• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

PfSense performance on huge traffic

Off-Topic & Non-Support Discussion
3
6
10.0k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R
    rafaelsantos
    last edited by Jul 5, 2007, 9:25 PM

    First, i´m new here, my name is Rafael from Brazil, and I´m a m0n0wall home user and knowing pfsense now…

    My question is: does pfsense support huge traffic in a company with about 250 computers in LAN and 10 servers (email server, application server, terminal server, proxy server, domain server, etc...) in DMZ?

    Acctualy that company uses RouteFinder Appliance (RF850 from Multitech) as firewall/gateway, and I´m thinking substitute that rf appliance for a pfsense firewall... that is possible? can pfsense obtain same performance? pfsense can support as well as rf appliance (or better)???

    Thanks for any help...

    ps.: sorry about my ENGLISH, it´s so bad... lol...

    1 Reply Last reply Reply Quote 0
    • C
      cmb
      last edited by Jul 6, 2007, 3:06 AM

      That's not "huge" traffic, really. There are MUCH bigger installs out there.

      It's just a matter of making sure your hardware is properly sized. That varies greatly from one network to another, but mostly depends on how much Internet bandwidth you have, and how much traffic you route between LAN and DMZ. If you can estimate your throughput requirements, we can suggest hardware sizing.

      1 Reply Last reply Reply Quote 0
      • T
        tacfit
        last edited by Jul 13, 2007, 5:21 PM

        We've got 100 computers accessing through our pfSense box, and 2 terminal servers being published, add to that a public network on a separate VLAN with anywhere up to 200 users connection. We're using an old Dell Poweredge 1550, 1Ghz CPU with 512MB ram, and it's flying. I could probably double the usage on it.

        1 Reply Last reply Reply Quote 0
        • R
          rafaelsantos
          last edited by Jul 13, 2007, 11:03 PM

          sounds great tacfit… but can i obtain good pfsense performance using a box with VIA Eden 1GHz processor, PC133 512MB SoDIMM and 1gb Compact Flash???
          think in a situation with throughput of a 200 hosts in lan, incoming external connection and 2 vpn´s tunneling with about 30 hosts in each one...
          thanks

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by Jul 13, 2007, 11:12 PM

            Again, to provide any meaningful feedback, we need to know Internet connection speed, expected LAN to DMZ throughput requirements, and expected VPN throughput requirements.

            1 Reply Last reply Reply Quote 0
            • T
              tacfit
              last edited by Jul 14, 2007, 3:49 AM

              @rafaelsantos:

              sounds great tacfit… but can i obtain good pfsense performance using a box with VIA Eden 1GHz processor, PC133 512MB SoDIMM and 1gb Compact Flash???
              think in a situation with throughput of a 200 hosts in lan, incoming external connection and 2 vpn´s tunneling with about 30 hosts in each one...
              thanks

              As cmd says, more details needed. First off, I don't know how the Eden compares with a Pentium III based Xeon, but if they're comparable, and those users are doing "typical" surfing, e-mail, downloading general stuff, I would say your performance will be fine.

              BUT… again, this is a total guess on my part. I would say the first bottleneck you're going to run into is memory... and depending on the encryption used for your VPNs, CPU speed. Also, if you've got users download lots of torrents and other stuff like that, that'll throw things off. If this was for an office where you would restrict the types of traffic allowed, I think you wouldn't be far off the mark.

              I've been VERY impressed with pfSense's performance, but bare in mind I'm running it on a full sized server. It sounds like you're using a smaller device, which may be just fine... but I can only speak from my own experience :)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.