4. Settings before a computer party

Settings before a computer party

  • A

    Hi!

    Ive installed the newest pfSense on a computer with 2x Gbit network cards.
    It has 4GB RAM and some new CPU.
    Ive assigned network cards, tested everything, changed username, enabled https, changed domain and stuff like that.

    Anyways, the reason I'm here is to ask you if there is any settings I should change or something I should enable before 100 clients connects at this computer party on Friday.
    We're planning to have an internet connection of 400Mbit or something.

    Thanks!

    0
  • J

    You'll probably need to increase the size of the state table.

    0
  • C

    @Alf:

    Anyways, the reason I'm here is to ask you if there is any settings I should change or something I should enable before 100 clients connects at this computer party on Friday.
    We're planning to have an internet connection of 400Mbit or something.

    Sounds like a fun project. Here are my suggestions:

    • Do not allow the guests to access the management services (ssh, http) on your pfSense box – that should probably be on a separate VLAN, or barring that, only accessible by your statically-assigned IP address.

    • Block SMTP outbound from the LAN to prevent potential spamming. Webmail services like Gmail won't be affected by this.

    • Setup traffic shaping to prioritize DNS, game services and voice chat. Conversely, give high-bandwidth services like FTP or P2P a very low priority. This will keep latency manageable.

    • Scale the state table relative to your RAM. PF uses ~1k per state, so if you have 4GB of RAM, setting the state table size to 3 million or so should be safe.

    • Make sure your configured DNS servers are close and responsive. Usually these are provided by your ISP, but if they aren't good enough, see if Google DNS or OpenDNS are any better for you.

    • If possible, host things like commonly downloaded large files on a local, securely-configured webserver. Things like patches, mods, map packs, etc. are good candidates.

    0
  • J

    another thing that you might like to try (this is what I did at my high school LAN parties)

    have your PF box handle DNS for the LAN as usual
    -have a separate box (if possible) be your "file server" (for the map packs, patches, game files, other files that are needing to be centrally located so everyone can download them to play the games), and then have a second box (if possible) that acts like a load balancer for the file server (if you have a lot of people this would be suggested, and the LAN parties I went to would have at least 50+ people at a time, if your only working with 10 - 25 (30 at most) then you shouldn't need load balancing but having a separate file server from your PF box might be worth it…and the suggestions above this post would be good to follow if able...

    0
  • A

    Thanks guys!
    I will give you a full report on how things went on sunday ;)

    More tips is appreciated!

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy