Getting slow download speeds recently.

Started by grimelog, December 08, 2024, 02:35:07 AM

Previous topic - Next topic
I already made sure the issue is not my modem by getting my ISP to reset from their end. I also shut off the modem and firewall, and then restarted them. I tried turning off IPS and IDS, and turning off my VPN. Even though, I've taken out those potential bottenecks I'm still getting download speeds of only 20 Mbps, when I should have gigabit. I do have a bunch of tunables turned on that increased my throughput back on 24.1. I'm on  24.7.10_2.

Have any idea what might be causing my issues? Anyone experiencing slow speeds even after a reset?

Quote from: grimelog on December 08, 2024, 02:35:07 AM
I tried turning off IPS and IDS, and turning off my VPN.
That is called shotgun debugging http://www.catb.org/jargon/html/S/shotgun-debugging.html

You would be better to reduce your problem instead. Find a large test file close to you geographically, say your local FreeBSD mirror: https://docs.freebsd.org/en/books/handbook/mirrors/
Download this on a computer directly attached to your modem. Avoid Windows if this is a computer you care about :). Ubuntu live from USB with tools required to connect will work. DHCP if you're lucky, PPPoE if your ISP likes cruft.
If that goes at full tilt, back up your OPNsense config and start with a clean slate - just WAN with NAT and download again through that.
Add components until the speed tanks. The last one you added is the culprit.

Not all issues are sofware related. Swap out cables, network cards, etc. The general idea is to start from a known good setup and build up from there until you see what breaks it.

Bart...

I know which features typically cause slowdown so I disabled them. I think this is a bug in OPNSense. The connection will be fine if I connect directly through the modem.

Quote from: grimelog on December 08, 2024, 11:41:24 PM
The connection will be fine if I connect directly through the modem.
"will be"?
But is it?

It is an odd bug for OPNsense which produces 20 Mb/s out of 1 Gb/s for you, 267 Mb/s out of 250 Mb/s for me.

Investigate slowly, as @bartjsmit describes. No-one is going to pop up saying "Well, just change this parameter in OPNsense...". I suggest something is different in your setup.
Deciso DEC697
+crowdsec +wireguard

December 09, 2024, 01:21:46 AM #4 Last Edit: December 09, 2024, 03:34:54 AM by grimelog
Yeah, I'm looking into it from a factory reset. Factory reset brought me back to 800 Mbps out of 1 gigabit.

I know the system since I've been running it for awhile. I probably had some configuration that was not applied properly during an update.

-------

Saving config, factory reset, restore config, and then reboot fixed the issue. I'm able to get 250 Mbps to 500 Mbps immediately.

--------

I tried another fresh install and it looks like the problem is caused by turning Surricata on. I probably need to remove some rules. I have a ET open/bottcc.portgrouped and all of the ET telemetry rules installed. Happen to know which I should get rid of?

Does Zenarmor have better performance as an IPS?