NBN100/40 only getting 2mbit up via Pfsense

Discussion in 'Networking, Telephony & Internet' started by fureien, Mar 16, 2020.

  1. fureien

    fureien Member

    Joined:
    Apr 11, 2013
    Messages:
    79
    Hi All

    This is absolutely driving me nuts, hopefully one of you can figure out what im missing here as ive spent hrs today troubleshooting

    I recently got NBN and setup my network. All was perfectly fine during first week, but today i decided to do my first speetest and noticed i was getting 100 down but only 2up!!!

    For reference this is my setup:

    Optus 100/40 FTTC NBN

    NBN Gateway > Pfsense box > Asus Rt AC88u in AP Mode > PC

    with the above setup i am able to get on the net instantly and get 97mbit down. But only 1.87mbit upload

    I then changed the setup just to see if it was my setup or my connection. Using the following:

    NBN gateway > Optus sagecomm F@st 5366 TN > PC

    via this i was able to get 97down and 37mbit upload
    much better! But how do i get upload working and eliminate the sagecomm entirely from this network??

    So then i tested connecting the optus router to the pfsense:

    NBN gateway > Optus sagecomm F@st 5366 TN > pfsense > PC
    (this way i eliminated the possibility that the Asus was causing a problem)

    When PC connects to internet via pfsense, i still only get 2mbit up, even though its internet is being fed through the sagecomm. using this method i am able to still able to use my pfsense's custom DNS config (because connecting to sagecomm directly gives me blocked sites, whereas pfsense connected to sagecomm lets it through. How this is possible i have no idea.) But my issue of 2mbit instead of 40mbit up is still happening

    So i was wondering, is there something special about the sagecomm that enables it to get full 40mbit up? Or is there something wrong with my Pfsense setup that is capping upload to 2mbit only? I used to have optus cable 100/2. But cant imagine that would be causing a 2mbit cap on the pfsense given the cable has been disconnected

    I also dont want to use the sagecomm (and i dont care about landline since i dont use it). Especially since i dont know how to get into bridge mode with it. Theres no setting and googling around whirlpool and optus forums nets me the same answer in that its locked down firmware.

    So in the meantime, anyone know whats going on here as to why my direct FTTC to pfsense is capping the upload? is there some setting in my pfsense that ive accidentally set to cap possibly?

    on a side note, if the answer ends up being something to do with "you have to use the optus router to get the full connection". Will buying something like a replacement MyRepublic Wi-Fi Hub+ Modem / Technicolor TG789vac v2 (White) off ebay solve the problem?

    The only thing i havent tested yet is direct NBN > asus router (so router that is not sagemcomm or pfsense) and see if that gets 40 up. that means its definitely issue with pfsense. Although above is pretty evidence enough. But i will need to dig up an spare router since i dont want to mess with my existing router's config

    Thanks
     
    Last edited: Mar 16, 2020
  2. caspian

    caspian Member

    Joined:
    Mar 11, 2002
    Messages:
    10,725
    Location:
    Melbourne
    you're on FTTC, so the Sagemcom is acting as a router, not a router/modem - there's nothing to bridge. at most you'd turn the thing into a switch and end up with the same outcome as connecting the pfSense box directly to the NCD.

    I'm not a pfSense person so I have no idea what settings might cause this (MTU too large?), but I would definitely try eliminating both the pfSense box and the Sagemcom to prove the point. to my knowledge Optus use DHCP authentication, you should be able to connect your PC directly to the NCD and get a layer 3 connection with no router.
     
    Last edited: Mar 16, 2020
  3. zero_velocity

    zero_velocity Member

    Joined:
    Sep 16, 2010
    Messages:
    2,714
    Location:
    QLD
    Problem is with the ofSense setup. You don't need to have any special router to get the full bandwidth of the NBN network, unfortunately it isn't nearly fast enough to cause any hardware limitations (thanks grubberment).

    You will probably find that a high quality router will actually get a slightly higher throughput than the ISP provided ones as generally they opt for a more basic / economical model.
     
  4. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,426
    Location:
    Brisbane
    Assuming this was all wired, check that you have no transparent proxy, QoS, bandwidth shaping or rate limiting turned on on the pfSense.

    Also other basic checks like ensuring the interface is running full duplex, and the MTU is correct.

    I manage several pfSense boxes around the globe that can all handle this fine (like, 10GbE+ links).
     
    bcann likes this.
  5. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,426
    Location:
    Brisbane
    Wait... did you ever try NBN box -> pfSense -> PC ?

    If not, do that.
     
    whysmell likes this.
  6. ewok85

    ewok85 Member

    Joined:
    Jul 4, 2002
    Messages:
    8,098
    Location:
    Tokyo, Japan
    How about the pfsense box specs and is it running latest stable community version (2.4.4) and what did you change from default?

    If it's an old config you can dump a backup, clear it to "factory" default and try from scratch. Worst case you can import the backup and it'll go back to how it was.
     
  7. OP
    OP
    fureien

    fureien Member

    Joined:
    Apr 11, 2013
    Messages:
    79
    i figured it out, my bandwidth shaper upload profile was set to 2mbit to match old cable modem setup

    always the simplest things that get you
     
    Pugs likes this.
  8. ae00711

    ae00711 Member

    Joined:
    Apr 9, 2013
    Messages:
    1,576
    yes.. because the chances the OP is running hardware/software that would limit a 100mbit / 40mbit connection is quite high /s
     
  9. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,426
    Location:
    Brisbane
    Pro tip: don't bother with traffic shaping. 100% of the time it causes more heartache than the thing you're trying to fix.

    Leave it to large networks with thousands of users and complex SIP/VOIP routing. Not the sort of thing a home user needs.
     
  10. Primüs

    Primüs Member

    Joined:
    Apr 1, 2003
    Messages:
    3,398
    Location:
    CFS
    *looks at my 10's of mangle / queue rules* :weirdo:

    although the amount of fuckery and customisation I have on my home network would rival a small WISP.

    *disclaimer* Network admin for medium sized WISP haha
     
    elvis likes this.
  11. evilasdeath

    evilasdeath Member

    Joined:
    Jul 24, 2004
    Messages:
    4,890
    While many rules may be overkill, a simple fq_codel/CAKE shaper on the uplink makes a world of difference to some things. I would much rather be in control of the shaping than let it hit a policer.
     
  12. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,426
    Location:
    Brisbane
    I repeat: for 99% of home users, it causes nothing but grief. This thread is the sort of thing I hear home tinkerers complain about all the time.

    OCAU CCNA crew get a free pass because it's their job and they understand what all the little dials do. All other mere mortals, forget about it.
     
  13. evilasdeath

    evilasdeath Member

    Joined:
    Jul 24, 2004
    Messages:
    4,890
    CAKE and before it fq_codel are simple enough thou, that was there design for that reason. The only harm that they set it correctly and there little speedtest says 90/35mbit instead of 98/38.5 but in general application performance is better. Sure at 40mbit its less of an issue. At 900k/2mbit of ADSL/cable it makes a world of difference.

    I hate the drive of retail to make the bigger (or smaller) number better and what matters, application performance is far more important, yet there are few good ways to measure it that give a simple number response. Everyone focus's on ping and low ping, and higher bandwidth, but few focus on the variation of latency which is far more important in this day in age of interactive applications.

    And by your idea users should also stop using speedtest as they don't understand the things that go on behind it and how its results should be interpreted.
     
  14. caspian

    caspian Member

    Joined:
    Mar 11, 2002
    Messages:
    10,725
    Location:
    Melbourne
    they're selling to Homer Simpson who apparently suffers a brain embolism as soon as he's asked to understand anything related to a computer. so they fall back on the simplest fact that even Homer can grasp - bigger beers are better 'cos they're bigger. it doesn't have to be particular logical or even relevant, just close enough to the truth that the ACCC doesn't sue them for advertising it, and simplistically attractive enough that Homer buys that product over a competitor.

    I could not agree more there.
     
  15. elvis

    elvis Old school old fool

    Joined:
    Jun 27, 2001
    Messages:
    40,426
    Location:
    Brisbane
    Just like I think installing Ubuntu is utterly trivial.

    But for regular folks, it isn't. Perspective is a wonderful thing.
     
  16. ewok85

    ewok85 Member

    Joined:
    Jul 4, 2002
    Messages:
    8,098
    Location:
    Tokyo, Japan
    Sorry, I don't understand. In the end he was limiting his own connection because of the software he was using...

    I mean, that's the whole point of pfsense - you can go nuts and do all sorts of things, and it's very easy to slow a connection to a crawl. My own pfsense build has squid, pfblocker, snort, openvpn, nmap and a bunch of other crap running that I really don't need.
     
  17. waltermitty

    waltermitty Member

    Joined:
    Feb 19, 2016
    Messages:
    1,176
    Location:
    BRISBANE
    i think most semi-technical people know what bufferbloat is and understand why it happens
     
  18. ae00711

    ae00711 Member

    Joined:
    Apr 9, 2013
    Messages:
    1,576
    you initially mentioned hardware specs and software version, hence my reply - that is, I highly doubt that the pfsense version he's running is the cause. It could be a version from 10 years ago, and providing its config'd properly, shouldn't be the reason for a slow 100mbit/40mbit connection. Likewise for hardware. I think I've seen ppl run pfsense on a rpi(?)
     

Share This Page

Advertisement: