Netgate SG-1000 microFirewall

Author Topic: *RANT* Why pfsense is popular  (Read 1320 times)

0 Members and 1 Guest are viewing this topic.

Offline edseitzinger

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
*RANT* Why pfsense is popular
« on: December 21, 2017, 08:50:21 am »
In my quest to increase my networking knowledge and to have control of my own equipment, I had decided to remove my Google Fiber network box from my network and decided with a single box solution. Yes you can guy a managed switch like the edge router and stick a consumer router behind it (this is a need of having GFiber as you have to set your WAN to VLAN 2 with a 802.11q bit of 3) and be done with it.  But after reading and watching many many youtube videos about rolling your own router and most of them were about pfsense, I then focused my video watching to pfsense related videos.

First I bought a cheap Chinese pos intel j1900 cpu based mini pc, works ok so long as your wan connection is under 300Mbps. So then I decided to build my own small form factor pc. THe heart of this beast would be an AMD FM2+ A10-8750 cpu on a A88X based mini itx board. Along with a 4 port intel nic this box chews up 1Gbps and spits it back out. I have zero issues when it comes to "normal" data traffic.

*RANT part*

But the the life of me this OS is crap for gamers, online gamers (atleast with WOW). If my GFiber box is the router, WOW as a constant 70-80 ms lag, with pfsense 300-1500 ms lag. And I have tried having port forwarding on and off with no difference. Now I can live with 300ms lag but anything over 500ms is painful. So i decided to try a few other firewall/router x64 solutions, mostly linux based. And now I know why pfsense is so popular, most everything out there is dog sh*t.  I had seen few posts about gamers using UNTANGLED of pfsense as they felt UT didn't introduce the lag that pfsense does as using the same HW they had way lower lag with UT over pfsense. SO i decided to try UT. This would have need a good solution and seems to be one of the best solutions using linux but you can't set the 802.11q bit for the damn VLAN. Is this only a featuyre in FreeBSD based firewall/router based solutions or just a lack of intelligence of the linux firewall developers??????

I'm at a loss of ideas to run with my own router build. Pfsense is a good solutions of most but not online gamers.

Offline ivor

  • Administrator
  • Hero Member
  • *****
  • Posts: 681
  • Karma: +143/-131
    • View Profile
    • Netgate
Re: *RANT* Why pfsense is popular
« Reply #1 on: December 21, 2017, 10:50:17 am »
Sorry but you did not provide any context or asked for help. Ranting or venting doesn't help anyone. Most of us are gamers and latency is not an issue. If you have latency issues check your hardware, cables, ISP and so on.
« Last Edit: December 21, 2017, 11:00:57 am by ivor »
Need help fast? Commercial support: https://www.netgate.com/support/

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14809
  • Karma: +1374/-202
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #2 on: December 21, 2017, 11:01:48 am »
"with pfsense 300-1500 ms lag."

If your seeing this sort of lag that you are blaming on pfsense you got something else wrong... Sorry but that is just not the case... There is nothing pfsense would be doing that would introduce such extra lag..

Please show you work and setup that brings you to the conclusion that pfsense is the cause of your lag..

Something as simple as http://www.azurespeed.com/ even.. Lets see those numbers with and without pfsense.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline Harvy66

  • Hero Member
  • *****
  • Posts: 2284
  • Karma: +210/-12
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #3 on: December 21, 2017, 11:35:19 am »
Stop building castles in swamps, pfSense being the castle and the swamp being your hardware.

I'm getting 0.008ms through pfSense. I let bittorrent run 24/7 and don't have any issues with latency. Here's my quality graph against 4.2.2.2

Offline edseitzinger

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #4 on: December 21, 2017, 02:36:01 pm »
Sorry but you did not provide any context or asked for help. Ranting or venting doesn't help anyone. Most of us are gamers and latency is not an issue. If you have latency issues check your hardware, cables, ISP and so on.

That's kind of the point of it being a *RANT* do you know many RANTS that are useful or helpfully? That being said.....

All the hardware is the same minus the pfsense box and the Google Fiber box, cables everything else is the same .

AS for the Current hardware:
AMD A10-5800B FM2
GIGABYTE GA-F2A88XN-WIFI FM2+/FM2 A88X with the lastest BIOS F6
8 GB Kingston HyperX DDR3 @ 1600Mhz
INTEL PRO/1000 VT PCIe NIC 4-PORT GIGABIT SERVER ADAPTER EXPI9404VT YT674
60GB OCZ SSD

ISP is Google fiber and it is a PITA being able to remove the box from the network as the WAN has to be VLAN 2 tagged and the priority bit set to 3 which is done easily in pfsense. And may infact be the issue but I doubt that as I can goto any speed test site:

http://beta.speedtest.net
http://speedtest.googlefiber.net/
http://www.dslreports.com/speedtest

and all the speed test are within 50Mbps of each other both with the GFiber box and the pfsense box. and the pings form each site range from 4-6 ms.

My normal day to day data traffic flows with no hiccups with either box. Streaming movies (netflix, hulu, amazon) livetv (sling), youtube, pandora and that runs fine with either box. When I try to play WoW, on the GF box 78ms, nothing more nothing less. PF normal is 300-600 ms. this is with a vanilla install, and I have tried using port forwarding for the WOW server/ports doesn't not matter if they are on or off.

Also pfsense doesn't grab the dhcpv6 info that the GF box does and this seem to be an issue that all GF users have.





Offline chrcoluk

  • Sr. Member
  • ****
  • Posts: 397
  • Karma: +20/-50
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #5 on: December 21, 2017, 02:40:53 pm »
for me pfsense lowered latency not increased it.

Most consumer routers run of very weak atom type chips, whilst my units have more than 20X cpu power available over such units.

I got no idea what went wrong for you, but I disagree its "pfsense to blame" as such, might be something that needs configuring to be fully compatible with your isp.
pfSense 2.4
Qotom Q355G4 or Braswell N3150 with Jetway mini pcie 2x intel i350 lan - 4 gig Kingston 1333 C11 DDR3L
 - 60 gig kingston ssdnow ssd - ISP Sky UK

Offline KOM

  • Hero Member
  • *****
  • Posts: 5508
  • Karma: +681/-23
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #6 on: December 21, 2017, 02:43:52 pm »
The only complaints I've seen regularly are about static ports with outbound NAT.

Offline edseitzinger

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #7 on: December 21, 2017, 02:52:09 pm »
"with pfsense 300-1500 ms lag."

If your seeing this sort of lag that you are blaming on pfsense you got something else wrong... Sorry but that is just not the case... There is nothing pfsense would be doing that would introduce such extra lag..

Please show you work and setup that brings you to the conclusion that pfsense is the cause of your lag..

Something as simple as http://www.azurespeed.com/ even.. Lets see those numbers with and without pfsense.

Sorry but I have seen post where ppl have had some bad lag on a pfsense box and install untangled on the same hardware and lost all the lag. Not saying its normal, just saying that is is possible. And I would try to remove pfsense as the variable in this case but unfortunately UT does have the ability to set the 802.11q bit to 3 and confirmed by one of their engineers who has submitted a feature request ticket.

You can read the post above to see the hardware used in my pfsense box and removed as many of the variables as I could.

Currently using the GFiber box and my in game latency is sitting at 78ms as it always is.

First Pic is GF the 2nd Pic is PFsense


Right after I switch the data feed from GF to PF I reload azurespeed and WOW, wow is now at 79ms, which is awesome.

Shutting down the wow client and then restarting wow its jumped back up to 200+ms
 after about 5 minus is came back down to 100ms, this is not normal as I have raided for hrs and it never came down form 500+ ms lag.

I can live with 100ms, my issue is I have seen it go as high as 2500ms and as low as 35ms (last night while raiding) with no real explanation.

« Last Edit: December 21, 2017, 03:06:08 pm by edseitzinger »

Offline edseitzinger

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #8 on: December 21, 2017, 02:57:19 pm »
for me pfsense lowered latency not increased it.

Most consumer routers run of very weak atom type chips, whilst my units have more than 20X cpu power available over such units.

I got no idea what went wrong for you, but I disagree its "pfsense to blame" as such, might be something that needs configuring to be fully compatible with your isp.

I really can't run a consumer router other then in bridged mode and then I might as well just have a switch and a wifi woth POE along with either the GFiber box or pfsense.

Offline edseitzinger

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #9 on: December 21, 2017, 03:01:34 pm »
Stop building castles in swamps, pfSense being the castle and the swamp being your hardware.

I'm getting 0.008ms through pfSense. I let bittorrent run 24/7 and don't have any issues with latency. Here's my quality graph against 4.2.2.2

Yeah i doubt my hardware is the swamp you can read the specs above. Are you using a beta version of PFsense cuz it shows my is the latest version:

2.4.2-RELEASE-p1 (amd64)
built on Tue Dec 12 13:45:26 CST 2017
FreeBSD 11.1-RELEASE-p6

Can provide me the info to get those graph and chart I do not see them in the dashboard widgets.

Offline Derelict

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 9597
  • Karma: +1089/-309
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #10 on: December 21, 2017, 03:16:24 pm »
If you have gateway monitoring on WAN (the default setting), the system is automatically keeping track of two pings per second in Status > Monitoring.

From there select settings, change the left axis to Quality / WANGW (or the local equivalent).

A good place to start with Options: 8 hours, Resolution: 1 minute.
Las Vegas, Nevada, USA
Use this diagram to describe your issue.
The pfSense Book is now available for just $24.70!
Do Not PM For Help! NO_WAN_EGRESSTM

Offline edseitzinger

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #11 on: December 21, 2017, 03:57:11 pm »
If you have gateway monitoring on WAN (the default setting), the system is automatically keeping track of two pings per second in Status > Monitoring.

From there select settings, change the left axis to Quality / WANGW (or the local equivalent).

A good place to start with Options: 8 hours, Resolution: 1 minute.

Thank you for the help on setting that up, also playing wow now to see if that could help capture any packet drops or issues :D ;D

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14809
  • Karma: +1374/-202
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #12 on: December 22, 2017, 04:09:44 am »
I do not see any difference between your tests with your GF and pfsense..  And that azure test.. Where are those 300-1500 numbers your talking about?
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)

Offline edseitzinger

  • Jr. Member
  • **
  • Posts: 26
  • Karma: +0/-0
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #13 on: December 22, 2017, 09:58:04 am »
I do not see any difference between your tests with your GF and pfsense..  And that azure test.. Where are those 300-1500 numbers your talking about?

In World of Warcraft. Like I said my normal day to day traffic is rock solid.
« Last Edit: December 22, 2017, 10:02:15 am by edseitzinger »

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 14809
  • Karma: +1374/-202
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: *RANT* Why pfsense is popular
« Reply #14 on: December 22, 2017, 10:39:20 am »
And how exactly do you think pfsense can tell the difference between these packets.. And slow down the wow ones?  PFM?  Because pfsense/netgate hate wow players? ;)
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)