Netgate SG-1000 microFirewall

Author Topic: New to PFSense, trying to get gigabit to work  (Read 269 times)

0 Members and 1 Guest are viewing this topic.

Offline johnm304

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
New to PFSense, trying to get gigabit to work
« on: December 17, 2017, 11:22:45 am »
I'm brand new to PFsense and looking for some help.

I am a gigabit FIOS subscriber.  My G1110 is on its last legs and I thought it would educational to setup a pfSense router to replace it.  I had a 5 year old PC laying around that I thought I could use.

Bottom line:  I'm not getting the performance that I was getting when my old G1110 was working well.  I would routinely get 850-900 Mbps up and down with Verizon's router.  Now I seemed to be capped at 350 Mbps in each direction.  The connection has been stable.

I'm trying to make this a fairly simple install for now.  I don't have any packages installed.  No traffic shaping yet.  I used the directions here to setup the WAN interface: https://forum.pfsense.org/index.php?topic=114389.msg716205#msg716205.  I did enable RAM disks for both VAR and TMP.  No reason... just have 12GB of RAM to use.

(BTW, no FIOS STBs in the mix.)

Here's all of the hardware specs that I think might be important.

AMD Phenom(tm) II X4 965 Processor
4 CPUs: 1 package(s) x 4 core(s)
AES-NI CPU Crypto: No
ASUS M4A87TD Motherboard
12 GB RAM
75Mb Intel SATA SSD
Intel PWLA8492MT PRO/1000 MT PCI/PCI-X Dual Port Server Adapter

Are there any tweaks to apply to improve performance?  Anything I should watch in the logs?  Is there an issue with my hardware selection?

Thank you so much for your help and expertise!
John

Offline NollipfSense

  • Jr. Member
  • **
  • Posts: 88
  • Karma: +4/-0
    • View Profile
Re: New to PFSense, trying to get gigabit to work
« Reply #1 on: December 17, 2017, 01:07:53 pm »
There is no issue with your hardware selection as it was free; however, bear in mind it's only good up to V2.5. Welcome to PFSense and I would suggest to get familiar over the month before stressing over speed tweaks. With that much memory, I would start adding packages that you know you'll use...just to get familiar.

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15192
  • Karma: +1414/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: New to PFSense, trying to get gigabit to work
« Reply #2 on: December 17, 2017, 01:22:14 pm »
Don't think he is interested in just tweaking.. Looks like he wants to be able to get the speed he was getting before..

"Now I seemed to be capped at 350 Mbps in each direction. "

If you were only getting 350 from your gig line I don't think you would be interested in using pfsense going forward..  Wish I could help more - but don't know enough about AMD.. But that is bit older than 5 years those came out in mid 2009... So your at 8.5 years.. Maybe it just can not handle it..   Remember cpu years are worse than dog years... That thing should of been put down long time ago ;)
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline Harvy66

  • Hero Member
  • *****
  • Posts: 2324
  • Karma: +213/-12
    • View Profile
Re: New to PFSense, trying to get gigabit to work
« Reply #3 on: December 17, 2017, 01:35:21 pm »
PCI has a max theoretical throughput of 133MiB/s total. Gigabit is 125MiB/s bi-directional for a total of 250MiB/s. The PCI is shared with all other devices on the bus. Even worse is it uses split distribution of time-division.

Now, you're talking about receiving from the LAN interface to the WAN interface. That means you need 125MiB/s to receive, and another 125MiB/s of IO to send, effectively cutting your PCI bandwidth in half. 350Mb/s sounds about right for ANY PCI NIC.

Offline Cybermaze

  • Newbie
  • *
  • Posts: 8
  • Karma: +0/-0
    • View Profile
Re: New to PFSense, trying to get gigabit to work
« Reply #4 on: December 17, 2017, 01:52:35 pm »
Harvy66 has it figured out. The old PCI bus is simply too slow for 1Gbit NICs, especially a dual port one.

Since your motherboard also has PCIe slots, you should consider buying a used dual port NIC for PICe x1, which is fast enough.

Offline gjaltemba

  • Sr. Member
  • ****
  • Posts: 333
  • Karma: +24/-2
    • View Profile
Re: New to PFSense, trying to get gigabit to work
« Reply #5 on: December 17, 2017, 02:04:43 pm »
PCI has a max theoretical throughput of 133MiB/s total.

This is true for PCI 32bit 33 MHz but consumer grade motherboards run at 66 MHz (on Z170 it does). That would make it a theoretical throughput of 266MiB/s total.

Offline NollipfSense

  • Jr. Member
  • **
  • Posts: 88
  • Karma: +4/-0
    • View Profile
Re: New to PFSense, trying to get gigabit to work
« Reply #6 on: December 17, 2017, 04:27:46 pm »
Harvy66 has it figured out. The old PCI bus is simply too slow for 1Gbit NICs, especially a dual port one.

Since your motherboard also has PCIe slots, you should consider buying a used dual port NIC for PICe x1, which is fast enough.

Agree...his best bet would be to use the PCIe...I have similar age hardware and I use the single PCIe✕1 slot.

Offline johnm304

  • Newbie
  • *
  • Posts: 3
  • Karma: +0/-0
    • View Profile
Re: New to PFSense, trying to get gigabit to work
« Reply #7 on: December 17, 2017, 08:16:09 pm »
Thank you folks!  Certainly makes sense... didn't even think about bus limitations when I started the project.

You all rock!

Now I need to figure out if I can free up a PCIe slot... currently populated by a double-wide video card.  No on-board video, so I'll need a to figure out a cheap way around that. Bummer... my free project isn't so free anymore.

I guess I need to sleep on it.

Again, thank you all for the quick and thorough answers.  Impressive!  :)

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15192
  • Karma: +1414/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: New to PFSense, trying to get gigabit to work
« Reply #8 on: December 17, 2017, 08:24:05 pm »
" currently populated by a double-wide video card"

Router doesn't even need a video card ;)
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)