Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    High cpu usage when i upload/download

    Scheduled Pinned Locked Moved Hardware
    2 Posts 2 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      Neo_t3
      last edited by

      Hi,

      I have pfSense 1.2.3 (4Go embedded) on an WRAP 1E-1 (233MHz), when i download or upload (ADSL 24Mb/1Mb) i can see on pfSense webGui or with Cacti, an very high CPU usage :

      When CPU is on top, i can't access normaly to pfSense WebGui, and DNS request are too long.

      There is my /etc/sysctl.conf, modded with this howto : http://doc.pfsense.org/index.php/Installation_Tuning

      
      # Do not send RSTs for packets to closed ports
      net.inet.tcp.blackhole=2
      # Do not send ICMP port unreach messages for closed ports
      net.inet.udp.blackhole=1
      # Generate random IP_ID's
      net.inet.ip.random_id=1
      # Breaks RFC1379, but nobody uses it anyway
      net.inet.tcp.drop_synfin=1
      net.inet.ip.redirect=1
      net.inet.tcp.syncookies=1
      net.inet.tcp.recvspace=65228
      net.inet.tcp.sendspace=65228
      # fastforwarding - see http://lists.freebsd.org/pipermail/freebsd-net/2004-January/002534.html
      net.inet.ip.fastforwarding=1
      net.inet.tcp.delayed_ack=0
      net.inet.udp.maxdgram=57344
      kern.rndtest.verbose=0
      net.link.bridge.pfil_onlyip=0
      net.link.tap.user_open=1
      # The system will attempt to calculate the bandwidth delay product for each connection 
      #and limit the amount of data queued to the network to just the amount required to maintain optimum throughput.
      net.inet.tcp.inflight.enable=1
      net.inet.ip.portrange.first=1024
      net.inet.ip.intr_queue_maxlen=1000
      net.link.bridge.pfil_bridge=0
      # Disable TCP extended debugging
      net.inet.tcp.log_debug=0
      # Set a reasonable ICMPLimit
      net.inet.icmp.icmplim=500
      # TSO causes problems with em(4)
      # and reply-to, and isn't of much benefit in a firewall, disable.
      net.inet.tcp.tso=0
      
      

      Have an idee for this problem ?

      Thanks a lot, best regards

      Jerome

      1 Reply Last reply Reply Quote 0
      • M
        MageMinds
        last edited by

        Search the forum and doc for tuning your WRAP. Basically you need to enable polling on your network card, so the cpu doesn't get hammered by interrupts from the network card.

        MageMinds

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.