Traffic Speed LAN TO LAN

[DeVe]

Hi Guys,

Previous I had PFsense and but because my custom build and add on my custom 1u box a display to show CPU temp and usage and other functions on my small display 16x2 I've been forced to migrate to OPNsense.

All working fine but the only issue I found is traffic speed on LAN TO LAN. When I try to copy from my NAS to my pc the speed is not showing. I can see if someone is downloading from the internet on wan and lan but lan - lan not showing any traffic. I don't have IDS enable.

Any advice?

Thank you

[Gauss23]

If it is LAN to the same LAN, then the traffic is not flowing through your OPNsense. In that case it can't show you this traffic.

[DeVe]

Hi,

Thanks, all devices are assigned to firewall.

Wan - internet
Lan - switch 8 ports - all devices

Pfsense was showing the speed traffic as he will allocate the ip ,same with opnsense, the dhcp server on lan is set by firewall and allocated by firewall. So lan to lan as are defined by the server should be showing all traffic internal not only external.

[Gauss23]

To see all traffic within the local LAN the network interface needs to be set to promiscuous mode. Don't know to enable that apart from using an IDS/IPS system.

On pfSense did you have IDS enabled?

[DeVe]

Ok,

I enable "Intrusion Detection"

Tick/Untick ->  Promiscuous mode
Tick/UnTick -> IPS mode

Both settings try to enable, disabled, nothing and still not showing the LAN Traffic or speed.

If I try speed test I can see 150MB on graph but if I copy from NAS to my PC no traffic or speed will show!

Thank you

[DeVe]

Any suggestion ? I try disable ids and enable no luck so far.

[Gauss23]

Why is this important to you? It's completly normal behaviour, that you're not seeing the LAN traffic inside the LAN.
This is something which your switch is able to tell you (if it is managed).
You would see the traffic if you would have multiple LAN/VLAN and you would route the traffic between them.

When you were using pfSense maybe you used a plugin like os-ntopng? Maybe that's able to collect traffic in promiscous mode.

[DeVe]

Hi,

The behaviour was not like that when I use PFsense, I raise the question as normally on PFsense was working LAN to LAN.

I check my network for LAN :
igb0: flags=28943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST,PPROMISC> metric 0 mtu 1500

As you can see the promiscous mode is enable on lan, but on graph opnsense can't see the traffic pass from 2 devices (NAS > PC / PC < NAS) on the same network.

I ask this as to understand why and it's something where opnsense not offer?

Thank you

[lfirewall1243]

Your internal LAN traffic isn't reaching the OPNsense
And that's normal in every network.

The devices adressing each other directly when they are in the same Subnet
Basic Networking

Your PC will send the Packets adressed to your NAS out of the Network Card.
Your Switch is looking in the ARP Table for the Destination Adresse / MAC Adress and send these packets directly to your NAS or the next Switch.

[Vilhonator]

Everything is as it should be.

If you want to monitor traffic speed between 2 devices within same network, then you need to check that from your Switch or install plugin like iperf on your PC and NAS (https://iperf.fr/).