Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Is this hardware sufficient for PFSense for a multi-gig 5Gig/5Gig connection?

    Scheduled Pinned Locked Moved
    Virtualization
    2
    4
    104
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jprez1980
      last edited by

      Hello,

      I have PFSense virtualized with Proxmox. The proxmox host has the following specs:

      • 2x E5-2643 CPUs @ 3.30GHz
      • 512GB ECC RAM
      • 10TB Storage

      The PF Sense VM has been configured as follows:

      • 1 CPU with 8 Cores allocated, highest priority VM - set to Host CPU instead of emulating a CPU type.
      • 16GB dedicated (non balooned) RAM
      • 128 GB Hard Disk
      • Intel X550-T2 NIC passed thru directly to the VM for the WAN connection
      • Intel X540-T2 NIC passed thur directly tot he VM for the LAN connection

      Speeds struggle - I get around 2500 Down and 2800 Up. If I connect directly to the ISP modem, I get 4500down and 4500 up on average.

      The ISP does not use PPPoE, it's a /29 static block.

      Is there a configuration issue or does the hardware as it's configured not support this speed? If it's a hardware issue, is there a lower priced small form factor computer that'll do better?

      Thanks

      N 1 Reply Last reply Reply Quote 0
      • N
        netblues @jprez1980
        last edited by

        @jprez1980
        Proxmox is kvm and is hardly the speed curlpit

        Try narrowing down the tests with iperf3
        Test pf to lan and then with two hosts one in wan and one on lan, iperf traffic via pf
        and see what speeds you get.
        Since you have passed thru the cards you can't test them at the proxmox level.
        which would be also something to test.

        J 1 Reply Last reply Reply Quote 0
        • J
          jprez1980 @netblues
          last edited by

          @netblues So this hardware and configuration should be sufficient?

          N 1 Reply Last reply Reply Quote 0
          • N
            netblues @jprez1980
            last edited by

            @jprez1980 Well., this hardware is 12 years old and considered obsolete.
            So what do you mean by lower priced?
            If you consider power consumption, this equipment is a money burner.

            Gut feeling it probably tops at 3Gbit routing but you should check it with iperf and two pc's connected at 10g speeds with pf in between to be sure.
            Of courseif we add packet filtering ids/ips etc this will be much less.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post