|
|
Post by Evermorian on Jun 10, 2016 2:48:39 GMT
I have a soekris net5501-70 running the latest version of SmallWall (and m0n0wall before that) and, seem to be having a performance problem.
The router's WAN interface connects to the cable modem for a Cox 50mbps broadband connection. Testing against bandwidth test websites (e.g., speedtest.net), with no other load on the connection, I am seeing performance around 24mbps.
If I replace the soekris+SmallWall router with a consumer-grade wireless router (a Netgear WNDR3700), I see performance around 60mbps.
If I set up an isolated test environment with the soekris SmallWall between two machines (one on the LAN port and one on the WAN port) and route iperf3 through it, I see performance around 90mbps.
I know that bandwidth testing website are not the most accurate approach and, that there are other factors that can't be isolated there. The results are consistent over multiple tests on multiple days, though.
My firewall rule set is very basic. I'm not doing any NAT or traffic shaping. I am using the DHCP server and DNS forwarding. I have a VPN configured but, it is rarely used.
Some web searching suggests that I should be able to expect performance of ~84mbps with this hardware and m0n0wall.
Any idea what's going on? Shouldn't a net5501-70 with SmallWall be able to at least match the performance of a consumer-grade wireless router?
--
Andrew Crawford
|
|
|
|
Post by Lee Sharp on Jun 10, 2016 4:02:56 GMT
|
|
widea
New Member
Posts: 4 
|
Post by widea on Jun 11, 2016 10:42:59 GMT
The test where you get 60Mbps seems contradictory but sometimes my cable modem delivers a slightly higher speed than advertised.
You should get a higher speed than 24Mbps, obviously. Try switching off and on your cable modem. Sometimes that helps.
For comparison: I have a 150Mbps/15Mbps cable connection. With my Soekris 5501-70 I can get approximately 84Mbps/12Mbps out of it (with traffic shaper switched on).
Best regards,
Cor
|
|
|
|
Post by Evermorian on Jun 17, 2016 0:54:02 GMT
Thank you for the suggestions! I am not seeing any errors at all on the status_interfaces.php page. I pulled down the latest Ubuntu release via Bittorrent with both routers. Though it wasn't release day, there were something close to 8k seeders. With the Netgear device, it peeked (and mostly stayed) around 6mbps. With the soekris SmallWall, it peaked around 3.5mbps. I tried with openspeedtest.com and, saw the same thing, though to a lesser degree. With the soekris SmallWall, I got about 55mbps on average. With the Netgear device, I got about 60mbps on average. I'm not sure if it is meaningful but, I could also see the speed spike higher during the test with the Netgear router (up to around 90mbps vs. spiking to around 65mbps with the soekris SmallWall). With www.bandwidthplace.com, I got about 5mbps with both. So, I am guessing something was going awry there. speedof.me fell off my list to test with this round somehow. In any case, I am still seeing what looks like a significant performance difference with the cheap Netgear router outperforming the sokeris SmallWall. The perception of the users is that things are "a lot faster" since they switched over to using the Netgear device as their router. Very frustrating. |
|
|
|
Post by Lee Sharp on Jun 17, 2016 2:35:54 GMT
Go to the hidden exec.php page. Put ifconfig in the command field and execute. Paste the output here. For example...
$ ifconfig
vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=82808<VLAN_MTU,WOL_UCAST,WOL_MAGIC,LINKSTATE>
ether 00:80:64:50:74:e4
inet6 fe80::280:64ff:fe50:74e4%vr0 prefixlen 64 scopeid 0x1
inet 73.136.18.217 netmask 0xfffffe00 broadcast 255.255.255.255
nd6 options=41<PERFORMNUD,NO_RADR>
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
em0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:15:60:04:8f:64
inet 192.168.64.1 netmask 0xffffff00 broadcast 192.168.64.255
inet6 fe80::215:60ff:fe04:8f64%em0 prefixlen 64 scopeid 0x2
nd6 options=41<PERFORMNUD,NO_RADR>
media: Ethernet autoselect (1000baseT <full-duplex>)
status: active
em1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=9b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM>
ether 00:15:60:04:8f:65
inet 192.168.65.1 netmask 0xffffff00 broadcast 192.168.65.255
inet6 fe80::215:60ff:fe04:8f65%em1 prefixlen 64 scopeid 0x3
nd6 options=41<PERFORMNUD,NO_RADR>
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
enc0: flags=41<UP,RUNNING> metric 0 mtu 1536
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3<RXCSUM,TXCSUM>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
nd6 options=43<PERFORMNUD,ACCEPT_RTADV,NO_RADR>
ipfw0: flags=8801<UP,SIMPLEX,MULTICAST> metric 0 mtu 65536
|
|
|
|
Post by Evermorian on Jun 23, 2016 21:09:09 GMT
Ok, I got the users to let me leave the router in place for a bit so I can respond faster for troubleshooting. Here is the ifconfig output (public IPs and MACs altered to avoid attracting abuse).
$ ifconfig
vr0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC,LINKSTATE>
ether 00:00:24:xx:xx:xx
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
inet6 fe80::200:xxxx:xxxx:6d74%vr0 prefixlen 64 scopeid 0x1
nd6 options=41<PERFORMNUD,NO_RADR>
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vr1: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC,LINKSTATE>
ether 00:00:24:xx:xx:xx
inet 174.79.x.x netmask 0xfffffff0 broadcast 174.79.x.y
inet6 fe80::xxx:xxxx:fed0:6d75%vr1 prefixlen 64 scopeid 0x2
nd6 options=41<PERFORMNUD,NO_RADR>
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
vr2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC,LINKSTATE>
ether 00:00:24:xx:xx:xx
media: Ethernet autoselect
vr3: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8280b<RXCSUM,TXCSUM,VLAN_MTU,WOL_UCAST,WOL_MAGIC,LINKSTATE>
ether 00:00:24:xx:xx:xx
media: Ethernet autoselect
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=3<RXCSUM,TXCSUM>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x5
nd6 options=43<PERFORMNUD,ACCEPT_RTADV,NO_RADR>
enc0: flags=0<> metric 0 mtu 1536
|
|
|
|
Post by Lee Sharp on Jun 23, 2016 22:18:33 GMT
Well, hmmm... You are showing 100baseTX <full-duplex> and if you have no collisions, that is correct. It would be nice if we could see the same thing from your ISP... Can you get into your cable modem?
Also, what version are you on? I am seeing the firewall as an interface, and you are not... I am on 1.8.4b10. (For another 5 minutes...)
|
|
|
|
Post by Evermorian on Jun 23, 2016 23:46:12 GMT
I typically run the latest stable on production systems. So, this is 1.8.3. Would I be better off with the developer build?
Correct, there are no collisions showing on the Interfaces page.
We don't currently have access to a UI on the cable modem. I might be able to negotiate that with the provider.
|
|
|
|
Post by Lee Sharp on Jun 23, 2016 23:59:56 GMT
Trying different versions can help in some cases. After all, the new versions are to add or fix something in the old ones...  1.8.4b11 will be up tonight. |
|
widea
New Member
Posts: 4
|
Post by widea on Aug 17, 2016 19:10:15 GMT
Bit late but by accident I experienced a similar problem. It may be of interest.
I just replaced a Soekris 5501-70 for an Alix 2D13. Instead of getting a speed of around 80Mbps I got 35Mbps.
All interfaces were full duplex, 100Mbps, resetting the cable modem did not help. In the end only enabling device polling did.
The question remains why. Could it be a software-hardware incompatibility issue? In that case an update of Smallwall may help (as suggested before by Lee).
Regards,
Cor
|
|
|
|
Post by Evermorian on Dec 14, 2016 22:36:35 GMT
Thought I would update since I am messing with this again:
I have now reproduced this with the same service provider (Cox) and a new net5501-70 at a different location. With a notebook connected directly to the cable modem, I get well over 300Mbps download speeds. Through the soekris SmallWall, I get ~85Mbps.
The newer SmallWall release made no difference.
I enabled device polling on the SmallWall and, actually saw slightly worse performance, though it may not be a significant amount (~81Mbps).
I am not sure if this is a SmallWall issue or a device limitation. Probably the later.
I note that soekris has discontinued the net5501 (two weeks after I ordered this one).
|
|
|
|
Post by Lee Sharp on Dec 15, 2016 0:28:32 GMT
Yeah, about 80 meg is as good as those older systems will do. You are bumping up against the limits of both the nics and the CPU.
|
|
1.8.4b11 will be up tonight.