NTP is 100% UDP and with UDP your application (in this case the NTP service) is responsible for both sending out the queries and listening for replies. This is completely unlike compared to TCP where TCP does all the heavy lifting for you with setting up the connection and dealing with the return traffic. The consquence of this is that any application using a UDP based protocol has to listen on a socket to do anything, even if it’s just a client querying other servers.
Всем хорошего и доброго дня!!
Вопрос совсем детский.
Нужно для понимания работы лимитер.
Если использовать лиметер, при этом создавая правило на интерфейс Лан , где указывается in/out созданные лиметеры. (Т.е. для входа и выхода)
То вопрос в следующем… а не будет ли этот лимитер брезать скорость в локальной сети ??? По науке вроде как не должно быть . Но хотелось бы конкретики … Гуру отзовитесь !!
@atteast If you’re running WAN with IPv6 and/or have Bogons enabled to block on WAN, the next Bogon List Update (bogonsv6) will probably too large and crash those 200.000 entries. For a clean reload of rules etc. the table needs a size of double the count of entries and with bogonsv6 we are already near/around 100k entries. So that’s why you can see the GIT commit to change the default from 200k to 400k in future releases But yeah, that’s not device specific, all our devices/customers ran into that issue in early May.
edit: my bad, I read 200k, not 2M as you wrote. That of course is more then enough
Well, yes, I know. Nevertheless, FreeRadius is an “official” pfSense package (while, for example, MySQL is not). And FreeRadius3 is supporting (only???) MySQL 5.6 (latest stable 8.0!) and PostgreSQL 9.5 (with version 11.0 about to become latest stable!).
Or maybe, there is a way to use such latest versions which I’m not aware of? Then, why not integrate them into core?
Anyway, as already said, thanks every body for the great job!
