Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfBlockerNG Feeds - How many is too many?

    pfBlockerNG
    4
    6
    828
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      talaverde
      last edited by

      I know it's not good to subscribe to all of the available feeds in pfBlockerNG, but how many is a good number? How many is too much?

      I'm sure it depends on your resources. Just like an IPS, the more rules you enable the more work has to be done on each packet.

      I was hoping someone on this board may have done some testing, adding more and more feeds, watching and testing to see the effect. Maybe not. If anyone has any input, I'd love to hear it?

      If not, let's try this. How about everyone post the feeds they use?

      1 Reply Last reply Reply Quote 0
      • RonpfSR
        RonpfS
        last edited by

        That depends on your platform.

        IP tables doesn't use much memory and ressources.

        DNSBL tables are limited by the memory of the system. On a 8GB system, it can manage around 1 to 1.5 millions entries.

        2.4.5-RELEASE-p1 (amd64)
        Intel Core2 Quad CPU Q8400 @ 2.66GHz 8GB
        Backup 0.5_5, Bandwidthd 0.7.4_4, Cron 0.3.7_5, pfBlockerNG-devel 3.0.0_16, Status_Traffic_Totals 2.3.1_1, System_Patches 1.2_5

        G 1 Reply Last reply Reply Quote 0
        • T
          talaverde
          last edited by

          @ronpfs said in pfBlockerNG Feeds - How many is too many?:

          s are limited by the memory of the system. On a 8GB system, it can manage around 1 to 1.5 millions entri

          So, more feeds just means more memory, but won't create latency? I have about 20GB available, so memory isn't a problem.

          1 Reply Last reply Reply Quote 0
          • M
            motific
            last edited by motific

            When you hit “too many” you’ll know, unbound does not handle such situations gracefully.

            In my experience latency goes from ms to 60-100 Seconds, clients will time out long before they get a response, your phone will ring constantly, and people you’ve never met will appear at your desk!

            1 Reply Last reply Reply Quote 0
            • T
              talaverde
              last edited by

              Okay, it sounds like there is a clear wall. That's good to know. Thanks.

              1 Reply Last reply Reply Quote 1
              • G
                gsmornot @RonpfS
                last edited by

                This post is deleted!
                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.