Performance issue tweaking need to help performance
-
I have now been running ZEN with PFsense 5.0 for awhile now. It is running really well. I have installed SQUID, SQUIDGUARD, & IMSPECTOR. Everything is working really well. I have 3 MB by 512MB DSL connection.
I have noticed a difference between a machine behind the proxy and a machhine not behind the proxy. The downloads from behind the proxy are about half the download rate verse a machine not behind the proxy. I just wanted to know if, I needed to give higher prior to the virtual server that is running pfsense.
I need to also add snort back and well. I currently have 2 virtual processor and 768 meg of ram avaiable to virtual server.
I am also looking at upgrading a copy of my current image to verison 1.3. Does anyone have any thoughs or concerns?
I am really enjoying the virtual pfsense servers. I currently have a 1.3 and 1.2 virtual server, I switch between them at will. By bring either up and almost all vpn connections work. 2 differnt one's dont.
Virtual servers are a great way to do. I backup my production image once a week. It works great. I have had a image blow up and it failed horrible. I just restored from my backup and ther server was backup in about 10 minutes.
It is the best way to go.
RC -
The general consensus is that you shouldn't run any kind of critical security device, including pfSense, inside a virtual machine.
As for your squid problem, you don't mention which version of pfSense you're running (5 isn't a pfSense version), but if it's 1.2 then add these lines to your /boot/loader.conf and reboot:
kern.ipc.nmbclusters="32768"
kern.maxfiles="65536"
kern.maxfilesperproc="32768"
net.inet.ip.portrange.last="65535"Cheers
Bern
-
Bern,
It is version 1.2 and I am running XEN 5.0. I had to start using virtual machines due utilizies cost and the cost of running older machines. Since I have cut over to virtual machines. I have cut my utility bill by 200.00 a month. This includes additional AC unit required for cooling.How do I edit the loader.conf file. I never modified the conf files at all before.
RC -
That'll be Citrix's Xen then.
To edit loader.conf use vi, as in vi /boot/loader.conf. Do back the system up first to avoid having to re-install if you make mistakes.
-
Cry Havok,
Thanks a million. I have a fullimage backup of my production system. I can restore it at any time. The system is awesome. It's really been a huge cost savings. I recoupe my investiment in less that 4 months. I have replaced a bunch of really old machines. I love it.
RC -
I never used vi, where can I loacate a how to use it. Just curious?
RC