SG-1100
-
-
Can you upgrade the RAM? If not any plans on providing a version with 4 GB ram? 1 GB just doesn't cut it with pfBlockerNG and a more advanced config.
-
Not that I'm aware of
-
It's an EspressoBin board inside, RAM is soldered to the board. Now the ExpressoBin boards appear to be available in varying memory configs though.
There was a picture of the board on the twitter announcements.
-
@grimson You might have a point there, I just checked my pfSense which is running in a VM at the moment and I'm looking at this below. I'd be running just under 80% memory usage on the SG1100 looks like? Seems like bandwidthd is a hog according to top, could dump that.
Memory usage 38% of 2002 MiB
SWAP usage 20% of 1022 MiB -
Can you upgrade the RAM? If not any plans on providing a version with 4 GB ram? 1 GB just doesn't cut it with pfBlockerNG and a more advanced config.
Does pfBlockerNG use that much though? Perhaps it depends on the aliases being held in memory. We generally have a few rules that "allow from the US" so don't have a lot of active pfBlockerNG aliases.
I looked at a couple routers and one on a SG-3100 without packages is around 200 MB, while a PC running pfBlockerNG and Suricata is around 730 MB it says. Another SG-1100 running pfBlockerNG and Suricata is around 500 MB currently.
Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
Upvote 👍 helpful posts! -
Maybe I'm not sure what to look at, I'm not super familiar with reading the top command
Memory usage reported on dashboard 38% of 2002 MiB
Top results are;
Mem: 177M Active, 1116M Inact, 160M Laundry, 396M Wired, 199M Buf, 101M Free -
FreeBSD will grab free memory to use for things like caching so you can't always go by specifically how much is used and free as a guide. Free RAM is wasted RAM, they say.
Odds are your memory needs are lower than the used % shown, but that isn't necessarily true 100% of the time.
-
@teamits said in SG-1100:
Does pfBlockerNG use that much though? Perhaps it depends on the aliases being held in memory. We generally have a few rules that "allow from the US" so don't have a lot of active pfBlockerNG aliases.
Well I monitor memory usage with telegraf, and during normal operations it uses between ~600 and ~900 MB (not including buffers). But when pfBlockerNG updates it lists (with TLD enabled) the memory usage (again without buffers) goes up to ~1400 MB with spikes to ~1800 MB. So this would likely force the SG-1100 to swap, which IMHO is a no-no for a firewall.
For reference I'm using GeoIP, the PRI1 IP feeds for IPv4 and IPv6 and DNSBL for adblocking, so my lists aren't insanely huge. I also don't use any kind of IPS/IDS which would increase memory usage too. And that's a setup I would recommend for home users.
Also just to make it clear, I have no personal interest in buying any of the appliances for myself, as I'm a firm believer of using standard components to build all my PC devices by myself. Though I'm still looking for a IMHO good Netgate appliance I could recommend with a clear conscience to home users around me.
And all of this is obvious only my personal preference and opinion.
-
when pfBlockerNG updates it lists (with TLD enabled) the memory usage (again without buffers) goes up to ~1400 MB
Hmm, interesting. I usually have the updates running early morning so don't ever see that.
I was looking at Memory Usage on the dashboard/home page.
I don't see that the 3100 even has swap so I doubt the 1100 does.
-
@teamits said in SG-1100:
I don't see that the 3100 even has swap so I doubt the 1100 does.
SSH in and run top. I bet you will see swap there.
-
SSH in and run top. I bet you will see swap there.
Actually I did that, just didn't post it:
Mem: 17M Active, 317M Inact, 193M Wired, 82M Buf, 1461M Free
Swap:PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
4364 unbound 2 20 0 54780K 37068K kqread 1 17:23 0.34% unbound
...Filesystem Size Used Avail Capacity Mounted on
/dev/diskid/DISK-E6E28698s2a 7.0G 930M 5.5G 14% /
devfs 1.0K 1.0K 0B 100% /dev
/dev/diskid/DISK-E6E28698s1 34M 2.0M 32M 6% /boot/u-boot
/dev/md0 3.4M 124K 3.0M 4% /var/run
devfs 1.0K 1.0K 0B 100% /var/dhcpd/dev -
SG-1000 only had 512MB RAM, no swap, and people still managed to run things like that on there.
-
Any thoughts on adding an internal LTE module?
-
Any thoughts on adding an internal LTE module?
Looks like it's a "NO", because there's no internal sim slot to talk to an internal LTE modem module. Here's some Reddit posts about it:
https://www.reddit.com/r/PFSENSE/comments/adj0jb/announcing_netgates_espressobinbased_sg1100/edhzaah
This box has a couple of USB ports, so an external LTE solution should work...
Jeff
-
If you need a LTE connection, my suggestion would be to get a LTE modem that hands it off via ethernet.. This removes any need for freebsd support for the device.
-
@akuma1x Thanks for the info
-
@akuma1x Thanks for the info
Honestly, and I forgot about those, I would go like @johnpoz suggests - 4G LTE thru ethernet. However, you're talking about $90 - $300 brand new from Amazon, from the likes of Cradlepoint, Huawei, MoFi, and KuWFi. Used are on ebay, but I would still stick with something from Cradlepoint.
Here's an old conversation from the forum talking about a failover interface utilizing a Cradlepoint modem.
https://forum.netgate.com/topic/76584/multi-wan-setup-with-4g-cradlepoint-not-working/17
Jeff
-
Is it still advisable to edit the xml file for the vlan config?
I had lotsa issues in porting an APU2 config to a SG-1100. -
Is it still advisable to edit the xml file for the vlan config?
I had lotsa issues in porting an APU2 config to a SG-1100.Splicing that in will speed things up considerably, so it's still a good idea. Same with any of the switch-based units. After you import you should be able to create the tags and then assign them, then apply and it will reboot, but hand editing the config is faster if you know how.
Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!
Need help fast? Netgate Global Support!
Do not Chat/PM for help!
