@johnpoz:

Huh… Where did Gertjan say you should do a fresh install?

A fresh install might be good idea if your on say 2.1 trying to go to 2.4 etc.. But you should never be there, you should upgrade asap after new versions are released.. 2.4.x+1 and p1 and p2, if they release, etc..

When they make a statement on if any upgrade caveats, etc.. But I had upgraded through all the 2.x to 2.4... I only went fresh install when I moved to sg4860 vs VM, etc.

Sorry English is not my language so I struggle a bit. Okay If an in place upgrade is possible there is nothing better than that.

Thanks.

set the desktop here to an outside source this morning earlier..    Ill play some more later this weekend.

time2.jpg
time2.jpg_thumb

Sure, but I said "most", not "all".

Can your switches export the Netflow instead?

Yeah it happens ;)  Just wanted to clarify it since users might take it as gospel vs just a typo…

UPDATE:

Noticed some threads describing same isssue here
https://forum.pfsense.org/index.php?topic=145990.0

SYSTEM > ADVANCED > FIREWALL and NAT >

Firewall Max Table Entries increased from 200000 to 500000

Will see if that fixes it.

@Pippin:

@JohnSCarter:

To anyone who's interested what I was referring to is called a VPN Kill switch, it disables all network traffic that's not going through the VPN to ensure 100% that all traffic is VPN'd.

Not exactly.
A kill switch prevents traffic going out WAN if VPN is down.

What almost never comes up as a question is NTP, pfSense update servers and maybe more.
Can put it in an alias, etc…...
Do a tcpdump to see what is not leaving through the VPN.

I can't find tcpdump within pfSense, is there a command or somthing?

Also do you happen to know how I would router one OpenVPN connection through another OpenVPN connection?

For my answer I just did a forum search and Ivor definitively answered it last year.

https://forum.pfsense.org/index.php?topic=138273.0

Munin doesn't make Excel sheets neither (Excel does  ;))
But it does work on pfSense.

Hi Kevin,

Sorry to resurect an old post but did the System Tunables resolve your Vonage phone BLF issues? I'm having similar with some Polycom phones on a Gamme PBX system.

Packet capture shows successful UDP defragmentation on one ofSense box and not on the other!?

Comments would be appreciated.

Tim

You are right, I move my post to "Virtualization installations and techniques"

@Admins
Please remove this post.

It's a Kirby Lake generation Xeon so it's pretty new and supports AES-NI.
I've also understood from multiple sources that oVPN should support multithreading if multiple tunnels are used.
Guess I'll have to test to find out if I can get the required throughpit.

Thanks :)

@ethanh100:

Hi, I am setting up my first Pfsense box and have a few questions about NICs. The system I am planning on getting (Dell Poweredge 1950 III) has dual gigabit lan. I planned on having one of these on WAN, and then getting a newtwork card for the output of the LAN. THe other mobo port would be used for the other virtualized systems on that server. Does this make sense? If I were to get a NIC however, it would most likely have 2 ports, so should I just have LAN/WAN on that one card or in the way I described previously. And if I did it the first way, would it make sense and even be possible to take both those ports and plug them into the switch, just so I have double the throughput at that point, or is that pointless? Sorry about all the questions, this is my first time building a router so I just want to make sure its right. Thanks so much!

I would just use the dual NIC already on the machine, and get a manageable switch for your VLAN.

Seeing as nobody knows i eventually found the answer - if you goto Status\System Logs\Settings and look at the section titled "Log file size (Bytes)" you will see how many MB your logs are using there.

There really should be a cross check here to make sure if you chose to log to memory that there will be enough available to boot.

Edonkey… Wow... People still use that??  is it 2005? ;)

@stephenw10:

Are you running 2.4.3?

The was an issue with mbuf leaks in that showed especially badly with the cxl driver. That has been fixed for a few versions though.

Check the Status > Monitoring graphs for mbuf cluster usage.

When you say 'completely locked up' does it stop responding at the console? Try pressing Ctl-T at the console if it appears non-responsive, what output does that give?

Steve

I have been on 2.4.2 since it was released, I upgraded to 2.4.3 after the most recent lockup.
Next time it happens I will try the console and see if ctrl+T does anything. Both the web connection and console did not function when this happens, but I didnt try the ctrl+T thing so ill have to see.

Nope. Never seen it. Though "INIT" means it thinks the interface is down/unplugged. Countless people using VLANs on a lagg and CARP. Though most I have seen are using LACP, not a static group like you are.

No, but there is a public Slack and IRC ( #pfSense on freenode )

Yes sir john. Different subscribers i have this:

everything is fiber which is speed of light what speed transmit the receive is they same speed right?
I have FTTH (fiber to the home) in every household and different areas.

so the upload is  all of  theme is open for the corporate only because more on sending email, posting photos, uploading files etc. while the download you have to limit specially saving bandwidth.

which is  download is for opening web page, receiving email, watching online videos. etc.

and also  the residential subscribers you have to limit of theme.

single user (1pc): upload –---->512 KB | Download-----> 1024
offices (maximum 6cpc): upload ------>open bandwidth | Download-----> up to MB upgrade
Internet cafe (maximum 20 pc): upload ---------->Mb | Download------------->Mb
Corporate (maximum 50 pc): upload ------>open bandwidth | Download-----> 4 MB

sir john this is right to limiting bandwidth?
what is your suggestion?

"all of that Disturbing IDM"  :'(