Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFsense Box with 32 gigs or ram

    Scheduled Pinned Locked Moved General pfSense Questions
    11 Posts 4 Posters 1.1k Views 5 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J Offline
      joshhboss
      last edited by

      So as I am trying to build a super pfsense router. I got a dell r210 server and added a quad 10 gig nic and add 32 gigs of ram. and i noticed that the state table automatically adjusted from 400,000 to over 3,000,000. I was actually reading about the state table size and i going to actually adjust it to 15,000,000. Is there something to be said about it automatically changing to over 3,000,000? Thanks

      Still learning .. Screen Shot 2021-05-03 at 10.47.55 PM.png
      Thank you!

      DerelictD GertjanG 2 Replies Last reply Reply Quote 0
      • DerelictD Offline
        Derelict LAYER 8 Netgate @joshhboss
        last edited by

        @joshhboss

        https://docs.netgate.com/pfsense/en/latest/config/advanced-firewall-nat.html#firewall-maximum-states

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • GertjanG Offline
          Gertjan @joshhboss
          last edited by

          @joshhboss said in PFsense Box with 32 gigs or ram:

          Still learning ..

          e18ced28-76d4-41e0-a58f-e31390ed079c-image.png

          Remove those silly 8.8.8.8 - 1.1.1.1 - you don't need them.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          J NollipfSenseN 2 Replies Last reply Reply Quote 0
          • J Offline
            joshhboss @Gertjan
            last edited by joshhboss

            @gertjan Really, I thought I should at least give the router DNS. My ip is statically assigned.

            GertjanG 1 Reply Last reply Reply Quote 0
            • GertjanG Offline
              Gertjan @joshhboss
              last edited by

              @joshhboss said in PFsense Box with 32 gigs or ram:

              Really, I thought I should at least give the router DNS

              A myth.
              pfSense uses a DNS Resolver.

              Resolvers, like unbound and the famous bind, also called 'named' have a build in list with the 'top' 13 root level (TLD's) DNS servers.

              No "help me" PM's please. Use the forum, the community will thank you.
              Edit : and where are the logs ??

              J 1 Reply Last reply Reply Quote 0
              • J Offline
                joshhboss @Gertjan
                last edited by

                @gertjan I feel stupid, lol so where does the pfsense resolve from?

                DerelictD J 2 Replies Last reply Reply Quote 0
                • DerelictD Offline
                  Derelict LAYER 8 Netgate @joshhboss
                  last edited by

                  @joshhboss It resolves from the root name servers down (up?).

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • NollipfSenseN Offline
                    NollipfSense @Gertjan
                    last edited by

                    @gertjan Or one could set it to 192.168.1.1 ... correct?

                    pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
                    pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud.

                    GertjanG 1 Reply Last reply Reply Quote 0
                    • J Offline
                      joshhboss @joshhboss
                      last edited by

                      @joshhboss for my pfsense router to resolve addresses i dont need to actually specify a dns server. so where does it resolve from. ? i got confuse with removing the dns server

                      DerelictD 1 Reply Last reply Reply Quote 0
                      • DerelictD Offline
                        Derelict LAYER 8 Netgate @joshhboss
                        last edited by

                        @joshhboss I answered you. From the root servers down. Put "recursive DNS resolution" into your favorite search engine.

                        The list of root name servers is part of the base configuration of a recursive, caching DNS server like unbound.

                        faa2f92b-1ec5-471f-9bad-f3183f87165b-image.png

                        Chattanooga, Tennessee, USA
                        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                        Do Not Chat For Help! NO_WAN_EGRESS(TM)

                        1 Reply Last reply Reply Quote 0
                        • GertjanG Offline
                          Gertjan @NollipfSense
                          last edited by

                          @nollipfsense said in PFsense Box with 32 gigs or ram:

                          Or one could set it to 192.168.1.1 ... correct?

                          192.168.1.1 ?

                          The resolver normally listens to all LAN type interfaces, and the local host 127.0.0.1
                          So, typically, it listens on 192.168.1.1 by default, so it can receive DNS requests from the local LAN clients.
                          It looks for the root servers on WAN type interfaces (the ones that have a gateway), because these interfaces could (should) route a (the) TLD's or "13 root name servers."

                          Setting to 192.168.1.1 means : unbound points (forwards) to unbound (forwards) to unbound (forwards) to unbound (forwards) to unbound (forwards) to unbound ..... and then it crashes.
                          Happily enough, it's protected to ignore such setup errors.

                          No "help me" PM's please. Use the forum, the community will thank you.
                          Edit : and where are the logs ??

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.