Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid performance on pfSense 2.3

    Cache/Proxy
    2
    2
    1.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      monkeyx
      last edited by

      Hi,

      The settings below were copied from a forum post, that I used to help improve performance of squid on pfSense 2.2. Could anyone advise if these settings are still needed on 2.3?

      
add this to the /boot/loader.conf

kern.ipc.nmbclusters=32768
kern.maxfiles=65536
kern.maxfilesperproc=32768
net.inet.ip.portrange.last=65535

or just delete it and replace with

autoboot_delay="1"
#kern.ipc.nmbclusters="0"
hint.apic.0.disabled=1
kern.hz=100
#for squid
kern.ipc.nmbclusters="32768"
kern.maxfiles="65536"
kern.maxfilesperproc="32768"
net.inet.ip.portrange.last="65535"

you might ask why squid is so slow? its because default configuration of pfsense is router not as a server
thats why kern.ipc.nmbclusters="0" <- is set to zero. if you just simply remove this squid will be just fine.

but to tune the squid i add this
kern.ipc.nmbclusters: 32768
kern.maxfiles=65536
kern.maxfilesperproc=32768
net.inet.ip.portrange.last: 65535
      1 Reply Last reply Reply Quote 0
      • P
        Paint
        last edited by

        @monkeyx:

        Hi,

        The settings below were copied from a forum post, that I used to help improve performance of squid on pfSense 2.2. Could anyone advise if these settings are still needed on 2.3?

        
add this to the /boot/loader.conf

kern.ipc.nmbclusters=32768
kern.maxfiles=65536
kern.maxfilesperproc=32768
net.inet.ip.portrange.last=65535

or just delete it and replace with

autoboot_delay="1"
#kern.ipc.nmbclusters="0"
hint.apic.0.disabled=1
kern.hz=100
#for squid
kern.ipc.nmbclusters="32768"
kern.maxfiles="65536"
kern.maxfilesperproc="32768"
net.inet.ip.portrange.last="65535"

you might ask why squid is so slow? its because default configuration of pfsense is router not as a server
thats why kern.ipc.nmbclusters="0" <- is set to zero. if you just simply remove this squid will be just fine.

but to tune the squid i add this
kern.ipc.nmbclusters: 32768
kern.maxfiles=65536
kern.maxfilesperproc=32768
net.inet.ip.portrange.last: 65535

        I believe kern.ipc.nmbclusters is the only /boot/loader.conf.local variable you need to set. All of the other settings are managed by pfSense/FreeBSD and are bigger than the values recommended for pfSense 2.2 and earlier:

        
[2.3.2-DEVELOPMENT][root@pfSense.lan]/root/scripts: sysctl net.inet.ip.portrange.last
net.inet.ip.portrange.last: 65535
[2.3.2-DEVELOPMENT][root@pfSense.lan]/root/scripts: sysctl kern.maxfilesperproc
kern.maxfilesperproc: 232389
[2.3.2-DEVELOPMENT][root@pfSense.lan]/root/scripts: sysctl kern.maxfiles
kern.maxfiles: 258216
[2.3.2-DEVELOPMENT][root@pfSense.lan]/root/scripts: sysctl kern.ipc.nmbclusters
kern.ipc.nmbclusters: 1000000
[2.3.2-DEVELOPMENT][root@pfSense.lan]/root/scripts:

        pfSense i5-4590
        940/880 mbit Fiber Internet from FiOS
        BROCADE ICX6450 48Port L3-Managed Switch w/4x 10GB ports
        Netgear R8000 AP (DD-WRT)

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.