Making pfsense faster
-
It says the seller only ship to the USA. Am in Europe.
I have searched a bunch of auction and second hand sites for Intel Server cards without success. The retail price for the MT card is $195. Can you guys recommend another server nic that I can search for?Any Intel chipset based NIC will be good for what you need. They will be expensive, but they are some of the best NIC's around.
-
@sdale:
Any Intel chipset based NIC will be good for what you need. They will be expensive, but they are some of the best NIC's around.
So are you saying that a Intel PRO desktop nic will work?
I believe that anyway.I have run new tests. Not on pfsense but on another firewall. ~90 mbit/sec with my computer hardware. I will switch back to pfsense when the WAN dhcp problem is solved.
-
Intel Pro NIC should be good. One other thing you might want to try is enabling device polling under System>Advanced. If your NICs support this feature it should increase your throughput.
-
How do you know if the device polling works? I have two 3com cards in my mashine, with polling..
-
Have a look at status>interfaces. It should note "polling" somewhere along the lines if it is enabled and the nic supports it.
-
Also, gig nics usually have bigger buffers, which in turn causes less interrupts (on equivalent speed traffic to a 100Mbit NIC). Gig cards are the way to go if you can get them in your budget.
–Bill
-
With a P3 733 and a Intel Dual port MT 1000 I can do 220Mbit.
Without polling.I also have good experience with the Intel 100Mbit cards and the 3Com 3c905 cards.
vr an rl are not safe a choice.
-
Have a look at status>interfaces. It should note "polling" somewhere along the lines if it is enabled and the nic supports it.
Current snapshot (12/23) have this or just HEAD?? I have intel nics that I have polling enabled that I think are suppose to support it but nothing in the status/interfaces page..
-
Looks like I was wrong and it is not noted at status>interfaces. Go to diagnostics>command and run "ifconfig" from there. You should the "polling" noted there somewhere when enabled and supported by the nic.
-
http://yourpfsense.com/status.php will also show if the NICs are running with polling.
-
cool… that and then some.. forgot about this page, used it in monowall.. TX!
-
Hardware is SO cheap these days that griping about performance on an almost archaic P3 machine is silly. Given that an off the shelf firewall with similar features/performance to pfsense will cost you thousands of dollars you might better serve your organization by doing some education on what things really cost rather than wasting time trying to squeeze more blood from a stone. If you want good performance invest in good hardware.
EDIT :: For reference I still use a handful of P3 systems in critical applications without any trouble. However with traffic sometimes maxing my gigabit fiber connection my firewall isnt a place where I try to save money. It is THE MOST CRITICAL point of my network. For those with less demanding requirements less hardware will certainly do. I recently picked up a Dell poweredge server with dual p3-1.4ghz cpus and 2 gig of ram for 300 dollars. Even has a gig-e ethernet port and raid controller in it. Hard to go wrong with these machines. If you're on a budget look on ebay and you might be surprised at the class of machine that you can get for the money. Some of them even still have warranty coverage. Be sure to check the service tags on their support site.