Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Get current (and observed max?) Active Connections ?

    Hardware
    3
    6
    2918
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      CDuv last edited by

      I am currently using a Dell server to run pfSense (v2.3) and considering buying an "official/specific" server for pfSense (2 actually: for CARP redundancy).

      Is there a way to know the "Active Connections" count of my current setup (and any other useful "limitating" metric)? By knowing this I could determine which server I need.

      Thanks

      1 Reply Last reply Reply Quote 0
      • Derelict
        Derelict LAYER 8 Netgate last edited by

        Status > Monitoring click the wrench, Left Axis: System, States. Update graph.

        Change the duration of the graph and look at the highest resolution available to get the most accurate picture.

        You can also look at CPU utilization, Memory, etc there.

        A good view of current conditions is Status > Dashboard. For connections look at the state table size. But for system sizing I think the historical graphs are more valuable.

        My guess is you won't be close to the capabilities of the SG-2220 and the real decision is how many physical interfaces you need. For HA/CARP I would set the minimum unit at an SG-2440. WAN, LAN, SYNC, and an available OPT.

        Chattanooga, Tennessee, USA
        The pfSense Book is free of charge!
        DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • C
          CDuv last edited by

          Thanks, I guess the "states" counter grows with connections :)

          On "Status" > "Monitoring", the "Data Summary" part shows, for "filter states":
          max = 12852.89
          average = 4136.85
          (but it does not seems to always update according to time period and resolution setting: have to try multiple times)

          On "Status" > "Dashboard", the "System information" says:
          State table size: 3855/393000
          MBUF Usage: 2030/26584

          I'll check theses metrics on monday rush ;)

          1 Reply Last reply Reply Quote 0
          • Derelict
            Derelict LAYER 8 Netgate last edited by

            Those graphs were new in 2.3. 2.3.2 is recommended.

            Chattanooga, Tennessee, USA
            The pfSense Book is free of charge!
            DO NOT set a source port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • C
              CDuv last edited by

              I am running v2.3.2 (I had omitted the patch part ;)).

              1 Reply Last reply Reply Quote 0
              • W
                whosmatt last edited by

                FWIW, the max # of states is governed by how much RAM you have installed.  Quick and dirty rule is about 100,000 states per GB of RAM as the default state table size on pfsense.  Source:  https://www.pfsense.org/hardware/  "Large State Tables - State table entries require about 1 KB of RAM each. The default state table size is calculated based on 10% of the available RAM in the firewall. For example, a firewall with 1 GB of RAM will default to 100,000 states which when full would use about 100 MB of RAM. For large environments requiring state tables with several hundred thousand connections, or millions of connections, ensure adequate RAM is available."

                IMO, the state table size is probably the least of your worries when choosing hardware, since RAM is cheap.  Hope this helps.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post