I'm running 1.2-RELEASE and we recently upgraded from 10mbps DSL to a
metro fiber link and we were seeing a pretty significant performance hit
across the firewall, especially outbound.  In troubleshooting this, my
provider has disabled all limiting on their end and the connection is
basically a wide open FDX 100Mbps link.  This *really* made the
performance drop noticeable.

Simple Diagram:

----------------   --------------   ------------
| Fiber Switch |---| Cisco 2801 |---| Firewall |--> Multiple LANs
----------------   --------------   ------------
                          |
                   --------------
                   | DMZ Switch |--> DMZ Hosts
                   --------------

A laptop directly connected to the fiber switch can pump >80Mbps to many
points on the Internet.  Behind my router it only hits 45-60Mbps
probably because the router was never intended to be used at this speed
(before the speed was bumped to 100mbps there was no significant
performance drop).  Behind the pfSense box, however, averages around
20-25Mbps to the Internet.  LAN to DMZ Hosts are around 55-60Mbps.

The box is pretty beefy - a SuperServer 5015M-MF+B, Xeon 3040 with 1GB
DDR2 and six Intel 1Gbps ports.  I'd be a little surprised if the
hardware has anything to do with it.  CPU and RAM usage have never
exceeded 10%.

I tried enabling polling but that made no difference.  I've disabled the
traffic shaper and removed most of my packages to get where I am now and
I've run out of ideas.

Anyone?

Ted Crow
Information Technology Manager
Tuttle Services, Inc.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to