Looking for PFsense appliance
-
@joshv918
I assumed you have looked here Netgate Appliances -
@patch it doesn’t speak much there on the number of clients and what could be recommended for all the nat translations. Raw throughput- vs number of connections and sessions and what not is kind of where I need guidance on ..
Thank you
-
It depends what those clients are. If they're all IoT devices connecting to a single server that's very different to all BitTorrent clients with thousands of connections each.
It does list the number of states each can handle which is effectively limited only by available RAM. 1M states is ~1GB. Each connection requires 2 states, NAT is part of the created state.How many states per client do you see in your current deployment?
Steve
-
@stephenw10 this is for festivals.. so the clients would likely be using social media.. maybe checking bank accounts in order to make purchases.. a lot of pos machines.. some vlans would be for streaming. Production offices for work related things. Kind of a a gumbo of all sorts of services.. really haven’t encountered networks as diverse and as intense as these.. why I’ve moved from Edge routers(ubiquiti) into the direction of pfsense
-
Do you have any data from your previous events using pfSense?
The monitoring graphs record state usage and free memory. If you're using captive portal it also records the number of connected clients.
Otherwise it's a guessing game with a mix of clients like that.
Steve
-
@stephenw10 I’m wondering if there is a way to sort of calculate in the worst case scenario type of way. Assume I have 5k clients torrenting lol?
-
@stephenw10 I was looking at maybe the 6100 for the smaller events and the 1537 for the larger ones.. I built a server with 32gigs of ram but I think the interfaces might have problems because I was have so many CRC errors with my Cisco 10gig switch and tx pause errors with my Mikrotik switch and I replaced the cables. So I’m just scared to keep using a Frankenstein pfsense box and want the peace of mind of getting some new from netgate
-
This post is deleted! -
@joshv918 said in Looking for PFsense appliance:
@stephenw10 I was looking at maybe the 6100 for the smaller events and the 1537 for the larger ones.. I built a server with 32gigs of ram but I think the interfaces might have problems because I was have so many CRC errors with my Cisco 10gig switch and tx pause errors with my Mikrotik switch and I replaced the cables. So I’m just scared to keep using a Frankenstein pfsense box and want the peace of mind of getting some new from netgate
I would go with Netgate 1537 with 32GB of RAM.
-
I think you should restate your requirements.
The number of clients is not the correct end number you are looking for, it is the number of states (RAM usage). I have about 20 devices on my network doing things. I have 800 states, or about 40 states per device. 10k clients times 40 states is 400,000 states. My 8Gb FW defaulted to over 800k states, my memory usage is low so there is room to grow. (40 states per device is not a solid number you should use, just an example.)
10Gb is where you look at interfaces and CPU, a 6100 should handle that speed.
Any packages you add on top should be added to the CPU and RAM numbers.When you are done you should have an idea as to the the CPU and RAM needed, then you can make an educated guess on which device is best suited for your needs. If you have performance data from previous events you can improve your estimation on CPU and RAM needed.
