Even a B20x chokes up at 300mbps if you start turning features on, even though it says 1Gbps stateful firewall throughput.
- Disable DPI
- Disable web filtering
- Disable application filtering
- Disable QoS
Then see if that improves throughput any.
All of my Balance One Core routers are HW1, the only hardware revision (the Balance One with Wi-Fi) has 3 hardware revisions: 1, 2 and 3).
I believe the test that I mentioned where “I even factory reset one of them and then tested” disables everything. Please let me know if that is not true.
I hope one can expect that a Peplink product will meet specification right out of the box.
Some of those can be configured by inControl2, and would be re-enabled automatically after a factory reset.
Thanks. I’m safe from inControl since I don’t have it.
I ran into an issue a while back where bandwidth was cut in half when using “Outbound Policy Rule using Domain Name”. This was back in 8.0 though:
Maybe you’ve run into something similar with 8.3 ?
I have a Balance One running 8.2.1 and am not having any bandwidth issues:
There is something that is eating up the entire CPU on Ookla speedtest.net with the Balance One Core. Testing was done after resetting the Balance One to factory defaults. Wireshark showed some packet differences:
-
Speedtest.net 100% CPU at 300-360Mbps. Wireshark shows packet lengths of 1454.
-
Fast.com was around 90% cpu at 440Mpbs. Wireshark showed packet lengths of 1454 with “TCP segment of a reassembled PDU”. @soylentgreen, I wasn’t able to match your 640Mbps using Fast.com; 440-450Mbps on 8.2.1 and 8.3.0.
-
Firewalla internal router speed test was 75% cpu at 650-700Mbps. Wireshark showed packets of length up to 58,000 with Wireshark noting some packets as “TCP segment of a reassembled PDU”.
Perhaps Peplink can chime in too. And perhaps do some testing of their own. At a minimum, it appears that the different types of speed test packets as shown by Wireshark are causing some CPU differences.
I did some repeat testing, and that 640mbps was a bit of an outlier. Repeat tests on fast.com were closer to 450, and my CPU was pegging close to 100%.
So if you are getting 450 also on 8.2.1 that sounds about the same as me…
Just tested speedtest.net and got 480, then 476:
I tested on 8.4.0 RC 1. The results were the same. I then posted the following on Firmware 8.4.0 RC 1:
There is definitely a real world performance problem with Balance One Core with 8.4.0 RC 1 (build 5585) not reaching is rated 600Mbps stateful firewall specification. It is reaching 300Mbps on Ookla’s Speedtest.com, the gold standard speed test for most people, and 450Mbps on Fast.com which increases the size of their average payload. Ookla sticks with the MTU size, a reasonable real world test approach.
This has been verified for multiple Balance One Core routers, and by more than one person. I bench tested three different Balance One Core routers, after resetting to factory defaults, on a 1.2Gbps Comcast line using a Firewalla Gold Plus in between a 1Gbps modem and the Balance One, then in between Surf Soho. The Firewalla easily reaches 900Mbps. The Surf Soho reaches 120Mbps on Ookla and Fast, its rated speed. The Balance One Core is reaching 50% of its rated speed on Ookla and 75% of its rated speed on Fast.com, the same results as when directly connected to the 1Gbps modem.
The difference between the Surf Soho and the Balance One Core is the CPU usage. This is particularly evident when running the Firewalla internal speed test where the Surf Soho can reach 140-150Mbps at 70-80% CPU while the Balance One Core can reach 550Mbps to 650Mbps at 90-100% CPU. The Firewalla uses much bigger packet sizes than the modem MTU to achieve this.
I also discovered that the difference in speed tests results is highly dependent on what the router is doing internally. I.e., at idle the Peplink routers CPU can range from 17% to 35%. And I always thought it was Comcast that was causing variable speed test results!
I hope that Peplink engineers can rapidly confirm the Balance One Core speed test results, and then let us know what the next steps will be. Peplink has always been conservative in their numbers, so my hope is that there is some bug that is easily fixed, although my testing on 8.3.0 and 8.2.1 produced similar results, so this is not unique to 8.4.0 RC 1. Or will this take longer to remedy? Or worse, will we have to live with the reduced Balance One performance on version 9 and beyond?
Just a quick dotting-the-i’s question: Is your Balance One by any chance licensed with the 5-WAN upgrade (BPL-ONE-LC-5WAN)?
That drops the throughput to 400Mbps.
Cheers,
Z
1 Like
They are not. Good fact to know though! Thanks
I would not put too much faith in the CPU meter. My Core 1 pegs the CPU meter at 100% at 350 Mbps, so ignore it.
My Core 1 device has streamed at 803 Mbps at Ookla (single socket) last week, and regular tests at 600+
There is something dodgy going on. We have a Balance20X which appears to be the weak link in an office brance. Even if you look past the unfortunate marketing “1Gbit stateful firewall (as long as you don’t use any features)” we can’t get it to push higher thatn 200kB/s upload on WAN.
This is an image of me trying to download some of our footage from our remote server bahind the balance, plugged in directly to LAN1:
We have a range of other objects behind the balance we were hoping to have since upgrading to the Balance 20x:
- Servers offloading to of-site backup, not completing the backups
- CCTV streams, not really viewable
- VPN / File access
None of these are working.
Our ISP is a business line providing 400/40 uncapped without traffic shaping. Speed tests on site show less than perfect results on copper (100/30) and are much better on WIFI (150/35) when connected to the Balance internal AP.
The only features we are using on the Balance at the moment is the firewall and the AP. No QoS or anything like that.
I should add, that when downloading that same file over LAN it downloads full speed.
I’d say it’s screwed.
Are your WIFI clients on the same network?
We’re seeing the odd things in our office with this model too. Speeds don’t make sense.
We found LAN1 to LAN2 when using VLANs cripples speeds between the two ports.
I don’t know if this is the firmware or infact poor hardware. I’ve still got a ticket open with Peplink after one year trying to return our Balance20X as they were suffering memory leaks and not getting close to the advertised recommended users.
We were loathed to believe our issues were with the Balance 20X having upgraded to it so to make it a fair experiment, the tests were conducted in isolation - no interference from other clients/networks.
So I tried what you said and tested that just now and it’s exactly what you said.
Over WAN to the server I got 85kB/s
Over VPN to the server I got 220kB/s
Then I VPN’d to a test machine on the same network as the server and got 40MB/s
I put the test machine on a new VLAN/network and got a very unimpressive 4MB/s
The test machine and the server are on the Balance lan ports 1&2.
Where to go from here?
The 100/30 results you report are suspicious because 100Mbps quite often means that there is a bad Ethernet cable or other issue where the connection is at 100Mbps rather than 1Gbps. You can look at the port speeds under Status->Ethernet Ports, then click on each of the ports to see what speed they have negotiated. Your server will also have the ability to display its port speed.
If you have a smart switch laying around that passes VLAN tags, you can hook up your test machine and server to it to see what speeds you get. Note: I believe that the Balance 20X doesn’t have an internal switch, but rather runs LAN to LAN traffic through its CPU. So a smart switch can significantly offload the 20X if there is a lot of LAN to LAN traffic.
Edit: If you have a dumb switch, you can change the 20X port it is connected to from Trunk mode to Access mode with the appropriate VLAN ID.
What firmware version are you on where your “Core 1 device has streamed at 803 Mbps at Ookla (single socket) last week, and regular tests at 600+”?
FYI, I just upgraded to 8.4.0 RC 2 and retested. No difference from prior testing. And no significant difference on Ookla speedtest.net between Multi and Single streams (but it is the middle of the day when things are busier on Comcast).
8.3.0 build 5514. https://www.speedtest.net/result/14375998945.png
Account is supposed to be pegged at 400, but some days the limits come off. I have about 70 Outbound policy rules, and run the PepVPN to a Fusion hub elsewhere, for minor things. Not much else.
Since we’re having fun - let’s remove the middleman:
I don’t have a Balance One lying around. Ours are deployed on slower lines elsewhere, but I do have a B20X test unit, and since that was a model that came up in the conversation I might as well try a direct unit-to-unit speed test.
Test setup:
- A B20X
- A production-deployed MAX BR1 Pro 5G (marvellous device)
- B20X WAN connected to BR1 LAN
- BR1 running with WAN analysis server mode turned on
- B20X running with WAN analysis client mode turned on
Test:
Run the WAN analysis on the B20X (keeping in mind that the BR1 is busy with a slew of other clients besides the B20X):
Upload from the B20X:
Download to the B20X:
On another occasion I have run the same test between two routers (a B20X and a B380 HW6) that were not busy with anything else, and the link was then steady at close to 1Gbps).
If possible, run a test like this, without other devices in the middle creating noise, and not being dependent on the peculiarities of the various speed-test sites (e.g. fast.com seems particularly confused about multi-WAN routers).
Cheers,
Z
1 Like
WAN Analysis is excellent for establishing WAN capabilities. It does not include any LAN traffic though, so I discovered that it isn’t an appropriate test for Balance One throughput as it takes CPU to facilitate WAN to/from LAN transfers. While I hope WAN Analysis was doing Stateful Firewall checks, I can’t verify that. Thank you for running B20X tests!
On WAN Analysis between two Balance One’s (connected by 1Gbs switch), I get around 590-600Mbps. If I have a second web page up with the Dashboard to display CPU usage, this drops 10% to 540-550Mbps, once again pointing to the CPU usage on the Balance One Core being a bottleneck. This is on Balance One’s which have been factory reset running 8.3.0.
My conclusions to date are that the Balance One cannot consistently deliver more than 450Mbps on the fast.com speedtest and 300Mbps on the Ookla speedtest (everyone’s standard speedtest). It is possible to get an outlier event occasionally when the CPU isn’t running some sort of internal task. The best I’ve ever seen in weeks of testing is 530Mbps on fast.com (and that was without being logged into the Balance One).
The Surf Soho can consistently reach it’s rated 120Mbps. If you have a moment, I would appreciate if you will you please test the B20X with Ookla’s speedtest.net and fast.com.