Ah, OK. Since you haven't altered the bridge sysctls they will be set to filter on 'bridge members' and not the bridge interface.
What firewall rules do you have and where are they?

Steve

Edit: Look's like Wallabybob's got your back in the other thread.

The CPU is just sitting idle. It never peaks - eg I can sit there in console with vmstat and not see anything significant.

I'm using a power brick from an old Linksys modem - I forget what it's delivering, exactly, but it's right/above what the ALIX was designed for (I double checked when I started using it).

I don't have access to the modem. I've not been able to get into the interface yet, like I have been able to with different modems in the past.

Latency isn't really a "problem" - it's "normal" for what can be expected for around here, maybe even a little on the good side (30ms average for in-state type connectivity, 50-80ms for elsewhere).

Statistics on the WAN interface right now (9 day uptime - I have it scheduled to reboot twice a month on the 1st and 15th) are:

Media 100baseTX <full-duplex>In/out packets 67722571/67602120 (53.00 GB/46.54 GB)
In/out packets (pass) 67602020/67949144 (52.98 GB/46.54 GB)
In/out packets (block) 120551/100 (14.90 MB/7 KB)
In/out errors 0/0
Collisions 0

I've never seen an in/out error that I can recall.

I can ping eg. google.com all day without any packet loss and 60-65ms latency. Even with a larger packet size (eg ping -s 512 google.com) - I still have low enough jitter for VoIP to be usable.

54 byte packets:

–- google.com ping statistics ---
137 packets transmitted, 137 received, 0% packet loss, time 136181ms
rtt min/avg/max/mdev = 62.516/68.732/155.162/17.354 ms

512 byte packets:

--- google.com ping statistics ---
145 packets transmitted, 145 received, 0% packet loss, time 144199ms
rtt min/avg/max/mdev = 62.938/65.415/138.578/6.573 ms

(Ironically, the larger packets have a shorter round trip... which makes sense due to prioritization I suppose.)</full-duplex>

Wow… sorry for this late response.

Thanks for the answer.
More RAM is what is (probably) what is needed.

I am not to sure what to look for in the logs.
But I can say that even though they do not log graphs from time to time then these boxes run dead stable.

@stephenw10:

@m4f1050:

Why the "N" support?

802.11N is not just more speed.  ;)
Your X700 has only 10/100 ports anyway. The maximum throughput is also less than 450Mbps. (less than 300Mbps?  :-)

I believe there are cards which support 'Super G' mode if you have compatible chipsets at both ends.

Steve

At first I wanted less devices on my network but FreeBSD 8 didn't have 802.11n support…  What I wanted out of 802.11n was to max out the 100 of the port connected to my gig switch, but if it's not going to reach 100 with FreeBSD 9 then it's not even worth it anymore to go internal wifi.  Why I am going to do the N900 on my internal network and leave the pfSense just for what it is, a firewall.  :)

Hmm, I'm quite surprised by that. I would have assumed a 200W PSU would be fine.
Also I'm surprised you can get 25A through a barrel connector without it melting!  :)

Steve

When you tether by USB your phone MIGHT be recognised by pfSense as a USB ethernet interface.

Please tether your phone then give the pfSense shell command```
usbconfig show_ifdrv

PfSense is not yet well equipped to deal with intermittently connected devices. You will probably find that pfSense doesn't reboot cleanly on the first reboot after you have configured your phone.

A search of the wireless forum for ar9285 showed a number of entries reporting experience with different cards using that chipset.

I changed it from AHCI to IDE and it still was no go.  Btw I just tried the daily builds pfsense 2.1Beta1-pfsense it worked!!  Now I need to do some testing and lock it down like my Cisco ASA 5510.  ACL's suck

check logicsupply's rugged pc's.

It was not based on speculation (not mine anyway)  ;)

@https://twitter.com/pfsense/status/309519811950571520:

2.1-RC1 coming soon and a new edition of the book. stay tuned!

I completely agree that the pfSense team is very good at resisting pressure to release before it's ready, and that's a very good thing.

Steve

Also the SIA210?
Where did you order yours?

@xVxSemperFi:

BUT I recognized a problem after my first reboot. The Stick was not found, and the config was lost. After I repluged the stick I could configure it again.

So the device firmware will be available to the device driver BEFORE the root file system is mounted, you need to add the line```
runfw_load="YES"

That works fine, it wouldn't stomp on the boot portion of the device.

What change did you make?

Steve

Looking at my SMART data it is going to be a while before I see enough writes to get off 0%.

9 Power_On_Hours          0x0032  100  100  001    Old_age  Always      -      1387 ... 202 Perc_Rated_Life_Used    0x0018  100  100  001    Old_age  Offline      -      0

I am going to be Googling a bit on these SMART entries, they are the only interesting ones so far:

173 Wear_Leveling_Count    0x0033  100  100  010    Pre-fail  Always      -      1 174 Unexpect_Power_Loss_Ct  0x0032  100  100  001    Old_age  Always      -      13 181 Non4k_Aligned_Access    0x0022  100  100  001    Old_age  Always      -      118 116 1