Lan network very slow

arnoldg

Hello,

i have a problem but i can't find the problem.
i have the following setup

wan
|
pfsense
|
switch
-  wifi ap 1
Switch

• wifi ap 2
• wifi bridge

-wifi bridge
switch

• wifi ap 3
• wifi ap 4

i have tested the netword by connecting a laptop to the wan side i get aproximatly 4 Mbit per second
after that i connect the laptop to the lan side i get 0,98 Mbit per second.

why is there suche a large differents in there ?

I uninstalled all the packages.
Disabled most of the firewall rules that had to do somthing with speed limiting several users.

i also use captive portal.

some information from the server

2.1.3-RELEASE (amd64)
built on Thu May 01 15:52:13 EDT 2014
FreeBSD 8.3-RELEASE-p16

please need some help on this.

arnoldg

a small update, after disabeling captive portal i get 1.8 Mbit/sec, still the half of the wan speed.
but a bit faster, why is this.

I think i had this speed issu after upgrade to the latest firmware.

stephenw10

Check that you don't have the 'enable bandwidth per IP' (or something like that!) setting enabled in captive portal.
Check the Status: Interfaces: page for errors or collisions.

Steve

arnoldg

no strange readings on this page.
Also no limitation on the per user settings.

I also have some problems with the speed even that me mac adres is in the passthrough tab.

below the info from the interface tab
LAN interface (stge0)
Status                 up
MAC address         00:22:15:xx:xx:xx
IPv4 address         10.0.0.1 
Subnet mask IPv4 255.255.255.0
IPv6 Link Local         fe80::222:15ff:fe10:e6d0%stge0 
Media                 100baseTX <full-duplex,flowcontrol,rxpause,txpause>In/out packets         1230805/1293650 (174.37 MB/1.15 GB)
In/out packets (pass) 1230805/1293650 (174.37 MB/1.15 GB)
In/out packets (block) 3091/26 (620 KB/1 KB)
In/out errors         0/0
Collisions                 0

do you have more things i could look to.</full-duplex,flowcontrol,rxpause,txpause>

stephenw10

Try downloading some data to the box directly from the command line:

[2.1.3-RELEASE][root@pfsense.fire.box]/root(1):  fetch -o /dev/null http://download.thinkbroadband.com/10MB.zip
/dev/null                                     100% of   10 MB 2067 kBps

Thinkbroadband is a good site for me but you might want to use something more local to you.

Doing that will determine if the restriction is at the WAN or LAN interface.

Steve

arnoldg

I tryed it, with your file and a file hosted in the netherlands.

so it seems that it is on the wan side, but when i disconnect the cable on the wan side and hooked it up on my laptop the speed is about 4 á 6 times faster.

so what will be the next step.

[2.1.3-RELEASE][admin@moraine.camping]/root(1):  fetch -o /dev/null http://download.thinkbroadband.com/10MB.zip
/dev/null                                    100% of  10 MB  456 kBps 00m00s

[2.1.3-RELEASE][admin@moraine.camping]/root(2): fetch -o /dev/null http://www.speedtest2.nl/download/10mb.bin.zip
/dev/null                                    100% of  10 MB  439 kBps 00m00s

stephenw10

Hmm, well you are seeing 456kBps which is 3.6Mbps at the pfSense box. Seems like that's quite close to your 4Mbps line speed, no?
It's much faster than 0.98Mbps.

I suspect this is almost certainly an issue with the captive portal setup throttling the bandwidth somehow.
What hardware are you running this on?

Steve

arnoldg

I'm running an 
AMD Athlon 64 X2 Dual Core Processor 4200+ (2204.61-MHz K8-class CPU)
with
real memory  = 1073741824 (1024 MB)
avail memory = 943992832 (900 MB)

on my dashboard the load of the machine is not above 10 to 20%

stephenw10

You agree then that the WAN download speed is close to what you expect?
What is your WAN bandwidth supposed to be, what's it rated at by the ISP?

Steve

arnoldg

yes the wan speed is close to that the ISP give. they say about 4Mbit is the line speed.

so that looks fine. next step is to find out why captive portal is slowing things down.

stephenw10

Clearly it's not a hardware limitation that machine should be easily capable of 100X that speed.

So is this a fresh install that has always exhibited this problem or did you upgrade from a previously working version?

Clearly there is something amiss here. When you disabled captive portal how did you do it? Are/were you running any other traffic shaping?

Steve

arnoldg

it is on a running server, which started 1,5 year ago. until about 3 weeks ago this problem started.

it could be after updating the server from a previous software version.
But that i can't recall, i have setup the system to install updates automatic

as far as i can tell, there is no speed limit setuped in captive portal.

stephenw10

It cannot update without some manual interaction. 2.1.3 was released at the beginning of May so that seems likely. Some other users have possibly had issues with old traffic shaping rules. You have never used traffic shaping on this box?

Steve

arnoldg

Yes,

I had a bandwidth limitation for one user (ip aders) in the firewall rules.
That was a traffic shaping rule.

I already deleted these rules with no luck.

arnoldg

is there some tool to send you all the settings, so you could verify the settings.

stephenw10

You could probably pm me the config.xml file or just attach it here, after you've removed all the passwords, private addresses etc.
I can't promise anything though.  ;)

Steve

arnoldg

send you a pm, because i don't know how to remove privacy information like passwords and ssh information.

stephenw10

Ok, so looking thorough your config file my best guess here is that the limit you are hitting is caused by the ezshaper section at the bottom. You have the total upload and download set to 8Mb and 4Mb but since that's from the point of view of the LAN intreface that would be an 8Mbps download speed for clients. Then you have the bandwidth limiter set to 15% which would be 1.2Mbps, close to what you're seeing. For some reason your traffic is being caught by this. I'm not sufficently familiar with the traffic shaper to say quite what has happened here.
A simple test would be to change the 15% to, say, 30% and see if you see double the throughput. I'm not sure where that fingure would be stored though, you'll have to hunt around for it.  ;)

Steve

arnoldg

and where can i find the settings vor ezshaper.

I searched the config file and changed the up and download speed, even alterd the % now going to try if this give us a performance boost.

arnoldg

This is what i made off it.

for a while it looks good, but i'm trying to monitor it through the day

	 <step5><enable>on</enable>
			<bandwidth>80</bandwidth>
			<bandwidthunit>%</bandwidthunit>
			<aimster>on</aimster>
			<bittorrent>on</bittorrent>
			<buddyshare>on</buddyshare>
			<cutemx>on</cutemx>
			<dcplusplus>on</dcplusplus>
			<dcc>on</dcc>
			<directconnect>on</directconnect>
			<directfileexpress>on</directfileexpress>
			<edonkey2000>on</edonkey2000>
			<fasttrack>on</fasttrack>
			<gnutella>on</gnutella>
			<grouper>on</grouper>
			<hotcomm>on</hotcomm>
			<hotlineconnect>on</hotlineconnect>
			<imesh>on</imesh>
			<napster>on</napster>
			<opennap>on</opennap>
			<scour>on</scour>
			<shareaza>on</shareaza>
			<songspy>on</songspy>
			<winmx>on</winmx></step5> 
		 <step2><uploadscheduler>PRIQ</uploadscheduler>
			<connupload>100000</connupload>
			<connuploadspeed>Kb</connuploadspeed>
			<conndownload>100000</conndownload>
			<conndownloadspeed>Kb</conndownloadspeed>
			<conn0downloadscheduler>PRIQ</conn0downloadscheduler>
			<conn0interface>lan</conn0interface></step2>