almost every software vendor/developer on the planet uses 'AMD64' to point out that its designed for a modern 64-bit cpu. (also known as x64, x86_64 ) https://en.wikipedia.org/wiki/X86-64#Industry_naming_conventions

@Derelict: Is there a hardware difference? Yeah like purpose-built ASICs in even the cheapest switches.  They switch in hardware, not software.  Even "real" switch performance starts to suffer when you do things with them that have to happen in the CPU. Ok, that makes sense. Thanks for you help!

does it happen when you try and run any other tools like netstat or ping, etc. Did you do a simple SFC ?  So is this on windows 8.1 or 2k12? So I take it your running gpupdate this is a work setup, just re image.. what 10 minutes.

@NickM: Hi Guys, I have installed latest pfsense and this is the scenario: em0 - wan (DHCP) em1 - lan (192.168.0.1/24) WAN interface gets ip and gw from dhcp server, but for some reason it has no internet connection. While i try to ping my DHCP GW i get reply, as well as while pinging DNS servers (i have 3 on my network). Checked routes table and they are the default ones generated by pfsense. I have tested that network cable on another Vbox pfsense test machine and it worked like a charm. Can anyone think why internet is not working? Check you LAN interface setting. Make sure that LAN IPv4 is set to static and tracked is set in the next drop down menu. Other wise, rules to allow traffic of port 80 and 443 will not be automatically defined. If you add a 3rd interface, such as I did for use with a WiFi access point, that you do not have this interface set as tracked and you copy the NAT rules from the LAN interface to the additional interface. I struggled hard initially with this issue.

Just checked mine and is is running gigabit. ASG120 REV4. [image: Screenshot.png_thumb] [image: Screenshot.png]

Googled and found this freebsd thread: https://forums.freebsd.org/threads/camcontrol-error-sending-command.35548/ It turns out to just be an error from attempting to disable APM on the card (which is denoted by the first line before and after the error). My first thought was that the card didn't support APM, but I ssh'd in and used camcontrol identify on ada0 and the card does indeed support APM: [2.2.4-RELEASE][admin@fw.localdomain]/root: camcontrol identify ada0 pass0: <sandisk sdcfhsnjc-008g="" hdx="" 7.08="">CFA-0 device pass0: 100.000MB/s transfers (UDMA5, PIO 512bytes) protocol              ATA/ATAPI-0 device model          SanDisk SDCFHSNJC-008G firmware revision    HDX 7.08 serial number        BKZ062415183916 cylinders            15501 heads                16 sectors/track        63 sector size          logical 512, physical 512, offset 0 CFA supported LBA supported        15625216 sectors LBA48 supported      15625216 sectors PIO supported        PIO4 w/o IORDY DMA supported        WDMA2 UDMA5 Feature                      Support  Enabled  Value          Vendor read ahead                    no no write cache                    yes yes flush cache                    yes no overlap                        no Tagged Command Queuing (TCQ)  no no Native Command Queuing (NCQ)  no NCQ Queue Management          no NCQ Streaming                  no Receive & Send FPDMA Queued    no SMART                          no no microcode download            no no security                      no no power management              no no advanced power management      yes no 0/0x00 automatic acoustic management  no no media status notification      no no power-up in Standby            no no write-read-verify              no no unload                        no no general purpose logging        yes no free-fall                      no no Data Set Management (DSM/TRIM) yes DSM - max 512byte blocks      yes              1 DSM - deterministic read      yes              zeroed Host Protected Area (HPA)      no [2.2.4-RELEASE][admin@fw.localdomain]/root:</sandisk> Perhaps because APM is already disabled? In any case, it's a red herring and not related to my hourly crashes at all.

Thanks cmb and doktornotor appreciate the help something new I learned.

Anyone with information on Forum

A L2 cache collision in the CPU I dont think will show in the CPU utilisation, nor will any caching done by any nics with onboard processing capabilities like intel nics. Have you tried packet capturing using a separate bridged device between pfsense and your workstation to see whats actually going on with the packets across the network, you can get a better idea of what the packets are really doing then? Might also be useful. http://blog.serverfault.com/2011/03/23/performance-tuning-intel-nics/

@jahonix: I don't want to open Pandora's box as far as wireless speeds etc. is concerned … Understood. My statements of performance are based on real world site surveys of my property, using NetSport Pro.  So my numbers are actually tests - not manufacturers spec.  I can share heat maps and documents if you're interested…  ;)

Snort is useful, but I'd also make sure as you dont/cant use vpn's of sorts, is put the devices that need open ports on their own isolated vlan or network interface (optX). This way firmware like for some webcams cant be updated and then be used to start probing and attacking your network from within as the brute force approaches becomes easier if the next hop from the compromised device is just to your firewall and another of your network segments. Also make sure those devices have explicit rules to prevent them from logging into pfsense if on your lan interface, at the very least. If you know that access to these devices is only going to be taking place with ip addresses from a certain provider, like say the ip address blocks assigned to your smart phone provider when you access your webcam, you can also put blocks in places to stop any ip address not assigned to your smart phone provider from accessing your webcam. At the very least pfblockerNG which blocks ip addresses at the country level could be useful if noone overseas is expected to have access. However I will say, as it invariably occurs, if access from abroad is going to take place like for a business trip or holiday, more common in Europe than say the US by virtue of land mass, you can still use pfblockerNG to allow access to those countries. I've done this for customers going on business trips abroad, but always make sure you know if they are taking any connecting flights in a foreign country as they will invariably check email, office cams whilst waiting for the connecting flight so making sure you know the IP address of the airport(s) is useful. This can also be automated with your own apps thats control the pfsense or a simple cron job in some cases depending on how you approach it. Food for thought….

Check the following logs when the problem happens again: System log Gateway log RRD Graphs - Quality

@Alixy: Are crash dumps saved anywhere on nano?   If yes, how would I access them? No they are not. Saving crash dumps requires swap space and NanoBSD doesn't have swap space (to keep disk writes low). @Alixy: If not, is saving the serial output the only way to see any crash info on nano? Yes that's the only way.

The gateway on an interface configuration page does a couple things: 1. Tells pfSense to treat that interface as a WAN 2. Defines were traffic exiting that interface should go (usually a WAN/ISP gateway address) If the interface is a WAN/Remote connection, it would be your next hop, typically an ISP address, CPE, upstream router, etc. For local/LAN type connections there would be no gateway specified on the interface.