PFsense Box with 32 gigs or ram
-
So as I am trying to build a super pfsense router. I got a dell r210 server and added a quad 10 gig nic and add 32 gigs of ram. and i noticed that the state table automatically adjusted from 400,000 to over 3,000,000. I was actually reading about the state table size and i going to actually adjust it to 15,000,000. Is there something to be said about it automatically changing to over 3,000,000? Thanks
Still learning ..
Thank you! -
-
@joshhboss said in PFsense Box with 32 gigs or ram:
Still learning ..
Remove those silly 8.8.8.8 - 1.1.1.1 - you don't need them.
No "help me" PM's please. Use the forum, the community will thank you.
Edit : and where are the logs ?? -
@gertjan Really, I thought I should at least give the router DNS. My ip is statically assigned.
-
@joshhboss said in PFsense Box with 32 gigs or ram:
Really, I thought I should at least give the router DNS
A myth.
pfSense uses a DNS Resolver.Resolvers, like unbound and the famous bind, also called 'named' have a build in list with the 'top' 13 root level (TLD's) DNS servers.
-
@gertjan I feel stupid, lol so where does the pfsense resolve from?
-
@joshhboss It resolves from the root name servers down (up?).
-
@gertjan Or one could set it to 192.168.1.1 ... correct?
pfSense+ 23.09 Lenovo Thinkcentre M93P SFF Quadcore i7 dual Raid-ZFS 128GB-SSD 32GB-RAM PCI-Intel i350-t4 NIC, -Intel QAT 8950.
pfSense+ 23.09 VM-Proxmox, Dell Precision Xeon-W2155 Nvme 500GB-ZFS 128GB-RAM PCIe-Intel i350-t4, Intel QAT-8950, P-cloud. -
@joshhboss for my pfsense router to resolve addresses i dont need to actually specify a dns server. so where does it resolve from. ? i got confuse with removing the dns server
-
@joshhboss I answered you. From the root servers down. Put "recursive DNS resolution" into your favorite search engine.
The list of root name servers is part of the base configuration of a recursive, caching DNS server like unbound.
-
@nollipfsense said in PFsense Box with 32 gigs or ram:
Or one could set it to 192.168.1.1 ... correct?
192.168.1.1 ?
The resolver normally listens to all LAN type interfaces, and the local host 127.0.0.1
So, typically, it listens on 192.168.1.1 by default, so it can receive DNS requests from the local LAN clients.
It looks for the root servers on WAN type interfaces (the ones that have a gateway), because these interfaces could (should) route a (the) TLD's or "13 root name servers."Setting to 192.168.1.1 means : unbound points (forwards) to unbound (forwards) to unbound (forwards) to unbound (forwards) to unbound (forwards) to unbound ..... and then it crashes.
Happily enough, it's protected to ignore such setup errors.
