If you have build tools on the firewall you have to ensure only the right users can run them or the result, which is an attack surface in itself. Yeah, there are a number of threads here on the forum from people trying to use this card and I don't see anyone who managed to build a driver for it. Steve

@areckethennu said in Memory Usage High in 22.01?: I also switched to ZFS. That alone will cause the system to use more RAM than it would with UFS.

Mmm, it could always be some coincidental fault and nothing to do with the update.

None of that stuff has been necessary for some versions now. But likely won't hurt. If you need custom loader variables though you should put them in /boot/loader.conf.local (create that file). The loader.conf will be overwritten with pfSense changes/upgrades. You see any errors on the interfaces? Anything in the system logs? Clearly not a loading issue. Steve

@bbcan177 said in updated to 22.01 - SG1100 high CPU usage '/sbin/pfctl -vvsr': https://www.reddit.com/r/pfBlockerNG/comments/sk9txi/ip_block_logging_not_working_pfsense_260rc/hvv99s1/?utm_source=reddit&utm_medium=web2x&context=3 Installed the patch and it solved it! Thanks!

You can policy route specific destinations to use the VPN gateway but you need to define them. That means it's easy for small sites with static IPs but more difficult for anything with a lot of IPs and almost impossible to match 100% for something like facebook.com. It is possible to define an alias using an ASNumber which can be used. pfBlocker can update that automatically. Steve

@chpalmer WOW! At least I have worked in an cable head end. I find I tend to know more about some of the things than the "support" people do. Then again, half a century of experience in telecom, computers and networks may contribute to that. When I had a problem with IPv6 about 3 years ago, I found I had to teach even 2nd level support and a senior tech the finer points about it. BTW, I used to do 3rd level support at IBM.

How are those interfaces physically connected? You have log entries there showing the NICs losing link, like the cable was disconnected or whatever they are attached to rebooted. Now I would normally call into question the Realtek NICs have but there are also logs for em0 losing link. Steve

Hmm, odd. I wouldn't expect anything to change there unless the NICs themselves were changed. Sometimes editing the config file directly is the easiest way. You just have to be careful. It's all too easy to make a typo and end up with something that won't load. Re-assigning interfaces like that is a typical scenario where editing the file is often the simplest solution. You shouldn't need to change anything in the rules, the only definitions using the physical NICs would be the Interafaces and LAGG. Even the VLAN should noy be in your case because they are on lagg0. Steve

OK thanks. There's definitely some issue there. We are trying to pin it down.

Nice. I would recommend moving to a symmetric routing design though. At some point that will come back to bite you otherwise. Steve

@mer I did have to do some hardware config with my proxmox server that also have pfsense so I did have to shutdown a few minutes. When I did power up everything I notice now the firewall show right time so now everything works :) Feel strange that I have to do a restart of pfsense :) Thanks alot for all the help and support.

Yes, if you hit that issue the install/uninstall script hangs when it's finished. That stalls the package reinstall process so any other packages that haven't yet been installed will not be until you kill the script. It should then install the others though. Steve

@jknott I know the difference between UDP and TCP. I have started to isolate traffic. You gave me an idea. I will get a raspberry pi, and will connect it to ISP router, and will record any interruptions, to see if it occurs at the same time of my netgate. I've being using pfsense for the pass 5 years (VMs and netgate boxs from small to medium sizes like 7100 series) and never encounter any issue like this, but you know, sometimes after a while we start questioning all the parts.

@sf Use firewall rules on your LAN interface to direct all traffic from specified LAN IPs to the gateway you want. pfSense calls it Policy Routing: Policy Routing Configuration Placement of the rules are important as the order matters so make sure you place your rule so that it matches the traffic before other general rules.

Hmm, Nextcloud adding forwards with UPnP?

@chudak See this thread for a comparison. Right now they are similar. Long term, the FAQ (from a year ago) mentioned in an earlier post in that thread talks about a new GUI and other things.

@proxymoxy thank you, i had the same situation here, restarting php-fpm solved it. Don´t know what happens after next reboot ....

@stephenw10 I just like small steps to understand what I'm doing

@spacey said in Going on day 9 without home internet and what caused it was experimenting around and trying to find the best possible configuration for my 2.5GB NICs intel 11th gen Mini PC that receive recently: I don't know why I'm even paying for sense plus when I get this kind of customer support0 Please give me your support ticket number so I can review this. I still see no tickets from this email address so I assume you used a different one. Which would make sense since I don't see any support subscriptions on it either. @spacey said in Going on day 9 without home internet and what caused it was experimenting around and trying to find the best possible configuration for my 2.5GB NICs intel 11th gen Mini PC that receive recently: What I don't get is why static assign devices like my iPhone for example or my PC can't communicate with another statically assigned device in DHCP or even my switch for example it would refuse the connection If those devices are in the same subnet that traffic doesn't go through pfSense at all. So I would look at something in the same layer 2 like maybe port isolation on the switch. @spacey said in Going on day 9 without home internet and what caused it was experimenting around and trying to find the best possible configuration for my 2.5GB NICs intel 11th gen Mini PC that receive recently: it would show that there's no bootable device found and I went through bios settings Either the install image is not on the USB stick correctly (try using Etcher) or it's a BIOS like you looked for or it's a hardware issue like a bad USB driver or bad port. Steve