Gateway / Firewall for a LanParty

  • Hello there!

    I'm one of the guys behind a LANparty back here in Sweden.
    And we host about 3-4 partys a year with about 150-200 visitor to each gathering.

    We have always had one problem, regardless of hardware and or software. The visitors always mange to snap our connection, which is a 100mbit full duplex and dedicated line. From a well-known ISP back here in sweden.

    The problem is following.. We have tried with (for example) pfsense before, it ran on a powerful server and with DHCP, DNS and gateway roles active.
    We monitored the traffic and load on the server and it all seems okay. But suddenly the visitor mange to completely kill the line. We have to restart the server and unplug the visitors to get back the control of it. We run it up again, look at the load and bandwidth used and it all seems normal. Almost no load on the CPU, memory or network.. But it seems like the number of connections kills it.

    We got storm control on on all of our switches included the backplane/root.

    We have had this problem on several different servers, and have tried with different hardware gateway appliances. But in somehow things just crash after a while. when sending an ping package to the gateway we almost always after a while online get no answer.. It just times out.

    What is the problem? Will pfsense mange to handle this ammount of traffic?

    You can assume that everyone is using P2P traffic, got some viruses spreading etc.

    Now we're planning on running Pfsense on a HP proliant DL760G2 with a total of 8 processors, 8x gbit nics with 64gb ram..
    Pfsense will get following hardware assigned through virtualbox.. 2x xenon processors, 8gb mem, 3x gbit nics (2x lan side, trunked and 1x wan side).

    Will Pfsense, when correctly configured handle this ammount of connections and traffic.. Remember the problem isnt cpu load and or bandwidth issue. Would it be an idea to split the DNS, dhcp and gateway roles apart so we run them on different virtual platforms? Is the problem the networkcards memory/bus ?

    What are we doing wrong!

    Thanks for any help guys, and excuse me for my bad english..
    Have a great day folks..

    Best regards. Johannes.

  • Maybe your states table is getting full.  You could try increasing the size. (somewhere in system: advanced, I think)  That hardware should definitely be able to handle a lot higher than the default size.

Log in to reply