Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    [Closed] CPU overload during high speed downloads, legacy Alix 2D3

    General pfSense Questions
    4
    5
    483
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      eihcet last edited by

      Hi,  I was fortunate enough to get an upgraded service from my internet provider recently.  The community in live in negotiated a better deal so we get it at no additional cost to myself.

      Whereas before I had a 30Mbps connection I am now upwards of 75Mbps+ tier (actually closer to 90-100Mbps throughput).  While this has been a nice change, I just recently associated a problem with my PFSense 2.3.1 and Alix 2D3 platform with the higher speeds… if I download something from the internet that maxes out the connection my other clients are unable to use DNS services and the PFSense web interface is unable to be accessed.  As soon as that high speed download is stopped the other clients have no issues.

      I've had the CPU graph up while testing this and it's definitely hitting 100% utilization during the burst connections so I believe it's a compute / performance issue.  Before I go investing money ( that's really not in the budget )in upgrading my PFSense hardware, are there any recommended tunables or other parameters that might help out here?  I know there are some hardware settings, right now I have the following at the defaults from the install:

      Device polling is unchecked/off.
      Disable Hardware checksum offloading is unchecked/off (or enabled I guess).
      Disable Hardware TCP Segmentation Offload is checked/on. 
      Disable hardware large receive offload is checked/on.
      Suppress ARP messages is unchecked/off.

      System tunables are mostly at default values.

      I'm okay with experimenting and toggling some of these values but hoping someone else may have beat me to it and can offer up some advice.

      Thanks.

      [Closed] Going to use the managed switch suggestion until I can update HW.

      1 Reply Last reply Reply Quote 0
      • H
        Harvy66 last edited by

        When I googled "Alix 2D3" for throughput, I'm seeing people showing it capping out between 40Mb and 60Mb, with some peaks into the 80Mb range. 50Mb UDP iperf was showing 3% packetloss and 2ms of jitter. Your hardware was almost at its limit at 30Mb/s. Time for an upgrade.

        1 Reply Last reply Reply Quote 0
        • H
          hda last edited by

          Put a managed switch, global rate limiting, between pfSense-LAN and your LAN-members.

          1 Reply Last reply Reply Quote 0
          • Derelict
            Derelict LAYER 8 Netgate last edited by

            ALIX can forward max about 80Mbps in my experience. Time for new hardware, probably.

            1 Reply Last reply Reply Quote 0
            • E
              eihcet last edited by

              @hda:

              Put a managed switch, global rate limiting, between pfSense-LAN and your LAN-members.

              That's a great suggestion,  I hadn't thought of that.  I was thinking I'd need a Managed switch in the near future anyway, they are fairly cheap now, and that would buy me some time to explore some budget upgrades for PFSense and let me keep using my service in a slightly reduced performance mode that I can control.

              I also appreciate the other folks confirming it's time to update the hardware.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense Plus
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy