@chrismacmahon said "f you need access to installation images for Netgate hardware you purchased, contact our support team at https://go.netgate.com/support/login When opening a ticket, please include one of the following: NetgateDevice ID, Order Number, Serial Number."
shouldnt that have been included when purchasing this thing and how about a free setup call when you 1st get it.
so sick of this i'm going to shoot my computer, my rounter, and my netgate box. i'll make a video of it if anyone wants to but it wont be FOR FREE hahahhaha omg help
I've finally made the holes in the walls necessary to bring the 6100 into my rack. Now I'm wondering whether I should remove the brush cable manager and bring the two DACs through the holes next to the netgate. And while I'm at it, how do people route these DACs? Messy :(
Going to have to agree with the WAN3/4 labels being less than optimal.
Between this and my TR system, and despite the energy efficiency of the 6100 (thank you!) there's a little too much heat in this room. This guy is going to have to go upstairs. More holes at some point, and attic work....
Yes, it certainly looks like that but those ports don't necessarily indicate it's actually NATing. Having tested it myself numerous times I would be very surprised to see 800Mbps with NAT and filtering enabled. There are a lot of variables but 500Mbps is around what I expect to see in a local iperf3 test between WAN and LAN.
I think you're right.
I've set the Firewalll Optimization to normal, which should've set the time out for "FIN WAIT" to 900 seconds, but it still doesn't kill the state.
So I guess back to the roots to find out what the problem is.
Well uhm, somehow it solved my problem automatically without restarting the VPN tunnel. I think the Firewall Optimization worked, need to do more testing though.
Yeah, I would not recommend using RAM disks with Snort/Suricata. It can be made to work but they do not expect to see RAM disks.
4GB is enough to run Snort/Suricata and pfBlocker. Though, as stated, it will reduce the maximum throughput.
@keyser Thanks! I appreciate the replies.
So basically an inefficient chip as compared to an i3 but still the overall performance should still be solid and temps shouldnt be an issue?
I feel more at ease now about it.
Well No, not really inefficient. Sure compared to the latest 11th or 12th generation i3, they are less efficient due to Being manufactured on an older silicon die node, But thats evolution for you. Compared to “same age i3’s” i would rather use the Word different. I3’s and higher are made for high single core single performance - achieved by turboing the frequency. This can make cpu performance fairly unpredictable because sometimes its fast, sometimes its in a throttle back State due to heat. The atoms are made for all day predictable performance, and have some optimizations for network/server type workloads that they can do with hardware assist. So they are a fairly good cpu in a “lower power” envelope for this kind of work.
Yes, we can do that but going in that direction is usually less of an issue. If you have VLANs configured for the switch ports in the 3100 you can just reassign those interfaces to the discrete NICs in the 6100 when you import it.
mvneta1.xx tells me that all the switch ports are bridged. Is that actually the case? Is there any way to not have them bridged? I know on a Cisco Firepower 1010 you can set the interfaces separately or have them set as Bridged Virtual interfaces (BVI).
They are a single ethernet chip LAGGed as a switch. There is no way to break the LAGG and use them individually.
Worth noting that the only systems this is the case on are:
1100, 2100, 3100 and 7100 models. All others have discrete interfaces.
Thanks for that info, I did not know that. I appreciate you taking the time to let me know this 🙏 😁 🤙
Thank you all!!
Properly editing the file fixed the issue. I had a small typo.
The CPU usage may be lower than it has been for a while and now the temp is also down a tad. Going to monitor this for a bit. I know I had an issue with the WiFi. Going to see if that is cleared up as well.
Thanks for all the info.
Have my pre-drywall walkthrough shortly, so I am about 2-3 months out still. But I also know I need to buy equipment in advance so I can get it all done before we move in.
@gertjan Thanks, that's good advice; I tend to prefer command line as well so I will definitely take a peek at df next time. Unfortunately, no ZFS for me, for reasons discussed above (no support on ARM32 chips).
Don't know specifically about the XG-1541, but typically that setting is found in the BIOS configuration of PCs and other appliances like the XG-1541.
Boot with direct console access and enter the BIOS SETUP utility. In there, look for a setting related to the power on/off state. Typically the wording will offer two options when power is removed and then later restored. One option will cause the hardware to "stay in power OFF mode", and the second option will cause the hardware to "resume previous state". That second option means if the unit was turned off when power was removed, it will stay off when power is restored. If the unit was powered on when the power was lost, it will automatically power back on when the power source is available again.