Tuning for full blown PCs
-
Hi, are there any known "best practices" when installing pfsense in full blown PCs?, i'll install it in a Dell Optiplex GX760, C2D with 2GB of RAM. Are there any kernel parameters to adjust?, i'll be running VPNs, regular firewalling and Proxy/Antivirus.
-
With that hardware you should be able to handle quite a few simultaneous clients, I don't believe any tweaking need be done to the kernel parameters.
-
I've seen some posts about setting this parameters (taken from my old notes):
kern.ipc.nmbclusters
kern.maxfiles
kern.maxfilesperproc
net.inet.ip.portrange.lastThey're no longer needed?
-
They are not used that often and are hardly known.
-
But "hardly known" != "useless"…. I found this: http://forum.pfsense.org/index.php/topic,14673.0.html
Any comments?
-
The issues that loader.conf can cause/resolve are so pronounced that you would HAVE to modify it to even use the router at all. If you're seeing >10% of your bandwidth come through the pfSense box/proxy, then you're likely not affected. Most of the issues have been corrected with more recent versions of the squid package as well as bumps in the underlying FreeBSD versions.