Fine tuning pfSense for large environments



  • We primarily use pfSense as a captive portal for our students to onboard for secure wireless.  At the beginning of the semester, we can see hundreds of people connected concurrently on each box.  Currently, the boxes are running on 4 cores and 12 Gig of RAM.  That never seems to be an issue.  However, it did dawn on me that there could be some advanced settings to tweak to improve the performance during peak periods.  Does anyone have suggestions?

    Thanks!



  • @carzin:

    We primarily use pfSense as a captive portal for our students to onboard for secure wireless.  At the beginning of the semester, we can see hundreds of people connected concurrently on each box.  Currently, the boxes are running on 4 cores and 12 Gig of RAM.  That never seems to be an issue.  However, it did dawn on me that there could be some advanced settings to tweak to improve the performance during peak periods.  Does anyone have suggestions?

    Thanks!

    Can you provide some more details like the CPU model, chipset of the NIC cards, WAN speed, if there is a VPN, and if there are any VLANs?



  • They are all virtualized on a very high end UCS cluster (virtually unlimited resources).  The system sees the current setup as the following:

    Intel(R) Xeon(R) CPU E5-2683 v3 @ 2.00GHz
    4 CPUs: 4 package(s) x 1 core(s)

    I am using the E1000 network adapter type.



  • @carzin:

    They are all virtualized on a very high end UCS cluster (virtually unlimited resources).  The system sees the current setup as the following:

    Intel(R) Xeon(R) CPU E5-2683 v3 @ 2.00GHz
    4 CPUs: 4 package(s) x 1 core(s)

    I am using the E1000 network adapter type.

    Cool. Take a look at this page- https://calomel.org/freebsd_network_tuning.html



  • awesome!  many thanks



  • that looks like websever optimizations  NOT a firewall


Log in to reply