Optimizing your network's speed. Updated modem specifications.
Optimizing your network's speed. Updated modem specifications.
I own a PFSense router with one 1Gbps port, two 10Gbps ports, and a modem featuring a 2.5Gbps connection and a 1Gbps port. My router directs traffic to a Cisco 2960S switch connected to a TP-Link EAP 620 WAP. Should I link my PFSense device to both WAN links to boost performance, given that my card can't handle multiple gigabit speeds on 10/100/1000/10G?
Do you possess a 10 gig SFP for your Cisco switch? Gigabit remains gigabit, even with the full 2.5 gig link speed between PFSense and your modem, you'll still face limitations from a gigabit connection between the Cisco and PFSense. If the PFSense unit is a DIY project, does it accommodate a 2.5G Ethernet card? You might be able to combine links on two ports between your modem and PFSense, provided your modem allows it, though it adds some complexity.
LAGG/LACP operates differently—it uses hashing based on source/dest IP, MAC, and port, which means bandwidth isn't combined in that way. You're limited to one link per client depending on the hashing rules. To achieve over gigabit speeds on a single client, you need at least two 2.5G links connected end-to-end. For several clients, it may work, but a single client won't reach 1.2Gbps.
I can accommodate an additional 2.5GB NIC, though they’re difficult to locate. The Cisco offers only 1Gbps for both SPF and Ethernet connections. My current performance shows MultiGIG speeds around 600MBps, while a client test via speedtest-cli suggests 99-560Mbps depending on distance and other unspecified factors.
It's very simple to locate the Intel i225 B3. If you can't find it locally, you can purchase it from eBay or Aliexpress. They're also available in M.2 form.
I previously purchased a 2.5 gbe TP-Link TX201 but couldn't confirm its chipset. I searched for comparisons to Realtek cards, though the match wasn't clear. After installing the Realtek-re-kmod driver, my system malfunctioned. I'm hopeful this Intel chipset card will work better now. Thank you again.
Traditionally people steer clear of Realtek in pfSense because those chipsets often have strange behaviors. Intel faced some problems with the early i225 chips in B3, and now i226 is available but still not fully supported on pfSense (expected in the next update). My router uses four i225 B3 NICs and has performed very well. I've managed to get around 1.6Gbit through Steam multiple times—roughly the top speed you'd expect from both connections combined. I strongly suggest going with the included box if you ever consider a dedicated setup; it's much more compact and efficient, using less power overall than a homemade build.
Only a few versions of the 2960S offered 10Gb ports, most featured 4x1 GbE SFP enclosures or combined ports. The stacked ports typically sit at 10G per port, though availability is limited. It's quite affordable to find used units—my collection of two 2960S-24PS models cost around $40 total when shipped. @ruxikdanub What about the 10GbPFsense NIC? It seems swapping it for a M-Gig SFP would be straightforward, but only if it uses an SFP cage rather than an 8P8C connector. You might route directly at the access layer and enable ECMP between the switch and PFsense, allowing you to expand single flows across more active links. The 2960S supports basic L3 forwarding, though this isn't officially documented. I recall using it with an ERPro-8 and a 3560-E via OSPFv3—it worked well.
It's a two-port Intel X540 third-party NIC purchased on Amazon. As my name implies, I'm still getting the hang of these things. However, I'm trying to understand networking and cybersecurity better.