Fixed Poor Netflix Performance with pfSense
I was having terrible Netflix performance when connecting through my pfSense 2.3 router (running on XenServer 6.5), but Netflix was fine when I bypassed pfSense altogether or when I connected to Netflix through my StrongVPN connection passing through pfSense.
After much research, investigations, and Wiresharking, I made the following three configuration changes that seem to have fixed the problem.
From the System / Advanced / Firewall & NAT config page:
- In the Firewall Advanced section, in the IP Do-Not-Fragment compatibility row, I selected the checkbox for Clear invalid DF bits instead of dropping the packets.
- In the Network Address Translation section, in the NAT Reflection mode for port forwards row, I selected the combo box item Pure NAT (was previously Disabled).
- Also in the Network Address Translation section, in the Enable automatic outbound NAT for Reflection row, I selected the checkbox Automatic create outbound NAT rules that direct traffic back out to the same subnet it originated from.
Screenshot of changed settings:
I have no idea how well this may work for you, but give it a try.