Thanks, I doubt that will change anything, but will try it when avaliable 
I think it’s the cpu the bottle neck. Have a look at this thread: 1Gbps Internet for home use with IPS and VPN?
If you search this forum with “single thread” I believe you will find similar discussions.
Thanks let me check up on that, but server if a beefy one with dual CPU and lots of cores
Felix
Have you enabled IPS in WUI Firewall–> Intrusion Prevention ?
Hi
No Intrusion Prevention enabled, default ISO installation with a few firewall rules
Check also this thread: Routing using only one core on Download you might want to check if all the cores of your cpu are used.
load average: 0.00, 0.02, 0.00 when downloading via eget - get 94MB pr. sec and can run multiple in parallel and they all get about the same speed?
That might still be irrelevant. If only one core can talk to the network card, then there is no parallelisation. It is a classic problem with loads of hardware that is either cheap, or has broken firmware.
You can check by having a look at /proc/interrupts.
Generally IPFire can easily transfer 10 GBit/s if hardware permits. Even with an Intel Atom processor this is possible.
2 Likes
This can also seen from the iperf3 results.
If you use 10 parallell streams, you get rates near by your nominal rate.
Ok I installed nginx on ipfire and downloaded a 10GB file with wget and get 1.04GB/s so hardware on LAN side should be good right? - WAN is running over SFP+ and LAN over BASE-T
Thanks
Yes, this is a broken setup. All interrupts are handled on the first processor. The other 31 cores are idle.
So it is hardware issue and not a software issue.
3 Likes
Really ok, so is it CPU/motherboard or Network cards you think?
Thanks
LAN test with nginx I got full speed on the wget, so could it be related to the SPF nic only?
No. Keep in mind that there are limits depending on Roundtrip time/ping. A network with 80ms ping has a theoretical limit of 1.5Gbit for one TCP Stream. (If the buffers and segment sizes are at default settings)
2 Likes
Arne is right. You might not get a 10 GBit/s link saturated using a single TCP connection. However, the NIC is not helping here either because it further increases latency (because you will have to wait that the first processor core becomes available to handle packets).
You could try a firmware update, another NIC, or replace the whole machine.
Just for reference, our IPFire Enterprise Appliance performs load-balancing over all processor cores and therefore is very power efficient:
The other appliances do this too, which is why they all have relatively small processors because a lot of work is already done by the network controller.
3 Likes
Alright, do you know what supermicro motherboard is use on the appliance?
Thanks
It comes down to more than just the mainboard. There needs to be firmware support as well, the NIC must be able to handle this and of course the software.
ok thanks got it - is there a hardware list if I want to build it my self?
There are some things on the wiki and on here.
I can’t recommend anything else but our own appliances, because those are the only ones that I work with and so much time has gone into them to make features like this working.
1 Like