networking
FreeBSD / pfSense slow network with Hyper-V
For some reason, it took me way too long to find information about this issue – so I’m writing another article that will hopefully help some people.
IT Ticket # 1337
Problem Description: Network performance through pfSense is extremely slow with Hyper-V
Software Versions: pfSense 2.6.0 and Windows Server 2022 (August 2022 patches)
Steps Taken Already: Confirmed hardware TCP offload is disabled; confirmed hardware checksum disabled; confirmed MTUs were correct.
Solution: Read on for the solution (hint: it’s a known driver bug, and for now only a workaround exists)
› Continue readingSTEVE – New chassis, 3D printing, fresh electronics!
Plenty has happened since our last post, and most of it can be summarized with the following picture.
Yup, lots of wires. New body, too. With my 3D printer back in service, cases were printed for the electronics, along with new wheels all around. These new wheels add around an inch of ground clearance, and better off-road traction.
As well, the first shipment of new parts has arrived: a USB WiFi adapter, an ultrasonic range sensor, H-Bridge motor controller, 9-DOF IMU and a temperature probe.
There are a lot of really cool developments in this post; let’s dive in.
Creating a Private + Guest WiFi Access Point (DD-WRT)
Recently I was asked to configure a WiFi access point for a small business, who needed to have both a private internal network, and a public guest network.
There are many privacy concerns when having guests share your network. Specifically, it is desirable to:
- Disallow access to any computers on the private network
- Prevent network abuse (such as P2P file sharing)
- Secure the access point itself from tampering or unauthorized access
Of course, all this needs to be done without impacting the desired service: Internet access.
Although I found many guides online for setting up a guest network when the access point was also the primary router, I didn’t find any that worked for the intended network. So, after some trial, error, and research, I managed to get it to work.
Bell Aliant FibreOP with a DD-WRT Router
This has been a long time coming. To summarize, Bell Aliant’s FibreOP Internet service includes a wireless router that has proprietary, limited firmware. It tends to suffer from latency and WiFi issues. So, I sought to replace it with my own wireless router! I ended up first building an overpowered but very functional pfSense Linux Firewall/Router.
Despite my monstrous UPS, I was not happy with the 1 hour run-time. The whole reason for the pfSense router was that FibreOP “hides” its Internet on a VLAN, which means a standard, consumer router will not be able to access the Internet. And from some forum posts I had read, it seemed DD-WRT was also incapable of it.
Finally, today, I pushed through and realized it takes only 4 simple steps to connect a DD-WRT router directly to the FibreOP modem.
Making Bell FibreOP Work With a pfSense Router
Atlantic Canada is very fortunate to have access to Bell Aliant FibreOP Internet. It is a legitimate Fibre-to-the-Home (FTTH) service, in the same price range as cable and DSL offerings. Speeds start at 50/30 (download/upload in Mbps) for $70/month without any promotions.
As great as the Internet itself is, the wireless router they include is the bottleneck. It is an Actiontec R1000H. Our biggest headaches with it were low WiFi throughput and frequent WiFi drop, but the interface was a little lacking in advanced features.
The logical solution is to use another router. Unfortunately, Bell has configured the service in a way that simply swapping in a new router will not work at all!
Through some research and my own trial and error, I was able to install pfSense to a spare computer, and take control of my Internet.
Disclaimer: Do not follow these steps if you have Bell’s IPTV service, as it will no longer work. There are other sites that describe how to keep those services working, but mine does not. As well, though there should be no impact, I advise against doing this if you have FiberOP Home Phone and rely on it for emergency communications.
This is not an easy task. It requires a very good understanding of computer networking, basic understanding of Linux networking terminology, and availability of network equipment (switches, wireless access points, cables, NICs). Chances are you found this page because you meet some of that description. Just know that if it isn’t working out, you can plug in the Actiontec and pretend it never happened.