m0n0wall... slow? anyone? *confused* help!

[DeathByMonkey]

Hi guys,

I've set up my spare PC (pII450, 256mb ram) running m0n0wall as my router. I really like it - lots of features and the GUI is very well made - so much better than any commercial routers I have come across.

The only problem that's really getting to me now is that using m0n0wall as my router seems to have made my internet connection really slow. I ran a little test to confirm, downloading the same file (3dmark06) from a swedish ftp:

My PC ---> DI-624 Router ----> 4mbit cable modem (400+kbytes/s)
My PC ---> DI-624 as a switch ---> m0n0wall ---> 4mbit cable modem (5kbytes/s)

The WAN interface in the m0n0wall box is a 10/100 ISA network card. The LAN interface is a 10/100 PCI card.

I tried faffing with the traffic shaper (using the magic shaper wizard or whatever its called) and it managed to up my download speed from 5k/s to 20k/s. Still, it's pathetic. I just don't understand how it can be going so slow? If I put a bucket load of different downloads going I can get it to top out at about 100k/sec, but it's totally stupid because I easily get over 400k/sec when not using m0n0wall

Does anyone know why this might be happening? Could it be a bottleneck in the system between ISA bus and the PCI bus? m0n0wall report the cpu usage as not really going above 10%, and the memory usage stays constant at 9% so I hardly think it's stressing the system.

Any ideas? I'm getting kind of annoyed now. :'(

thx in advance,

DeathByMonkey

 

[Adz]

Are you seeing any packetloss from your PC to your m0n0wall or from your m0n0wall to the internet? That would be my first port of call.

 

[DeathByMonkey]

Are you seeing any packetloss from your PC to your m0n0wall or from your m0n0wall to the internet? That would be my first port of call.

Not really sure how to definitively test this, but m0n0wall says in/out packets have 0 errors on both LAN and WAN interfaces. Also I had a ping running for about an hour from my pc to the m0n0wall box and got 0 packet loss.

Any other suggestions?

 

[Adz]

SSH into the m0n0wall and wget www.2host.co.uk/100mb.bin - what speed do you get?

 

[DeathByMonkey]

SSH into the m0n0wall and wget www.2host.co.uk/100mb.bin - what speed do you get?

Ah... could be a problem. I am just running bog standard m0n0wall with no extra modules (I didn't even know you could add ssh until I googled). So I can't do that I am afraid, thx anyway though.

Just downloading via my pc i get between 30 and 50k/sec :-s

 

[Adz]

I'm surprised it doesn't support SSH by default. In that case hook up a keyboard, log in at the console then run the wget. That will let you know definitively whether it's your LAN or your WAN interface causing the problem .

 

[DeathByMonkey]

I'm surprised it doesn't support SSH by default. In that case hook up a keyboard, log in at the console then run the wget. That will let you know definitively whether it's your LAN or your WAN interface causing the problem .

Dude I don't think you can do that with m0n0wall...... it really is a super stripped down version of freeBSD and all you can do at the actual workstation is choose some basic menu options for initial set up of the router. There aren't any unix-like commands per se. hmm.

I think I'll pop into some shop or another tonight on the way home from work and get another pci NIC to see if that solves the problem. If not then god knows what's wrong.

 

[Adz]

You must be able to get to a console somehow I'm sure. Quite prepared to be wrong though - someone please correct me .

 

[FordPrefect]

You must be able to get to a console somehow I'm sure. Quite prepared to be wrong though - someone please correct me .

You are wrong in this case. m0n0wall is a specific security hardened firewall OS which no access to command shell even on the console by default. All you get is a menu system to help configure/manage the box.

 

[Adz]

You are wrong in this case. m0n0wall is a specific security hardened firewall OS which no access to command shell even on the console by default. All you get is a menu system to help configure/manage the box.

Wow, I have to say I'm surprised. I can't see what harm there would be in giving console access even if they didn't support SSH/Telnet. I'm sure there's probably an easy way to enable it though if you so wish.

 

[DeathByMonkey]

Reeto lads.... popped into a certain high street retailer and got myself a new 10/100 NIC in the hope it would fix my problem. I am sad to say it didn't.

In fact, m0n0wall didnt even recognise the new card as an interface, which surprised me a lot. I got kinda frustrated and then ripped a NIC out of one of my linux boxes and tried that (I knew this NIC was working on my linux box) and again it was not recognised by m0n0wall.

I tried switching about NICs left right and centre, trying different PCI ports, etc but to no avail. In the end I got ****** off and decided to temporarily sacrifice my linux box (i use it for downloading so its always on) and plugged in the bootable hard drive with m0n0wall on it, then inserted 2 NICs into it and hey *****NG presto m0n0wall is up and running perfectly, and I am getting a steady 4mbit downstream as I should be!!!! Woooohooo!

So, now that I know it works I think I'm gonna buy myself a nice silent VIA EPIA 5000 mini itx mobo and build a proper dedicated router. Sweet.

Thanks for your help anyway Adz.

DeathByMonkey

 

[Mr. Brightside]

Sorry I wasn't around earlier to try and help, since it was my suggestion you use it Though I don't think I'd have been much help. Anywho, glad you tried it and glad you got it working in the end.

FWIW, you can get a shell on m0n0wall, albeit crippled (doesn't recognise wget for one thing) at http(s)://hostname.example.com/exec.php

null