Geekzone: technology news, blogs, forums
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


218 posts

Master Geek

Lifetime subscriber

#248112 10-Mar-2019 21:54
Send private message

So, I had a bit of a journey with an OpnSense install and my VLAN setup (still ongoing). Mostly to my personal lack of networking know how.

After a week I got so frustrated I just bought an EdgeRouter ER-4. Everyone and their dog saying they are the best bang for buck. I have a Gig fibre and apparently this thing just works.

Well... While it is a pretty sexy box and the UI is marvelously slick and it is impressive. Two things are killer features.

A)My OpnSense box (admittedly easily outpowering the ER-4) gets about 100mbit more downstream and 200mbit more up (ER-4 maxxed out at about 720/280, where the OS box did 870/510)!! That's nothing to sneeze at. Especially the up, which is why I have that link in the 1st place. And then, killer #2 (which I missed before buying), the LAGG support is well...only really theoretical.

I did try a lot of settings and googling but no avail. Also the same issues as with OpnSense appeared so it wasn't that. I hope I can return the ER-4 on Monday otherwise there will be one going here. Still a good box but you can have more for less I guess. Just thought I'd share. I'd definitely go for it for lower rates but then probably a smaller ER would do the job too.

Create new topic
9546 posts

Uber Geek

Lifetime subscriber

  #2195362 10-Mar-2019 22:29
Send private message

This sounds like you have not got Offloading enabled (or are using a feature that disables it) on the Edgerouter 4. I am running one, and can get full line speed no problems:




This is on the EdgeOS v2.0.0 firmware. Post the output of "show ubnt offload".

2853 posts

Uber Geek

Lifetime subscriber

  #2195366 10-Mar-2019 22:44
Send private message

Have a look here, if you have not already done so. 


Also, try removing/disabling the majority of your firewall rules (of course leaving NAT in place) and see if that makes a difference.

"4 wheels move the body.  2 wheels move the soul."

“Don't believe anything you read on the net. Except this. Well, including this, I suppose.” Douglas Adams


1195 posts

Uber Geek

Lifetime subscriber

  #2195368 10-Mar-2019 22:48
Send private message

ER4 here, no complaints



218 posts

Master Geek

Lifetime subscriber

  #2195472 11-Mar-2019 07:30
Send private message

Yes, offloading is activated and bar general block rule no firewall rules in place. As I said I would have expected what you guys see.

9546 posts

Uber Geek

Lifetime subscriber

  #2195700 11-Mar-2019 11:05
Send private message

olivernz: Yes, offloading is activated and bar general block rule no firewall rules in place. As I said I would have expected what you guys see.


As I believe you're on 2degrees:


1508 MTU - ONT Ethernet Interface.
1508 MTU - VLAN Interface.
1500 MTU - PPPoE Dialer.


Ensure you don't have TCP MSS clamping enabled. Also my offloading has the following enabled:


IP offload module : loaded
forwarding: enabled
vlan : enabled
pppoe : enabled
gre : disabled
bonding : disabled
forwarding: enabled
vlan : enabled
pppoe : disabled
bonding : disabled


IPSec offload module: loaded


Traffic Analysis :
export : enabled
dpi : enabled
version : 1.422


You didn't happen to set it up with Bridging enabled by any chance? There are a few things that disable offloading (see the link above).

3885 posts

Uber Geek

  #2195791 11-Mar-2019 12:40

Check the CPU load on the Edgerouter while doing a speedtest. If it goes to 100% or close to it, then you have done something that is causing offloading to be disabled.

Although I dont own an Edgerouter 4, I do have an Edgerouter Lite. And CPU load is only around 30% or so during a gigabit speedtest.

21 posts


  #2196191 12-Mar-2019 02:16
Send private message

I had a bad run initially with the Edgerouter 4.
First I had a faulty ONT LAN 1 port(not an ER issue), then I was not overly impressed with the version 2.0 firmware.
I find the latest stable 1. mainline firmware much more robust, 1.10.9 was installed today.

Now as for my 2degrees connection, I get around 935Mbit/s down and 400 up, as per my plan.
This is with hardware offload enabled.
This is with a few firewall rules.
This is with DPI enabled.
This is with QOS *disabled*, as soon as I enable FQ_CODEL, SFQ, PFIFO or any QOS my speed drops back to half of the above if that. PFIFO was the worst performance wise.

If I would do it again I would probably do PFSense.

Early days for a conclusion but 1 year warranty for an ER4 at $350 retail, I do not know, looks borderline to me.
But as for your question, the ER4 can do wire speed no problem
In fact, I would go as far as you would not even need a network switch, when I tested it without it using the bridge, it delivered wire speed just fine.
Now it is plugged into a Netgear GS105 and that small switch is impressive, does 940Mbit all day long.



218 posts

Master Geek

Lifetime subscriber

  #2196495 12-Mar-2019 12:48
Send private message

Hi all,

Thanks for that. Probably missed something in the config. HW offload was properly enabled (was on 1.10.9).

Anyway managed to give it back an am back on my OpnSense. Since I had the same issues with both it must be something downstream. I have the HW anyway so why spend the extra money. Especially since OpnSense doesn't have any issues with my LAGG LACP connection to the switch.

And yes, no private household will ever need that firepower but I am trying to learn as it peripherally aids me at my work.

Thanks for the support! And I wouldn't knock the product especially since everyone but me is managing (common factor in the problem here is me ;-)

Cheers Oliver

278 posts

Ultimate Geek


  #2196497 12-Mar-2019 12:56
Send private message

Just out of curious, where did you get yours from?

Create new topic

News »

HP unveils new innovations for businesses adapting to rapidly evolving workstyles and workforces
Posted 17-Sep-2020 15:36

GoPro launches new HERO9 Black camera
Posted 17-Sep-2020 09:45

Telecommunications industry launches new 5G Facts website
Posted 17-Sep-2020 07:56

New Zealand ranks 3rd in world in GSMA index
Posted 15-Sep-2020 10:13

Trend Micro Security Suite adds web monitoring to prevent identity theft
Posted 14-Sep-2020 15:37

NVIDIA to acquire Arm for US$ 40 billion
Posted 14-Sep-2020 12:27

Epson launches its next gen A3+ colour EcoTank multi-function printer
Posted 10-Sep-2020 16:08

Sony launches three new native 4K SXRD home cinema projectors
Posted 9-Sep-2020 18:00

Catalyst Cloud brings Kubernetes-based open-source web hosting solution to market
Posted 9-Sep-2020 17:54

Verizon Connect eyes further growth in New Zealand
Posted 8-Sep-2020 09:26

PNY launches XLR8 gaming NVIDIA GeForce RTX 30 series powered by the all-new NVIDIA Ampere architecture
Posted 3-Sep-2020 16:39

NVIDIA delivers greatest-ever generational leap with GeForce RTX 30 Series GPUs
Posted 3-Sep-2020 16:17

Weta Digital advances visual effects and animation in the cloud with AWS
Posted 2-Sep-2020 17:09

Kiwrious lab-in-the-pocket kit designed for schoolchildren
Posted 28-Aug-2020 09:03

Fitbit introduces Sense, its most advanced health smartwatch
Posted 26-Aug-2020 10:14

Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.

Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.