If you are running polling then the share of userland vs kerneland needs to be altered. On a really busy dns server that would mean that the split between kernel workload and userland workload needs to be about 50/50. I cannot recall what our defaults are but I would suggest as hoba did to not run polling unless you spend quite a bit of time "tunning" it for your workload.

I'll retest bridge this evening with latest snapshot but I bet it's something else (tested it not too long ago already).

Thank you for the quick reply. I think I will just install Pound (http://www.apsis.ch/pound/) at a central point and forward all web traffic to it for redistribution based on requested URL. Again - thank you for the quick reply :-) If I ever learn how to create packages I will attempt a pound package. Cheers, jk

hmmm I found the problem … It seemed to be dns. Sorry guys and thanks for the help :-[ Thanks

:D  find the solution My modem is not ugly My provider is ugly ;D  (tele2) it refuses all connection to smtp server except for its smtp server (smtp.tele2.fr)  . Sorry for the problem. thanks all.

Firewallrules are first match wins from top down. You can't pass anything below that you already have blocked on the top. Just use your brain to evaluate your ruleset. Finally, if something is still blocked visit status>systemlogs. firewall and click on the small block icon in front of an undesired block to see what rule triggered the block.

After some more digging, a lot more digging. It seems that the problem is related to our fiber provider. Sorry if i implied that there was anything wrong with pfSense, I've been using it for months now in our school system and love it. Brian

Somethings that you could do to speedup the gameplay. 1. Make sure nothing is running on half-duplex 2. If your using a hub, get a switch (gig is overkill for xbox) 3. Adjust your MTU size 4. start running ping/traceroute tests and see if there's anything messed up with your internet connection As fire as the firewall optimization goes unless your trying to run a bit torrent client while playing xbox adjusting the settingsd from normal to agressive probably won't show much of an improvement. Try it though, if you can run with aggressive and nothing starts acting up the better as the firewall needs to keep track of less connections in this mode.

as hoba said, need more info. If you are running the traffic shaper make sure you set VOIP to the highest priority and make sure the rest is a lower priority.

You mean you have to add a package to IPCop to filter outgoing traffic from a lan?  Wow, I mean wow!

I don't think so, at least not the way it is implemented in the gui. squid also won't affect skype and/or yahoo at all afaik.

Correct.

Thanks Hoba for your help. So PfSense can do the work  :D I will take a try and report the result here ASAP Thanks again

See http://doc.m0n0.ch/handbook/examples.html for some suggestions. It's basically the same for pfSense.

bump And how about binding an IP-address to the LAN interface for management.

Please upgrade to the latest RC2g first ( http://forum.pfsense.org/index.php/topic,1820.msg11141.html#msg11141 ) first. If it then still doesn't work please provide some more information.

@dracunciliasis: Does anybody have it done? 'DHCP' might just be one of the best documented protocols on the Internet (and still, in 2006 things aren't always clear). So, yes - we all have the answer (as we have Google  :)). A first link gave me http://www.dhcp-handbook.com/dhcp_faq.html "for starters…" (look at question/answer A.7). Short answer : it uses UDP on port 67 & 68.

upgrade to the latest version. the rule is correct if you set the gateway to default.

Turn off reflection in System -> Advanced or move the web port from the standard port to something unique.