Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    I'm ready to purchase, one last question

    Scheduled Pinned Locked Moved
    Official Netgate® Hardware
    4
    4
    570
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • CreationGuyC
      CreationGuy
      last edited by

      I'm sorry for the repeated questions, but I want to make sure that I spent the money wisely.

      I've been using pfSense+ on an i5 tower for a few weeks with VLANs, pfblockerNG, wireguard, etc. and it's been working out very well. I'm really pleased with it. I was considering going with opnsense but their stance towards packages was not what I had expected.

      My RAM usage is hovering from 15% to ~50%, the system has 4GB of RAM. I am looking at the 4100MAX or 6100MAX. I shouldn't need the extra 4GB RAM would I? I don't plan on using suricuta or the advanced plugins, that I'm aware of.

      Thanks again,

      cwagzC keyserK 2 Replies Last reply Reply Quote 0
      • cwagzC
        cwagz @CreationGuy
        last edited by

        @creationguy I was having the same thoughts moving from my APU2C4 with 4GB ram. I went with the 6100MAX to get the SSD and also the RAM even if I won't use it all. I ended up setting up HAProxy last weekend to handle my internet facing stuff as well as all my internal servers with Let's Encrypt certs. It is good to know I have extra power / RAM to spare just in case I want to start using new features in the future. I am hoping to use this router for a very long time.

        Netgate 6100 MAX

        1 Reply Last reply Reply Quote 0
        • keyserK
          keyser Rebel Alliance @CreationGuy
          last edited by

          @creationguy said in I'm ready to purchase, one last question:

          I'm sorry for the repeated questions, but I want to make sure that I spent the money wisely.

          I've been using pfSense+ on an i5 tower for a few weeks with VLANs, pfblockerNG, wireguard, etc. and it's been working out very well. I'm really pleased with it. I was considering going with opnsense but their stance towards packages was not what I had expected.

          My RAM usage is hovering from 15% to ~50%, the system has 4GB of RAM. I am looking at the 4100MAX or 6100MAX. I shouldn't need the extra 4GB RAM would I? I don't plan on using suricuta or the advanced plugins, that I'm aware of.

          Thanks again,

          No, if your max usage has been around 50% currently, then 4Gb will serve you well for many years if there are no plans for Suricata/snort. Memory usage in pfSense has always been low, and its only packages that can contest if 4GB will be enough.
          And to use your remaning 2Gb you need a very serious package that currently only could be Suricata/Snort or if you select ALL the feeds in pfBlockerNG.

          I wouldn’t worry about 4Gb being enough.

          Love the no fuss of using the official appliances :-)

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            Yes, that. Most people who end up using a lot of memory have just enabled all the feeds in pfBlocker or all the signatures in Snort with no thought to what they actually need.
            I'm running Snort and pfBlocker on a 3100 here and not even using 50% of the 2GB it has but I only selected limited lists.

            last pid: 63920;  load averages:  0.25,  0.43,  0.44                                                                                                          up 5+06:28:22  14:09:29
65 processes:  1 running, 64 sleeping
CPU:  2.6% user,  0.2% nice,  7.5% system,  0.2% interrupt, 89.6% idle
Mem: 176M Active, 476M Inact, 169M Wired, 84M Buf, 1162M Free

  PID USERNAME    THR PRI NICE   SIZE    RES STATE    C   TIME    WCPU COMMAND
48523 root          2  41   20   351M   327M bpf      1  53:21   0.36% /usr/local/bin/snort -R _6830 -D -q --suppress-config-log --daq pcap --daq-mode passive --treat-drop-as-alert 
82520 root          1  52    0   131M    42M accept   1   1:18   1.18% php-fpm: pool nginx (php-fpm)
28210 root          1  52    0   132M    40M accept   0   0:46   0.00% php-fpm: pool nginx (php-fpm)
59286 root          1  52    0   132M    40M accept   0   0:21   0.00% php-fpm: pool nginx (php-fpm)
42298 root          1  52    0   132M    39M accept   0   0:19   0.00% php-fpm: pool nginx (php-fpm)
67504 root          1  52    0   132M    38M accept   0   0:05   0.00% php-fpm: pool nginx (php-fpm)
 2851 root          1  43    0   130M    38M accept   0   0:07   0.05% php-fpm: pool nginx (php-fpm)
44040 unbound       2  20    0    63M    35M kqread   0  18:52   0.00% /usr/local/sbin/unbound -c /var/unbound/unbound.conf
73345 root          1  20    0    49M    34M nanslp   0   0:33   0.05% /usr/local/bin/php -f /usr/local/pkg/pfblockerng/pfblockerng.inc dnsbl
  428 root          1  20    0    91M    22M kqread   1   0:15   0.00% php-fpm: master process (/usr/local/lib/php-fpm.conf) (php-fpm)
61524 root         17  52    0    45M    18M sigwai   0   2:04   0.00% /usr/local/libexec/ipsec/charon --use-syslog
84665 root        155  20    0    64M    15M uwait    1   1:00   0.00% /usr/local/sbin/filterdns -p /var/run/filterdns.pid -i 300 -c /var/etc/filterdns.conf -d 1
51479 dhcpd         1  20    0    14M    10M select   1   0:30   0.02% /usr/local/sbin/dhcpd -user dhcpd -group _dhcp -chroot /var/dhcpd -cf /etc/dhcpd.conf -pf /var/run/dhcpd.pid m
33768 root          1  20    0    12M  8160K select   1   0:00   0.01% sshd: admin@pts/0 (sshd)

            Steve

            1 Reply Last reply Reply Quote 1
            • First post
              Last post