Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Bandwidthd always promiscuous?

    pfSense Packages
    5
    7
    3739
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Pootle last edited by

      Thought I'd have a go with bandwidthd, to keep an eye on things, but whenever I install, then copy a file from my fileserver, CPU on pfSense hits the roof even though it has no part in the traffic ???

      Note: I am running pfSense in a VM (VMWare server) on the fileserver box, the LAN interface (that I have asked bandwidthd to monitor) is bridged straight to the internal LAN that the fileserver is using.

      Apart from this small  ;) problem, it behaves fine.

      1 Reply Last reply Reply Quote 0
      • B
        bsider last edited by

        i noticed that too
        p.s. using exactly the same configuration

        1 Reply Last reply Reply Quote 0
        • H
          hoba last edited by

          I think this is a vmware problem. Networkperformance of vmware is not that good and running an interface in promiscous mode will add additional load.

          1 Reply Last reply Reply Quote 0
          • P
            Pootle last edited by

            @hoba:

            I think this is a vmware problem. Networkperformance of vmware is not that good and running an interface in promiscous mode will add additional load.

            Hoba, the VMWare load I understand, I was just surprised that monitoing the traffic that hit pfsense from the LAN (not all traffic on the network) set the interface into promiscuous mode.  The VMware hit for broadband levels of traffic is trivial, going promiscuous on a busy Gb LAN is a problem!

            1 Reply Last reply Reply Quote 0
            • C
              cmb last edited by

              @Pootle:

              Thought I'd have a go with bandwidthd, to keep an eye on things, but whenever I install, then copy a file from my fileserver, CPU on pfSense hits the roof even though it has no part in the traffic ???

              Because in promiscuous mode it's going to see that file server traffic (assuming it's another VM on the same segment) because all VM's on a segment act like a hub. You're pegging the box because it's seeing and monitoring all that traffic.

              bandwidthd may require promiscuous mode to function, though it would be worth investigating if that's really required if someone cares to do so.

              1 Reply Last reply Reply Quote 0
              • S
                sullrich last edited by

                It is required unfortunately.

                1 Reply Last reply Reply Quote 0
                • C
                  cmb last edited by

                  It's not that big of a deal. It'll only happen if you:

                  1. Use a hub - Seriously, nobody should ever be using hubs anymore unless they actually do want to see all traffic.
                  2. Use VM's on the same segment - putting your firewall on a separate VM network should be feasible and fix this
                  3. have your firewall on a SPAN port - don't do that.
                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post