My Balance One Core routers gets around 300Mbps maximum when connected to my 1.2Gbps Comcast service. Peplink advertises Balance Ones at “600Mbps Stateful Firewall Throughput”. I have tested 3 different Balance Ones, all on the latest firmware – 8.3.0 build 5514. All run at half speed their rated speed. I even factory reset one of them and then tested. Same thing.
A Firewalla Gold Plus has no problem reaching 900Mbps or more with my MB8600 modem.
The three Balance Ones all redline the CPU at 100% running the speed test at 300Mbps (Ookla, Waveform, etc.).
My memory is that Balance Ones were getting at least 375Mbps a while back, which at the time was my provisioned Comcast speed (Comcast keeps raising my download speed, most recently to 1.2Gbps).
What gives and can anyone else get better throughput on their Balance One running 8.3?
Testing Notes:
Tested with multiple computers and Ethernet cables
Made sure Mitigate Bufferbloat was disabled which made no difference to download, just upload as expected since Peplink only enables fq_codel for upload at the current moment (version 9 should fix this)
Tested the prior 8.2.1 build 5372 which made no difference
Tested a Balance One connected to a LAN port of a Firewalla which is getting 900Mbps+ from the modem but that didn’t help either
Tested a Surf Soho in place of the Balance One. The Surf Soho reached 123Mbps on 8.3 build 5122 which is right in line with its advertised 120Mbps Stateful Firewall Throughput. The Surf Soho CPU ranges between 84-100%.
Resolved 9/12/23: Ookla speedtest.net 767/174 Mbps achieved on 1Gbps/1Gbps fiber with Edge browser (Win 10), Single Connection, and not logged into the Balance One router (avoids using extra CPU). See details below.
I believe the test that I mentioned where “I even factory reset one of them and then tested” disables everything. Please let me know if that is not true.
I hope one can expect that a Peplink product will meet specification right out of the box.
There is something that is eating up the entire CPU on Ookla speedtest.net with the Balance One Core. Testing was done after resetting the Balance One to factory defaults. Wireshark showed some packet differences:
Speedtest.net 100% CPU at 300-360Mbps. Wireshark shows packet lengths of 1454.
Fast.com was around 90% cpu at 440Mpbs. Wireshark showed packet lengths of 1454 with “TCP segment of a reassembled PDU”. @soylentgreen, I wasn’t able to match your 640Mbps using Fast.com; 440-450Mbps on 8.2.1 and 8.3.0.
Firewalla internal router speed test was 75% cpu at 650-700Mbps. Wireshark showed packets of length up to 58,000 with Wireshark noting some packets as “TCP segment of a reassembled PDU”.
Perhaps Peplink can chime in too. And perhaps do some testing of their own. At a minimum, it appears that the different types of speed test packets as shown by Wireshark are causing some CPU differences.
I did some repeat testing, and that 640mbps was a bit of an outlier. Repeat tests on fast.com were closer to 450, and my CPU was pegging close to 100%.
So if you are getting 450 also on 8.2.1 that sounds about the same as me…
I tested on 8.4.0 RC 1. The results were the same. I then posted the following on Firmware 8.4.0 RC 1:
There is definitely a real world performance problem with Balance One Core with 8.4.0 RC 1 (build 5585) not reaching is rated 600Mbps stateful firewall specification. It is reaching 300Mbps on Ookla’s Speedtest.com, the gold standard speed test for most people, and 450Mbps on Fast.com which increases the size of their average payload. Ookla sticks with the MTU size, a reasonable real world test approach.
This has been verified for multiple Balance One Core routers, and by more than one person. I bench tested three different Balance One Core routers, after resetting to factory defaults, on a 1.2Gbps Comcast line using a Firewalla Gold Plus in between a 1Gbps modem and the Balance One, then in between Surf Soho. The Firewalla easily reaches 900Mbps. The Surf Soho reaches 120Mbps on Ookla and Fast, its rated speed. The Balance One Core is reaching 50% of its rated speed on Ookla and 75% of its rated speed on Fast.com, the same results as when directly connected to the 1Gbps modem.
The difference between the Surf Soho and the Balance One Core is the CPU usage. This is particularly evident when running the Firewalla internal speed test where the Surf Soho can reach 140-150Mbps at 70-80% CPU while the Balance One Core can reach 550Mbps to 650Mbps at 90-100% CPU. The Firewalla uses much bigger packet sizes than the modem MTU to achieve this.
I also discovered that the difference in speed tests results is highly dependent on what the router is doing internally. I.e., at idle the Peplink routers CPU can range from 17% to 35%. And I always thought it was Comcast that was causing variable speed test results!
I hope that Peplink engineers can rapidly confirm the Balance One Core speed test results, and then let us know what the next steps will be. Peplink has always been conservative in their numbers, so my hope is that there is some bug that is easily fixed, although my testing on 8.3.0 and 8.2.1 produced similar results, so this is not unique to 8.4.0 RC 1. Or will this take longer to remedy? Or worse, will we have to live with the reduced Balance One performance on version 9 and beyond?
There is something dodgy going on. We have a Balance20X which appears to be the weak link in an office brance. Even if you look past the unfortunate marketing “1Gbit stateful firewall (as long as you don’t use any features)” we can’t get it to push higher thatn 200kB/s upload on WAN.
This is an image of me trying to download some of our footage from our remote server bahind the balance, plugged in directly to LAN1:
We have a range of other objects behind the balance we were hoping to have since upgrading to the Balance 20x:
Servers offloading to of-site backup, not completing the backups
CCTV streams, not really viewable
VPN / File access
None of these are working.
Our ISP is a business line providing 400/40 uncapped without traffic shaping. Speed tests on site show less than perfect results on copper (100/30) and are much better on WIFI (150/35) when connected to the Balance internal AP.
The only features we are using on the Balance at the moment is the firewall and the AP. No QoS or anything like that.
I should add, that when downloading that same file over LAN it downloads full speed.
We’re seeing the odd things in our office with this model too. Speeds don’t make sense.
We found LAN1 to LAN2 when using VLANs cripples speeds between the two ports.
I don’t know if this is the firmware or infact poor hardware. I’ve still got a ticket open with Peplink after one year trying to return our Balance20X as they were suffering memory leaks and not getting close to the advertised recommended users.
We were loathed to believe our issues were with the Balance 20X having upgraded to it so to make it a fair experiment, the tests were conducted in isolation - no interference from other clients/networks.
The 100/30 results you report are suspicious because 100Mbps quite often means that there is a bad Ethernet cable or other issue where the connection is at 100Mbps rather than 1Gbps. You can look at the port speeds under Status->Ethernet Ports, then click on each of the ports to see what speed they have negotiated. Your server will also have the ability to display its port speed.
If you have a smart switch laying around that passes VLAN tags, you can hook up your test machine and server to it to see what speeds you get. Note: I believe that the Balance 20X doesn’t have an internal switch, but rather runs LAN to LAN traffic through its CPU. So a smart switch can significantly offload the 20X if there is a lot of LAN to LAN traffic.
Edit: If you have a dumb switch, you can change the 20X port it is connected to from Trunk mode to Access mode with the appropriate VLAN ID.
What firmware version are you on where your “Core 1 device has streamed at 803 Mbps at Ookla (single socket) last week, and regular tests at 600+”?
FYI, I just upgraded to 8.4.0 RC 2 and retested. No difference from prior testing. And no significant difference on Ookla speedtest.net between Multi and Single streams (but it is the middle of the day when things are busier on Comcast).
Account is supposed to be pegged at 400, but some days the limits come off. I have about 70 Outbound policy rules, and run the PepVPN to a Fusion hub elsewhere, for minor things. Not much else.
