Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFSense with Squid Proxy = Slow speedtest.net Download on Comcast Only

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      Spiffster
      last edited by

      We have four offices that each have a pfsense firewall setup (version 2.1.3 amd64) .
      Two offices have Comcast for internet connectivity, the other two have Windstream and CenturyLink DSL.
      What is strange is that I have every office setup with identical configurations for the basic (stable release) squid package. Using speedtest.net at the offices with Comcast, when bypassing the proxy I can get about 18Mb down and 2.5Mb up (full speed), using the Squid proxy I only get 2.8Mb down and 2.5Mb up.
      Now, at the sites using non-Comcast connections, there is only a small hit to upload speed when using the squid proxy.

      For squid, we are using default configurations, the only alteration I have made was from this guide:

      https://doc.pfsense.org/index.php/Squid_Package_Tuning

      'Change kern.ipc.nmbclusters="0" to kern.ipc.nmbclusters="32768"'

      Thats it. I did try with the default setting 'kern.ipc.nmbclusters="0"' and can see no difference.

      I/O errors are 0/0

      Perhaps something needs to be tweaked for Comcast? If so I have no idea what would need to change, and thats why I am here.

      Every office is running pfSense in a VM on ESXi 5.1. Hardware is same across the board too: Dell 2950 w/3.0ghz, 32GB Ram, 6 x 146GB 15k in RAID 10.

      Any help would be much appreciated. Thanks!

      1 Reply Last reply Reply Quote 0
      • S
        Spiffster
        last edited by

        OK, well now im getting speed tests that are 90%  of the time capped at 3Mb then sometimes jump to 18Mb or so. Same thing at both locations. Cant make any sense of it all. Only happening on Comcast internet connections.

        1 Reply Last reply Reply Quote 0
        • R
          rds_correia
          last edited by

          Hello.
          I wonder if both our issues could be somehow connected…
          https://forum.pfsense.org/index.php?topic=76564.0
          We're not on the same ISP, though.
          Do you feel slowlyness on vLAN to vLAN too?
          Cheers

          pfSense 2.2.4 running on a HP DL385 G5
          WAN bce(4) + LAN em(4) + OPTn em(4) with 10 VLANs + Snort + PPTP VPN soon to be trashed by OVPN

          1 Reply Last reply Reply Quote 0
          • S
            Spiffster
            last edited by

            Possibly. There seems to be a hard cap at 3Mb and about 2-2.5 on upload. I dont have vLans setup though, but I too cannot find anything in the logs that would give a clue as to where the restriction is. Its very odd… I am not running the proxy in transparent mode as I have a .pac file that points systems to the proxy. I have tried running in transparent mode by manually setting a client PC to pfsense as the gateway, and the problem goes away. Since I will eventually replace my original firewalls with the pfsense ones, this will be a non-issue soon.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.