and using my internal LAN (my ISP is nowhere near this fast), I've been able to get 2 Gbe throughput through pfSense (connected WAN and LAN to different internal networks and used sftp to move files around).

Log in to reply