I am currently using VOIP.  It is set up on my LAN behind my (off the shelf) D-link router.  As far as I know, nobody has has invaded my network - this was more of a theoretical question, as I pondered whether there might be a security vulnerability in my network (i.e. could someone take over my VOIP device and use it to launch an attack on other devices in my LAN?).  Would it be considered best practice to run the VOIP on its own vlan or is that overkill? And also for open VPN - this was also theoretical - how difficult would it be for someone to penetrate through that hole if I used 2048 or 4096 bit keys, and combined it with user authentication?

Thanks. I'll keep an eye on internet connection.

=changed OS to 2.2.4 and it works =replaced the ssd and it works with 2.2.6 as well

ok that did not seem to matter I set the MTU to 1470 and no difference. I even ran ifconfig and the settings did change to 1470 in there. Does the hard drive affect the throughput on the network cards? I have another PC in the shed I might drag it out and test that. See if it produces the same results, I had another 3 NIC brand new as well in the shed will try them also but this board only has 1 PCI slot why I had to go with a seperate dual port intel card for it lol

OK, thanks jimp. I'll have to change path for these logs.

you should be able to replicate a outage by unplugging the cable from your modem, The one that comes from the wall socket. I wouldnt pull out the cable between the modem and PFsense as it could be a miss match in communication from the modem and router. As I say mine works fine on the default autoselect (one at the very top) but not when its just plain autoselect. But if you know what it always uses then setting it manually like you have should work. Just run some test to make sure it is not affecting performance.

Increase mbufs. See nic tuning on the wiki

Ping doesn't actually measure network latency, it measure's network latency plus the network stack of the host OS. It's very possible you're just seeing network scheduling fluctuations.

@lovene: I need to audit all firewall activity but cannot achieve this. I need to print audit reports of all changes. Exactly what do you mean by "all firewall activity"?  All packets in and out, blocked packets, passed packets?  Logins?  File changes? "All" has the potential to cover a lot of ground, specific help requires specificity of what you are trying to accomplish.

whats the output of ifconfig -a?  Is your WAN interface at the correct speed and duplex?  What did you do with "traffic shaping"?

I see squid running. I bet you had a memory spike once or more that caused some pages to get swapped out, but those pages have yet to be referenced again and just stay in limbo until the next time they are needed. Also, you don't need to reach 100% memory usage to get paging. Memory gets fragmented and if there are no large enough contiguous segments, the kernel may need to swap out pages to effectively defrag the memory.

@Derelict: pfSense will do multiple scopes just fine. It just can't be configured to accept helper requests from multiple subnets on one interface. Well that's just silly.

your typical off the shelf router is a firewall as well, it just has limited features in allowing configuration of the rules.  Many of them have very limited outbound controls, and inbound are all pretty much just port forwards with varying degrees of features depending on the make and model. But in a nutshell out of the box pfsense is same as any off the shelf home router in what it does.  It nats, all inbound traffic that is not direct answer to a request is blocked, while the default outbound rules from lan are any any.  This is pretty much what every off the shelf router does. Where pfsense allows you to go way beyond what any off the shelf router would allow you to do when you want to get fancier than that.  But if you want to use it like that - that is pretty much how it is out of the box. And yes you could even enable UPnP if you want it..  Where your off the self router is normally just an on and off checkbox, pfsense allows you to get fancier with allows and deny specific ports or deny from all except a specific IP to request, etc..

BTW, there is a dedicated IPv6 forum.

Please can someone give me a hand on this one?????