Firewall performance : strange spikes

  • Hello,

    I have installed a Pfsense firewall for the web hosting company where I work for. It is in front of a 80 server platform on a 100Mbit/s connection. It regularly takes in 30Mbit/s of traffic but needs to be scalable to 100Mbit/s and even more. There will be a big number of firewall rules due to the number of servers behind it.

    The hardware configuration of the server is largely sufficient for this. It is enclosed in a Dell Poweredge server.

    Athlon X2 (don't remember the exact frequency but at least 4000+)
    4GB of RAM
    80GB of Disk
    2 x Broadcom GigE NIC

    When I look at the Quality tab of the RRD Graphs, I see the following problem (don't mind the packet loss period, it was a network error) :

    Here is the packets graph on the same period of time :

    Here is the traffic graph on the same period of time :

    The latency spikes are not correlated to the two following graphs so I find this rather strange… I don't know if it could be linked to the surrounding network... This happens all the time not just at certain periods of time.

    Configuration-wise, the firewall is configured as a transparent bridge, has DHCP server activated as well as SNMP server. Nothing fancy really.

    Pfsense version is 1.2-RELEASE.

    Thank you in advance for your help,

    Antoine Benkemoun

  • Looks like an issue with your provider. You shouldn't be seeing that. The next time it happens, ping the gateway from the firewall itself and from something inside your network and compare. They'll likely show the same increased latency.

  • So you think this is due to the internet line and not the firewall itself ?

  • @tekzone:

    So you think this is due to the internet line and not the firewall itself ?

    Almost certainly yes.  Trying what I suggested will help confirm that.

