Help me determine why shows MUCH lower than what Im paying for

  • So I am paying for 30mb from Charter.. according to the three TSR's I've spoken with since yesterday they all say my signals are outstanding.  One guy even went so far as to tell me that they were testing in my area and that I should be able to hit 35+.

    So a little bit ago I finally got my pfsense box back up and running, Ive done three speedtests since then to three different targets, all within the state, and none have surpassed 8mbps.

    How can I determine if it's a pf setting that I mis-used or what?  I am not traffic shaping (because I dont fully understand how to yet).  My hardware is an Optiplex 320:

    Genuine Intel(R) CPU 2140 @ 1.60GHz
    2 CPUs: 1 package(s) x 2 core(s)

    State table size
    0% (110/199000)
    Show states
    MBUF Usage
    4% (922/25600)
    Temperature   10.0°C
    Load average
    0.00, 0.09, 0.15
    CPU usage  
    Memory usage  
    13% of 1992 MB
    SWAP usage  
    0% of 4096 MB
    Disk usage
    10% of 68G

    RTT Loss Status
    7.6ms 0%
    0.1ms 0%

  • running a fetch -o /dev/null ran at a max of 1750kBps

    So I obviously have something going on.

  • Well, first I'd connect a PC/Laptop directly into the ISP's modem to see if anything changes. If yes, then you have an issue with with PFSense settings, otherwise, you should start looking at issues upstream from your PFSense box (modem, ect).

  • Netgate Administrator

    Since you are seeing some connectivity this probably isn't the cause but you shouldn't have a gateway on the LAN interface. You should remove it.


  • Good call.. I did that.  Directly connected an Ubuntu host, speedtest from the same three destinations resulted in a net of 35.06MB DL.  So it's definitely pfsense that's got the issue…

    Any likely places to look?  Like I said the box now has 100mb nics on WAN and LAN, both are hard set to 100mb Full.  my windows 8.1 box here is on wifi @ 120mb on average.  (My antenna are less than 3ft from the AP) 802.11n

  • Netgate Administrator

    Do not hard set the connection speed unless you've done so at both ends. Always use auto with soho level equipment unless you have good reason to do otherwise.


  • Ok I did remove the GW on the LAN side, it's now set to NONE.  I changed the LAn side to autonegotiate.. but per my first post two days ago if I don;t force the WAN nic it will flop.  Initially I had thought that was an issue with the Broadcom nic I was using.. after trying to Auto the WAN nic last night I found out that either nic set to auto on the WAN side starts flopping.

  • Also just to be sure here, I have no limiters, no shaping.. nothing that in my eyes would obviously affect traffic enabled.

    Also because I don't think I mentioned this anywhere.. my original nic was a dual headed broadcom nic, pci-e.  I replaced it with a 3com 3c905b and an Intel pro/100 server nic.  The Intel is the LAN side.  Since my original problem of the port flapping is not because of the nics I am planning on going back to the broadcom tonight.

  • Netgate Administrator

    Ah Ok, I thought you had solved the flapping by swapping out the NIC.
    Are you able to force the modem ethernet interface to 100Mb FD also?

    Check the Status: Interfaces: page. Do you see any errors on  any interface? When you manually force one end of a connection the other end, which is trying to auto-negotiate, usually defaults back to 10Mbps HD which results in a load of errors. In your case you're seeing >10Mbps sop perhaps it has fallen back to 100Mbps HD.


  • I did too steve.. until the messing around last night.  The pf gui shows 100mb/full, I trust it but no there is no way to set anything on the Cisco dpc3208.  I also don't recall any int errors but I will check at lunch.

  • Netgate Administrator

    The fact that it was flapping suggests that both ends were set to auto-negotiate and failing. (trying to negotiate a 1000Mbps connection over a bad cable?) Setting one end only to fixed is usually bad as I said.
    Perhaps try the Arris modem again.


  • Two different cables resulted in the same thing.. and this setup is in the basement, rarely gets touched unless I'm working on it like I have been.  I've seen cables go bad, usually in high movement areas though.

    Anyway no the Arris has been swapped so Charter has it now.  Not that I think LED's are always telling the truth.. but hard setting the pf wan nic did result in the ciscos lan nic being amber.. which is supposed to indicate 100mb.

    If I cannot get anywhere with PF-side tweaks or changes I'll call them back, since their techs can get into the modem maybe they can hard set it from their end.

  • One question.. if using the same cables between the ubuntu host and modem as the pf box and the modem should verify the cable is fine.  It also proves the auto-negotiate on the modem side works because I do not hard-set the ubuntu nic.  So, either I have a nic issue (with three different nics now) or a software issue either in the pf or bsd level.

  • Netgate Administrator

    Yes, I would think that proves the cable as long as both are using 100Mbps. Negotiating 1000Mbps introduces a further complication because it requires all 8 conductors in the cable but only needs 4 to do the negotiation which can result in flapping.
    Clearly the Cisco modem is set to auto-negotiate the line speed/duplex as it's doing that with Ubuntu. With just the pfSense end hard set to 100FD I would expect problems but the Cisco device could be clever enough to deal with that scenario. You'll be able to see immediately from the error count on WAN.
    Occasionally you run into NICs that just don't play nicely for whatever reason. I have a laptopn here, Realtek NIC, that won't negotiate a connection with my switch no matter what OS is running. If I put a additional (different) switch in between it works fine. You could try putting a switch in between if you have one to hand.


  • Actually the Ubuntu host connects at 1gb.. so the cable is def good.  I have tried, so far, a BCM5709, a 3com 3c905b-tx.  I just found an Intel Pro/1000GT card that I will try later.  If nothing else works then I can borrow a small switch to try.

    Dumb question but would it be possible that for whatever reason it's wanting a crossover?

  • Netgate Administrator

    Not if it's gigabit. All gigabit NICs are auto-MDX as far as I know it's part of the spec. If you did need a cross over cable you'd see no LEDs, nothing.


  • I might have just fixed my issue.  So I pulled both 100mb nics out.. replacing them with teh broacdom dual and an Intel Pro/1000 GT adapter.  Initially the wan nice (1000 GT) still flapped, I hard set it to 1000/full and now all the speed tests I do are upwards of 35mb+

    Wish I understood why but I won;t look a gift horse in the mouth.

  • Netgate Administrator

    No errors then?
    If you have duplex mismatch you may be loosing 80% packets but at 1Gbps that's still >35Mbps.


  • BLAST!  I didnt look for errors.  I will when I get home.

  • Ok teh WAninterface has errors:

    In/out errors 12573/0

    when I got home I pulled the two 100mb nics, replaced them with the Broadcom dual and the Intel Pro 1000 GT.  I did still have to hard set the speed/duplex to 1000/Full.  damn this was still flapping.  But speedtests not show a full 35+MBps so either way I'm happy.

  • Netgate Administrator

    Ah! Well you should have no errors really so keep an eye on that number. Of course given the number of packets passing through the interface I would expect to see a very large number there if you're moving significant traffic and the interface has been up for a while. Millions of errors would be reasonable if you have a duplex mismatch.


  • Makes sense.. checking this morning the number of errors on WAN has not changed at all.  So fingers are still crossed.
    thanks for sticking with me on this weird issue.

Log in to reply