@bingo600 Hello, You are correct, I do have capatable equipment. I'm Just trying to see what was the Minimum hardware for cpu, memory and hard drive space. But network cards are important as well.

Joseph

The dashboard shows the total usage across all cores. So on the 2100 that's 2 cores.
That could be both cores at 90% or one core at 100% and the other at 80%.

Diag > System Activity should show you what's using it. 90% is very high unless it's passing a load of traffic. Running top -aSH at the CLI shows the same thing
On a test box here I see:

last pid: 72786; load averages: 0.17, 0.32, 0.26 up 0+02:28:52 15:38:17 623 threads: 3 running, 595 sleeping, 25 waiting CPU: 1.0% user, 0.0% nice, 1.8% system, 0.6% interrupt, 96.7% idle Mem: 82M Active, 683M Inact, 643M Wired, 1902M Free ARC: 428M Total, 123M MFU, 282M MRU, 552K Anon, 3223K Header, 19M Other 360M Compressed, 743M Uncompressed, 2.06:1 Ratio PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND 11 root 155 ki31 0B 32K CPU1 1 136:03 96.78% [idle{idle: cpu1}] 11 root 155 ki31 0B 32K RUN 0 137:38 96.08% [idle{idle: cpu0}] 21079 root 25 0 139M 44M accept 0 0:10 1.39% php-fpm: pool nginx (php-fpm){php-fpm} 12 root -60 - 0B 400K WAIT 0 1:13 0.82% [intr{swi4: clock (0)}] 72404 root 20 0 14M 4788K CPU0 0 0:00 0.72% top -aSH 0 root -92 - 0B 448K - 1 0:47 0.42% [kernel{dummynet}] 23993 root 20 0 28M 8084K kqread 1 0:01 0.22% nginx: worker process (nginx) 12 root -92 - 0B 400K WAIT 1 0:11 0.12% [intr{pcib0,0: ath0}] 78950 root 20 0 11M 2708K select 1 0:09 0.10% /usr/sbin/syslogd -s -c -c -l /var/dhcpd/var/run/log -l / 89921 root 20 0 405M 361M bpf 1 0:39 0.09% /usr/local/bin/snort -R _28847 -D -q --suppress-config-lo 12 root -92 - 0B 400K WAIT 0 0:05 0.07% [intr{gic0,s42: mvneta0}] 57454 root 20 0 15M 2624K nanslp 0 0:04 0.05% /usr/local/bin/dpinger -S -r 0 -i GIF_TUNNELV4 -B 10.2.4. 9 root -16 - 0B 16K pftm 1 0:09 0.05% [pf purge]

Steve

Looks pretty standard. No errors shown.
Was is not passing traffic when that was logged?

Yeah, if you have alternative sound hardware and it's recognised I think you can set that be the system sound device and should it work. I've never tried that myself though.

Thanks everyone for the replies. Certificate has been renewed 👍

@keppler said in Network boot with IPXE:

@stephenw10 Thanks for the feedback. TFTP is very slow.

It always has been regardless of the server / hardware.

@bingo600 Thank you so much power cycling the modem worked!
So now I have the Ip from my ISP mapped to the new MAC address of the netgate.

Appreciate your help!!

@stephenw10 Of course, that's an excellent way, thank you. It doesn't look like DMZ is set up properly, there are some warnings in the firewall log, but they look odd and very consistent. Running ShieldsUP doesn't generate any output, and ShieldsUP result is also odd. Thank you for your suggestion, have contacted my ISP again.

Yes, you are correct; I currently have a pfSense+ subscription w. TAC-Lite and I would like to switch to a pfSense+ subscription w. Home/Lab

Thank you both. I will open a ticket.

I opened a chat with you. You can send it there.

@stephenw10
@steveits
No, It didn't lose power during the update, it just didn't come back online after the update.

I am getting the firmware reinstalled as of this message. no other way of this error sadly other than a full wipe / fresh install

Thanks so much! I've been trying to solve this problem for weeks. Tried to follow other tutorials, but for some reason, they didn't work. Found this and works like a charm. Thanks again.

@michmoor said in Poor performance over IPsec but not Internet:

I can only assume home residential broadband providers do this

I wish I could say it's limited to that. You might find it's not at either ISP directly but in some device that happens to be in the route between them.
It's not that uncommon to find routers that don't pass ESP at all or, worse, only pass it in one direction! The tunnel establishes using udp/500 traffic but cannot pass data at Phase2. Those are always fun. 😉

Steve

512MiB (536870912B) is the total allowed size PHP can use. It exhausted that when it tried to allocate an extra 928636928 bytes (885MiB).
So something is doing something it should not there because that can never succeed. The Backup package trying to backup something far too large I would suggest.

Steve

@viragomann

Thank You after applied new version. It's works fine

@capitanblack said in CE 2.6.0 boot stuck at Synchronizing user settings...:

besides fixing the LDAP server asap.

"unstuck " is the same as "no access" in this case.
That's the next best situation, as this is related to security.

See it as a credit card : if you lost your PIN, there is no 'plan B'.

While this system of keeping an active list of a company's netblocks works great -- beware. It can suck up memory and result in "cannot allocate memory" errors. Example: building a list for Apple (AS6185) will give you a large list of small netblocks in 17.x.x.x. However, "whois 17.0.0.0" shows that 17.0.0.0/8 is a direct allocation to Apple, so specifying a network alias with a /8 takes a lot less memory. Google is even worse with 7400+ IPv4 netblocks from the whois ASN output.

@steveits You are correct that my original post was referring to Google's May 30, 2022 deadline turning off third party app support. I think perhaps I read more into this than I should - but we'll know for sure in about 6 weeks. In the meantime - I have set up 2FA and set up an App password for pfSense. Notification is all working well for now. Thanks to all for their advice.

I do wish pfSense provided a little more control of which notifications to send, but that is a different topic.

@panja said in Not your average "internet speed" problem...:

options do I have...

One : you deal with what you have, and you made it work for you !!

To rephrase what I said above : it might work, as is was sold to you with the idea that it would work.
I've been using Realteks half my live and wasn't really bothered with them. I did have several NICs in advance, as they just don't 'live' very long.
These days, I always disable build in NIC's, and add quad Intel branded NIC in systems.

When I buy material, I always check what the used hardware is. The price, shape and colour details comes next.