Slow traffic when gateway rule is configured.
I have the latest pfSense installed with two Internet connections (T1 & Cable). Because our cable is unreliable, our default route is our T1. To get better speed, I set up a Gateway Group named "Load_Balanced" that prefers the Cable gateway and includes the T1 gateway. I added a Rule so that traffic destined to the Internet via ports 80 or 443 are routed through the Load_Balanced gateway.
This has worked well since January. Recently (I can't tell when), the Internet connection slowed to a crawl, so I did some testing. Here's what I found:
I'm testing network speed using a web browser and a utility from www.speedtest.net. I have the web server connected to a network switch on our Cable WAN network (along with our cable modem). With no specific rules, I can connect to this server and get 80-90 Mbps download speed. BUT when I add a rule that tells my traffic (by specific port destination or by source IP address) to use that network (by setting a gateway for that rule), my download speed drops to about 10 Mbps.
I'm looking for ideas on how to further troubleshoot this problem, and I'm looking for anyone else who's experienced significant slowdown of Internet speed after updating pfSense so we can compare configurations.
I have the same problem. Gateway group routing is delaying TCP connections.
I have done some tcpdumps and it's clear that there's a 3 seconds delay (aprox) sending the first syn packet. Once connection is established the traffic flows as usual but this initial delay is a big problem.
When i disable the gateway rule the delay disappears.
I would like some advice on how to troubleshoot this problem further.
Currently, I'm setting up a test firewall in an attempt to duplicate the symptoms. If I can do that, I might revert to an older pfSense to see if my theory that an upgrade introduced this.
This problem appears to be solved on 2.1.4 , i have just upgraded from 2.1 and there's no delay anymore. Which version are you using?
I'm running 2.1.4. I think this problem started for me when I upgraded to 2.1.3 (but I can't verify that).
This is the same for me. I'm running 2.1.3 also.
The problem happens regardless of whether or not the second gateway device is connected or not. It also doesn't matter if the gateways are in a gateway group or not.
UPDATE: For my situation, in our live environment I found a rule that was causing our traffic to go over a slower link. Once I fixed that, I was less interested in why I had this problem in the test environment and quit researching.