4. Layer7 performances

Layer7 performances

  • M

    Hi,
      I am trying to block the P2P traffic from my LAN to the rest of the world, so I was creating a Layer7 Container.

    In the Container there are the rules for:

    • bittorrent

    • gnutella

    • edonkey

    • soribada

    • napster

    • fasttrack

    • directconnect

    everything works fine until I don't enable a rule on my LAN interface with:
    Action=Pass
    Interface=Lan
    Protocol=TCP/UDP
    Source=Lan subnet
    Log=Disabled
    Layer7=The above container

    at this point the firewall becomes kind of slow, expecially in resolving the names when browsing on a website.

    Is it a common issue or am I making something wrong or asking too much to my firewall (a Pentium Dual 3.4Ghz with 4Gb of RAM), or there is some other misconfiguration I could check?

    Thanks a lot,
    Michele

    0
  • G

    I think the QOS feature in pfsense is broken. I tried for too long trying to get it to work. I gave up and went back to my dlink.

    0
  • M

    @Gitsum:

    I think the QOS feature in pfsense is broken. I tried for too long trying to get it to work. I gave up and went back to my dlink.

    well… it's for sure not easy, the first time I needed support to let it work, and before 2.0 RELEASE I think was not also so stable, but it is working very well on my firewalls now.
    I had the same doubt that I am missing or mistaking something...

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy