Speed Tests and Speed Optimization with Firewalla

Follow

Comments

24 comments

  • Avatar
    Sukumar Patel

    Which IP do we use in FWG when it's in router mode?

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    if you are doing local testing, it will be the gateway IP (of your network segment) of the Firewalla Gold. 

    0
    Comment actions Permalink
  • Avatar
    Chris Hewitt

    This doesn’t work with the Internet IP address - right?

    0
    Comment actions Permalink
  • Avatar
    mobius strip

    I've read that ISP's cheat and grant traffic priority to speed test websites to give their customers the dishonest appearance that the boosted results are accurate measurements that represent the customer's typical internet speeds...does the choice of speedtest providers have this in mind?

    I've read good things about self-hosting your own instance of librespeed is one such way of effectively combating this, just to put this out there in case the issue hasn't already been addressed....

    https://github.com/librespeed/speedtest 

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    Want to have speedtest cli on Firewalla Gold? This will tell you how fast your internet connection is right on Firewalla (no wifi or Ethernet involved)

    Firewalla will remove anything installed after upgrades so you can install a script to reinstall for you after firewalla upgrades and possibly reboots. See https://gist.github.com/mbierman/9ac6a35622ee5a0c631ed6f6ad74b722.

    Then you can run speedtest.

    speedtest --interface=eth0

    Or

    speedtest --interface=eth1

    if you have dual WAN and want to test WAN2

     

    0
    Comment actions Permalink
  • Avatar
    remotebloke

    The wget command doesn't work.

    pi@firewalla:~ (Firewalla) $ wget https://bintray.com/ookla/download/download_file?file_path=ookla-speedtest-1.0.0-x86_64-linux.tgz
    --2021-07-21 20:30:37-- https://bintray.com/ookla/download/download_file?file_path=ookla-speedtest-1.0.0-x86_64-linux.tgz
    Resolving bintray.com (bintray.com)... 108.168.194.93
    Connecting to bintray.com (bintray.com)|108.168.194.93|:443... connected.
    HTTP request sent, awaiting response... 403 Forbidden
    2021-07-21 20:30:38 ERROR 403: Forbidden.

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    Yeah, speedtest changed something. I'll update my script shortly. 

    0
    Comment actions Permalink
  • Avatar
    Sukumar Patel

    Why don't you just use Speedtest CLI?

    0
    Comment actions Permalink
  • Avatar
    remotebloke

    speedtest cli fails with:

    Traceback (most recent call last):
    File "/usr/bin/speedtest", line 11, in <module>
    load_entry_point('speedtest-cli==2.0.0', 'console_scripts', 'speedtest')()
    File "/usr/lib/python3/dist-packages/speedtest.py", line 1832, in main
    shell()
    File "/usr/lib/python3/dist-packages/speedtest.py", line 1729, in shell
    secure=args.secure
    File "/usr/lib/python3/dist-packages/speedtest.py", line 1009, in __init__
    self.get_config()
    File "/usr/lib/python3/dist-packages/speedtest.py", line 1081, in get_config
    map(int, server_config['ignoreids'].split(','))
    ValueError: invalid literal for int() with base 10: ''

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    Interesting. it is working correctly for me. Are you running the latest speedtest version?

    0
    Comment actions Permalink
  • Avatar
    remotebloke

    Yes I think so, I just installed it.

    speedtest-cli is already the newest version (2.0.0-1)

    0
    Comment actions Permalink
  • Avatar
    Sukumar Patel

    Weird, it's working fine for me.

    pi@firewalla:~ (The Patels FWG) $ speedtest -s 19081

    Speedtest by Ookla
    Server: Airtel Broadband - Mumbai (id = 19081)
    ISP: Airtel Broadband
    Latency: 1.98 ms (0.22 ms jitter)
    Download: 855.39 Mbps (data used: 677.5 MB)
    Upload: 913.85 Mbps (data used: 718.3 MB)
    Packet Loss: Not available.
    Result URL: https://www.speedtest.net/result/c/861224b7-7f6a-4e7c-bbe6-68cdb6fece26

    I followed the steps mentioned here

    Speedtest CLI - Internet connection measurement for developers

    ## If migrating from prior bintray install instructions please first...
    # sudo rm /etc/apt/sources.list.d/speedtest.list
    # sudo apt-get update
    # sudo apt-get remove speedtest
    ## Other non-official binaries will conflict with Speedtest CLI
    # Example how to remove using apt-get
    # sudo apt-get remove speedtest-cli
    curl -s https://install.speedtest.net/app/cli/install.deb.sh | sudo bash
    sudo apt-get install speedtest
    0
    Comment actions Permalink
  • Avatar
    Ben Someone

    Thanks for supplying this, makes me feel quite happy with the quality of monoprices cat6 cables! with a 16 port netgear switch in between the test computer and the firewalla I hit 1006.10 up, 999.33 down  2.49ms ping and 0.14ms jitter with a fairly standard dell win 10 system.  I've seen 1000 down briefly on internet transfers so I can safely say, the firewalla gigabit ports work properly!  

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    @Ben I don't know if this would interest you, but for fun I wrote a script that can capture speedtest data from both of my Firewalla WAN connections and send the data to a google spreadsheet to make some nice graphs. I'm running it 1/hour at least for now. It can also capture and save to a log file on Firewalla. You can turn off either of these if you don't want one or the other.

    2
    Comment actions Permalink
  • Avatar
    Ben Someone

    @Michael  oh my god that's a ton of beautiful data definitely awesome work there!

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    @Ben you are very kind. Thanks! 

    -1
    Comment actions Permalink
  • Avatar
    Sukumar Patel

    @Michael This looks great. However the --interface flag for my secondary WAN isn't working. I have set my WAN config to be in failover mode.

     

    pppoe0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST>  mtu 1492

    $ speedtest -s 9691 --interface pppoe0
    [2021-09-03 12:58:51.710] [error] Configuration - Timeout was reached (TimeoutException)
    [2021-09-03 12:58:51.710] [error] Configuration - Cannot retrieve configuration document (0)
    [2021-09-03 12:58:51.711] [error] ConfigurationError - Could not retrieve or read configuration (Configuration)
    [2021-09-03 12:58:51.711] [error] ConfigurationError - Could not retrieve or read configuration (Configuration)
    [error] Configuration - Could not retrieve or read configuration (ConfigurationError)

     

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    @sukumar, Sorry! I agree it would be nice to handle the failover use case. I will see if I can figure out a good way to determine which WAN is active and add that to the script.

    I don't know if you can access the WAN port if it is in failover mode. Maybe @Firewalla can clarify if that should be working or not. I can see why it might make sense that it wouldn't. 

    Temporarily at lest, you could of course leave WAN2 blank and test your primary WAN.

    2
    Comment actions Permalink
  • Avatar
    Michael Bierman

    @sukumar, actually I just put my FWG into failover and tested the second WAN and it worked fine. Are you sure pppoe0 is the correct interface? 

    0
    Comment actions Permalink
  • Avatar
    Sukumar Patel

     @Michael Yes its the correct interface. I will reach out to Firewalla with this.

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    Thanks @sukumar. I don’t have a ppoe connection so I can’t test. Let me know what the resolution is if you can.

    0
    Comment actions Permalink
  • Avatar
    Michael Bierman

    @remotebloke I fixed the script. Might be good to have because some Firewalla upgrades will overwrite Speedtest. 

    https://gist.github.com/mbierman/9ac6a35622ee5a0c631ed6f6ad74b722

    0
    Comment actions Permalink
  • Avatar
    Alex

    Hi community, I've run http://fire.walla:8833/ss/ test (using Cat7 cables) and I have similar picture as in the article: download speed almost 2x faster than upload. Any idea why? Is this something on Firewalla's side?

     

    [Update]: here we go. It is browser specific test. Chrome gives better picture, while Firefox has this imbalance. Same is applicable for ping and jitter. See below.

     

    0
    Comment actions Permalink
  • Avatar
    Dave Taylor

    Another useful diagnostic from the CLI is using ethtool to give you more details about WAN link problems.  Here's an example:

    $ ethtool eth0
    Settings for eth0:
            Supported ports: [ TP ]
            Supported link modes:   10baseT/Half 10baseT/Full
                                    100baseT/Half 100baseT/Full
                                    1000baseT/Full
                                    2500baseT/Full
            Supported pause frame use: Symmetric Receive-only
            Supports auto-negotiation: Yes
            Supported FEC modes: Not reported
            Advertised link modes:  10baseT/Half 10baseT/Full
                                    100baseT/Half 100baseT/Full
                                    1000baseT/Full
                                    2500baseT/Full
            Advertised pause frame use: Symmetric Receive-only
            Advertised auto-negotiation: Yes
            Advertised FEC modes: Not reported
            Link partner advertised link modes:  10baseT/Full
                                                 100baseT/Full
                                                 1000baseT/Full
            Link partner advertised pause frame use: Symmetric Receive-only
            Link partner advertised auto-negotiation: Yes
            Link partner advertised FEC modes: Not reported
            Speed: 1000Mb/s
            Duplex: Full
            Auto-negotiation: on
            Port: Twisted Pair
            PHYAD: 0
            Transceiver: internal
            MDI-X: Unknown

    Note the "Link partner advertised" lines, those tell you what the other side is capable of supporting, so if you're seeing slow throughput and getting "Link partner advertised link modes: 10baseT/Full / 100baseT/Full" then there's a problem with the upstream device.

    0
    Comment actions Permalink

Please sign in to leave a comment.