pfSense on commodity HW: How to tune?
-
Experts:
In a nutshell: At a client site, pfSense CE is on a PC with 12GB RAM, SSD, 3GHz, and with a stock config, no rules, no VLANs, etc., has 750/40 (down/up). When given about a dozen rules on each interface, and 5 VLANs, we get 440/20.
Some I ask say 'deal with it', but here is the weird thing: the up/downs, using any speed test you like, are consistent. I mean, really consistent-regardless if there is anyone using the system, or when loaded down with a few OVPN clients and they are streaming (uploading). Always the same.
I have a 24-port cisco managed switch taking care of which ports are which VLANs, and a single cable from FW to switch.
Questions:
- Are thee any tweaks? Can this be improved?
- If not... What other strategy should be employed?
TIA!
-
@bogusexception
Almost Any <=10 year old i3 or i5 class cpu can handle 1gbit with ease.
What type of network cards are you using... Those low speeds are frequently caused by realtek chipsets -
Yeah, that. It really shouldn't be causing a restriction.
Check the Status > Interfaces page for errors on the NICs.
Try running at the command line:
top -HaSP
Then run a test and make sure no CPU core is pegged at 100%.Steve