Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Netgate 4100 or 6100?

    Scheduled Pinned Locked Moved Official Netgate® Hardware
    17 Posts 7 Posters 3.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bbaalen @SteveITS
      last edited by

      @steveits Hi Steve, yes i did see that, but i thought it was already fixed in the release i was using. I'll go check to make sure. I've pasted the part of the script i modified here by the way;

      https://pastebin.com/3k4Wy5Y3

      To be on topic again, so this, at least for me, made it useable on the 4100.
      We usually put a 7100 in projects, but i think for most home networks, even large ones, the 4100 is more than capable.

      S 1 Reply Last reply Reply Quote 0
      • keyserK
        keyser Rebel Alliance @SteveITS
        last edited by

        @steveits said in Netgate 4100 or 6100?:

        @bbaalen said in Netgate 4100 or 6100?:

        40 to 60 percent of the cpu without any traffic

        If you're on 22.05, did you see https://redmine.pfsense.org/issues/13154?

        Edit /usr/local/pkg/pfblockerng/pfblockerng.inc and on line 4139 change
        $r = explode(')', $result, 2);
        to
        $r = explode(' ', $result, 2);
        (that's a space)

        Not trying to derail this discussion, but a quick question: I'm using pfBlockerNG-Devel (unpatched) on 22.05 on a SG-2100 and SG-6100, but I have not seen this CPU usage issue.
        There must be some pfBlockerNG configuration you need to have in order for this issue to show itself?

        Love the no fuss of using the official appliances :-)

        B S 2 Replies Last reply Reply Quote 0
        • S
          SteveITS Galactic Empire @bbaalen
          last edited by

          @bbaalen said in Netgate 4100 or 6100?:

          it was already fixed in the release i was using

          It's not, actually. :-/ 3.1.0_4 is the one with the bug, and it wasn't a problem until 22.05 changed the logging, I think it was. There hasn't been an update since 3.1.0_4.

          @NE_77 I would personally not be concerned with 35% RAM usage. We don't have any devices at client sites that have needed lots of RAM, though to be sure we're not usually using DNSBL. I do at home for ad blocking, on a 2100, and RAM usage is 11% of 4 GB. RAM usage will depend largely on what lists are used. I've seen people post they are using "just one list" and it turns out it has several million entries or some such.

          Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
          Upvote 👍 helpful posts!

          1 Reply Last reply Reply Quote 0
          • B
            bbaalen @keyser
            last edited by

            @keyser i've tried several of the options on reddit, this forum, re-installed, run it just with default settings etc etc, nothing really seemed to be doing the trick. I first thought, maybe it's got something to do with slow write/read speeds of the eMMC memory or something. But everything seems fine. Maybe the processor doesn't like the way the process is suspended with the php sleep or something. I just saw alot of cpu usage for no reason and the process that was consuming the most cpu time was the pfblocker.inc with the filterlog parameter command. So this led me to that function i put in pastebin, just ran some tests with some of the code commented out and that's how i ended up with the code there, put in some buffer for the file writing, not sure if it makes any difference when it is appending, but with eMMC i try to do as little writes as possible and also i always try to watch the resource handles.

            1 Reply Last reply Reply Quote 0
            • S
              SteveITS Galactic Empire @keyser
              last edited by

              @keyser said in Netgate 4100 or 6100?:

              There must be some pfBlockerNG configuration you need to have in order for this issue to show itself?

              Don't know, I have just put in the patch, and we haven't updated many yet. Are you using DNSBL?

              Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
              When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
              Upvote 👍 helpful posts!

              keyserK 1 Reply Last reply Reply Quote 0
              • keyserK
                keyser Rebel Alliance @SteveITS
                last edited by

                @steveits said in Netgate 4100 or 6100?:

                @keyser said in Netgate 4100 or 6100?:

                There must be some pfBlockerNG configuration you need to have in order for this issue to show itself?

                Don't know, I have just put in the patch, and we haven't updated many yet. Are you using DNSBL?

                Yeah, using both IP lists and DNSBL lists fairly extensively. But perhaps it’s related to the logging setup of pfBlocker? I Have disabled/minimized some of the logging options to retain eMMC/SSD lifespan.

                Love the no fuss of using the official appliances :-)

                1 Reply Last reply Reply Quote 0
                • stephenw10S
                  stephenw10 Netgate Administrator
                  last edited by

                  Yeah, I never managed to find exactly what's required to trigger that. I've seen it on some installs and not others with no obvious significant config differences. It could be a timing issue with varying hardware types. It's very obvious when you do hit it though!

                  Steve

                  NE_77N 1 Reply Last reply Reply Quote 0
                  • NE_77N
                    NE_77 @stephenw10
                    last edited by

                    Once the hardware is EOL, will I still be able to apply updates from Netgate or is the device basically stuck at it's current software version?

                    S 1 Reply Last reply Reply Quote 0
                    • S
                      SteveITS Galactic Empire @NE_77
                      last edited by

                      @ne_77 Updates will be available until they cannot work, as I recall Netgate saying. So expect many years of updates after end of sale. I am personally not aware of any models being cut off from updates. We have clients with some fairly old models.

                      Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                      When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                      Upvote 👍 helpful posts!

                      1 Reply Last reply Reply Quote 0
                      • stephenw10S
                        stephenw10 Netgate Administrator
                        last edited by

                        Yup, we only stop building updates when it becomes impractical to do so. So there no 32bit x86 builds any longer for example. Sorry m1n1wall users. 😉
                        We are still producing images and pkgs for the SG-1000 though and that was EoL some time ago:
                        https://www.netgate.com/support/product-lifecycle

                        Steve

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post
                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.