[SOLVED] PfSense and/or bridge limiting bandwidth ?

A

alxml

New Member
Mar 1, 2024
3
0
1
Hi All,

I'm going to go mad as i don't understand what's happening here,
got an homeserver and fiber connection but got an issue doing LAN 2 WAN debit tests.
1713789837952.png
Server is Ryzen 9 5950X and 32G ram

My Pfsense is on both LAN/WAN ( 4 cores : 1Gb Ram )
Go some VM's on LAN also, connected using Linux bridge ( using bond0 of 2 x 1Gbit NIC"s)
My wan is using my motherboard 2.5G
My Fiber connection is a 5G down / 700 mb UP

When i put a vm on WAN bridge ( direct to router : vmbr0), test on fast.com gives me the max value available 2.5Gbps)

When i do the same test using the same VM but link on vmbr1 aka LAN , mas speed is ~700mbps !
It seems that the bandwidth is limited like if i was connected using a switch , however i thought that given that my VM are on the same bridge (Pfsense + my VM on LAN Linux Bridge)

I tested iperfs3 also using my Pfsense as server and the debit is a way better than the one using internet
1713790506698.png
if i do the same on WAN interface of my PfSense as target
1713790556410.png

fast on vmbr1 (WAN):
1713792300992.png
fast on vmbr0 (LAN Through PfSense )
1713792363890.png



I don't understand as LAN is using virtIO( so 10Gbps announced) , enough CPU , memory ?
My PFsense is also i guess well configured :
1713790276236.png
1713790257813.png

in advance, thanks for your tips !
 
Last edited:
I think the problem here is the kernel in the virtualisation.
Proxmox is running Linux and pfSense is running FreeBSD which is different. So there's essentially an emulation layer happening. What you could do to prove this is to run a firewall with a Linux kernel to prove it. Something like IPFire I believe is running the Linux kernel.

When I tested opnSense and IPFire years ago I had the same, IPFire was basically line speed, something like 970 (for me 1G) and on opnsense I was hitting between 700-800Mb but for me this is fine.
Also run opnSense rather than pfSense, it was forked years ago and is much better
 
Hi , Thanks , i moved to opnsense and noticed one thing.
If i disable ipv6 when i have the VM linked directly to WAN , the bandwidth drops to the same value as when i'm using the LAN through OpnSense,
I'm now trying to enable ipv6 on opnsense to check if that could solve my issue, as ipv6 not having NAT, it could explain the speed difference?
Thanks also for opnsense which seems much better and have a friendlier UI !
 
Hi, quick update as i configured my opnsense using ipv6 and now all issues are gone, bandwidth is now 2.5Gps on my whole Proxmox and all Vm (limited by NIC and my ISP Router for now)
Thanks for the advice to move to opnsense @boopzz.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back