Thanks for the Powerd clue, i guess the cpu was not "bursting" to 2.08Ghz without it on, not sure yet but it has gained me another 100Mbps , closing in on 900 now..
Even though you already purchased the hardware I just wanted to chime in here quick as well and mention that I have been using that exact same system with a symmetric gigabit fiber connection for almost two years and have been very happy with the performance. I basically have all the things installed that you mentioned in your post, although I don't use IPSEC anymore these days. This is a very capable little box and that will even scale beyond gigabit (I have done some basic 10Gbit testing with it).
They back-ordered it so I am still on the hunt for one at a good price but thanks for the confirmation!!
I have modem Alcatel OneTouch l850v
idVendor=0x1bbb
idProduct=0x0195
PFSense version 2.4.4-RELEASE-p1
This modem work if load module if_urndis.ko. I copy this module from another FreeBsd installed system 11.2. This file is in /etc/boot/kernel/if_urndis.ko
After load module modem is ue0: network interface, and autoconnect to Internet.
You must disable PIN to sim card.
FYI we just asked today to our SFR commercial if she could help us with this issue, she looked for an option on our contract / data plan and she activated the sl2sfr APN.
We now can successfully use it (Data only sim card). We'll just keep an eye on the invoice...
If you don't have ue0 then try using camcontrol to eject cd0 and da0, this might allow the stick to change mode. Alternatively you can flash a different firmware on to the stick.
check this thread here, I've written a small how-to guide for NDIS mode
https://forum.netgate.com/topic/130040/how-to-configure-rndis-on-e3372/17
Just buy a power consumption meter.
You need measurement on a daily/weekly basis, not spot measurements
As for the ups... Its nice, however consumes electricity and it won't show total consumption
As for using a clamp meter or a multimeter for power measurements, well, leave that to profesional electricians. Definitely not worth the hassle/danger.
@grimson It's been my experience that when you try to buy a unit from a solution-provider that isn't really interested in selling them standalone, they will charge you a fortune.
You can use suricata other than snort for 1gbps throughput IDS. There are no GUI setting method in current pfSense for snort to fork multi processes to monitor an interface. (200mbps per snort process from Security Onion and other snort documents.)
From the information of a reddit post, XG-7100 is sure can make 1gbps IDS with suricata.
I have used suricata as IDS in a C3758 barebone and used iperf2 to test the throughput of an suricata monitored gigabit interface then got 946mbps on download.
Id be interested to see a more comprehensive breakdown of the tweaks you made and before/after results. I tweaked by old c2758 setup and am about to embark on the same on my new system. Specifically interested in the difference between hyper threading on/off.
@canadianllama Looks like we may have fixed it, we did a BIOS update, turned off legacy for the HDD in BIOS (switched it to the other option UHDI or whatever its called) . Fresh install, loaded in our backup and BAM bobs your uncle, software reboot is working.
$ mcelog --no-dmi --ascii --file mce.log
Hardware event. This is not a software error.
CPU 0 BANK 3
MISC 0 ADDR 0
MCG status:
STATUS fe00000000800400 MCGSTATUS 0
APICID 0 SOCKETID 0
