Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Captive portal making WAN gateway losses in 2.7.0

    Scheduled Pinned Locked Moved
    Captive Portal
    2
    2
    227
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Y
      yogendraaa
      last edited by

      We recently installed 2.7.0, but unlike previous version with successfully running captive portal for more than 5000 users, when we enable CP, within few minutes WAN gateway showing losses and eventually gateway down and even webconfigurator is not accessible. Please help, my hardware is 24 core Xeon CPU, 32 GB RAM and intel x520 10 gig LAN and GW interface.

      GertjanG 1 Reply Last reply Reply Quote 0
      • GertjanG
        Gertjan @yogendraaa
        last edited by

        @yogendraaa said in Captive portal making WAN gateway losses in 2.7.0:

        Please help

        I'd love to, as soon as I found out how to simulate what '5000' users can do when they discover that they need to logging again, and they all hit the pfSense captive portal web serer to login at the same time 😊

        Your portal setup is not a, @home version, I tend to say : industrial ?
        So, good to know you use a Xeon and boat loads of memory, please share more info.
        For example :
        Here : /var/etc/ : look for the two files starting with "nginx-", these are the captive portal web server config files.
        The default worker_processes is "6". The number of max connections is "1000".
        With these numbers I suspect that their will be some "pushing-at-the-gates" and not everybody will make it.
        A less scientific approach of 5000 users number : not every device is fully "portal" aware, and will hammer the portal web server without doing an actual login ...... (less aware users makes things only worse ).
        Add to this : for every established connection, the portal login page wilml get spewed out, and this happens when nginx piped the request to PHP-(fpm), and got the parsed result back.
        PHP is a lot, but managing a stressed PHPP interpreter is ... a world apart.

        Take note : I'm not an nginx expert.

        When that login storm is over, and the firewall tables are all filled up with 5000 IP and 5000 MAC addresses, then these 5000 will generate 1 Mbits / sec per second ? That's already 5 gig ....
        Don't worry, I get it, even if 5000 portal users are realty connected, far from 5000 are actually active.

        @yogendraaa said in Captive portal making WAN gateway losses in 2.7.0:

        WAN gateway showing losses

        This doesn't say much. Losses = the gateway (WAN) monitoring tool sends a ping every 500 ms and checks if it gets back. If pings get lost, no big deal.
        If other, 'user' traffic gets lost, that indeed not good. But dpinger (the monitoring tool) can not know that.

        What does the Status > Monitoring (WAN) show you ?

        And sorry, I just gave you more questions, not really solutions.

        No "help me" PM's please. Use the forum, the community will thank you.
        Edit : and where are the logs ??

        1 Reply Last reply Reply Quote 0
        • First post
          Last post