PfSense 32bit vs 64bit? which one should I choose?



  • Yes, I am a newbie and my router has a AMD64 cpu.

    I heard 32bit pfSense performs better on ipv4 routing, whereas 64bit is better on ipv6. Is that true?

    Correct me if I'm wrong, but I think my router does not do only routing jobs, but also samba/squid/transmission-bt/…, so I think 64bit pfSense has advantages in many applications other than routing.

    btw, Anyone has done any benchmarking?

    Thanks!



  • Not true.

    My suggestion, unless you really need more than 4GB of RAM stick with 32bit.



  • Check all the packages you plan to use and make sure they are available in 64 bit.

    I'd never consider Samba or any other file sharing program on a router, that is begging for trouble.

    What I got as a suggestion when I started was to stay with the 32 bit version since it was better tested and had more add-on options.



  • I tried for ages to get 64 bit version of 2.1 to install in exsi but it wouldn't go.  So I installed 32 bit version and it went first try.
    Now, thats just a single day of a pfsense thats in a constant state of update/replair/patching up till its final release, so the next day, maybe it would have been ok.



  • @stan-qaz:

    Check all the packages you plan to use and make sure they are available in 64 bit.

    I'd never consider Samba or any other file sharing program on a router, that is begging for trouble.

    What I got as a suggestion when I started was to stay with the 32 bit version since it was better tested and had more add-on options.

    Any particular reasons for 'never consider Samba … on a router'?
    Thanks.



  • Well - The job of SAMBA is "share and broadcast everything to everyone" and a firewall's job is sorta opposite.  I'd want to keep the two seperate.  ESXi with pfsense in one VM and a small VM with some linux flavor and samba and whatever other services you need would probably be ok.



  • @kejianshi:

    Well - The job of SAMBA is "share and broadcast everything to everyone" and a firewall's job is sorta opposite.  I'd want to keep the two seperate.  ESXi with pfsense in one VM and a small VM with some linux flavor and samba and whatever other services you need would probably be ok.

    but in smb.conf, you could control which interface, wan or lan, the samba can share, isn't it?

    (i have a separate samba server and it communicates with router via wireless, but then streaming blueray video is quite jerky… that's why i'm thinking to merge them together to save some wireless bandwidth)



  • I don't think relocating your samba server will make a difference. 
    I think if your machine can spin out 50MB/s that will handle anything.

    What is the spec of the machine holding the SAMBA share?  How fast is its NIC card? 
    What kind of interface does the drive have?  Is it USB, USB3, SATA I/II/II?  EIDE?

    Whats the speed of the CPU?

    (I'd think having your SAMBA on a second machine would make it faster, VS. slower.  Mine never glitches)

    Please tell me those specs, and if its not a problem, I might have a suggestion.



  • @kejianshi:

    I don't think relocating your samba server will make a difference.  
    I think if your machine can spin out 50MB/s that will handle anything.

    What is the spec of the machine holding the SAMBA share?  How fast is its NIC card?  
    What kind of interface does the drive have?  Is it USB, USB3, SATA I/II/II?  EIDE?

    Whats the speed of the CPU?

    (I'd think having your SAMBA on a second machine would make it faster, VS. slower.   Mine never glitches)

    Please tell me those specs, and if its not a problem, I might have a suggestion.

    Core Quad Q9300
    4G RAM
    Intel 6300 AGN (but 150mbps to router because of the distance)
    500G SATAII

    OS:
    Archlinux with kernel 3.10.5

    btw, do you know where I can see the packet drop rate?

    Thanks!



  • I suppose you could ping the server while your are viewing a movie to see packet loss.

    How far away is the router?  How is that connected?



  • @kejianshi:

    I suppose you could ping the server while your are viewing a movie to see packet loss.

    How far away is the router?  How is that connected?

    2 walls are between the router and samba server; wireless.

    well. let's come back to the topic. how worse (or better) does a 64bit pfSense perform against 32bit? only package issue so far? anything in detail?

    thanks!


  • Netgate Administrator

    There is almost no difference between 32 and 64bit in performance terms. I would always use 32bit unless I need more than 4GB of ram (or more than 3.5 commonly) for the reasons given by Stan-qaz above. I suspect though that as time passes and RAM becomes ever cheaper more and more people are using 64bit. There will be a time when 64bit becomes the more widely tested variant. Has it happened yet? I'm sure there must be stats for update checks somewhere.

    If you need to run pfSense and some file sharing on the same machine by far the best way is to run two separate OSes virtualised. To get samba up and running in pfSense will require a lot on command line hacking, there's no package for it, and it will all be undone by a firmware update. Other people have done it though.

    Steve



  • @stephenw10:

    There is almost no difference between 32 and 64bit in performance terms. I would always use 32bit unless I need more than 4GB of ram (or more than 3.5 commonly) for the reasons given by Stan-qaz above. I suspect though that as time passes and RAM becomes ever cheaper more and more people are using 64bit. There will be a time when 64bit becomes the more widely tested variant. Has it happened yet? I'm sure there must be stats for update checks somewhere.

    If you need to run pfSense and some file sharing on the same machine by far the best way is to run two separate OSes virtualised. To get samba up and running in pfSense will require a lot on command line hacking, there's no package for it, and it will all be undone by a firmware update. Other people have done it though.

    Steve

    How much performance will VM slow down comparing with native machine?


  • Netgate Administrator

    Impossible to say, too many variables. It will be slower, especially if you have more than one VM.  ;)
    What is the spec of the host machine? What performance from the pfSense VM do you need? (packages, throughput etc)

    Steve



  • I agree with the guys above.  For most home applications, a 32 bit install is very sufficient and well vetted.  I only tend to go 64 bit when I must.  Thats dictated by RAM.  I've actually frequently taken a hit on the ram purposely just to stay 32 bit.  For instance, with 4GB installed you typically don't quite see it all in lots of OSs unless you go 64 bit, but in the past, the numbers of users on 32 bit versions provided so many guinea pigs that 32 was just more vetted.  In the future, I suspect the situation will become reversed.


  • Rebel Alliance Global Moderator

    @enihcam:

    How much performance will VM slow down comparing with native machine?

    I run pfsense and my vms on a cheap HP N40L microserver with 8GB of ram and disks added for my NAS, and 3 extra nics added to allow for more connections to pfsense.  Wan, Lan, vmkern (esxi mgmt connection) and wlan..

    I assess all of my media off my NAS vm - I gave it raw access to the disks, and I can see 80-90 MBps pulling files off of it, and write I see normally 70-50MBps – more than enough performance for a nas in a home setup...

    I would highly suggest you break out your other services like samba/torrenting to a other vm other than your router/firewall - this is very simple via visualization..  If you want to leave your proxy/filtering on pfsense - sure I don't see any reason to break that out.  But I would never use it as a file server ;)

    As to 32bit vs 64, Unless you have some reason for your router/firewall to have 4GB+ of ram just don't see a need for 64bit version of pfsense.



  • What he said…

    Except I use virtualization - My imagination isn't good enough to make visualization work.  (I had to joke)

    I was going to ask if NAS would be better than SAMBA share or not for you, but FreeNAS is a resource hog.  Not sure if you have amazing hardware laying around or not?



  • "2 walls are between the router and samba server; wireless."

    I have a solution for that…


  • Rebel Alliance Global Moderator

    visualization?  Oh I see it damn spell check when your not paying attention ;)



  • haha - I typo WAY more, but that was too good to pass up (-;



  • @kejianshi:

    What he said…

    Except I use virtualization - My imagination isn't good enough to make visualization work.  (I had to joke)

    I was going to ask if NAS would be better than SAMBA share or not for you, but FreeNAS is a resource hog.  Not sure if you have amazing hardware laying around or not?

    Love my Nas4free setup - just FYI. Not a hog like FreeNAS



  • I'll give it a look.



  • Hello,

    I'm a hobbyist and am setting up my first router. It is to be used for a business network so up-time is what is crucial to me. I am replacing my ASUS router which I find to be unreliable.

    I have several old pc's that I'm looking to re-purpose and would like to know other's opinions. I have a pentium 4 HP Compaq SFF that can only run 32bit. It's a good workhorse but I have no use for it otherwise. I have replaced the hdd with an SSD and added a 2nd gigabite nic card.

    My question is, am I wasting my time on this or should I use another pc that can run 64bit? The last time this question was asked it appeared that 32bit would have been a fine solution but would like to refresh the question.

    Any opinions would be greatly appreciated.


  • Rebel Alliance Global Moderator

    My understanding is 32 bit is not long for pfsense.. It is to be phased out… but not sure on the timeline..  Pent 4?  Wow that is some OLD shit ;)  Its prob time to retire that old beast to its final resting grounds.. It sure not going to be power friendly compared to something a bit more current..


  • Netgate Administrator

    That ^  ;)

    But if you've got that in hand it you can try pfSense on it. You can transfer your config and skills to new hardware when you have it available.

    We will support 32bit (2.3.X) for 1 year after 2.4 (64bit only) is released.

    Steve



  • I always go 64-bit unless the hardware doesn't support it.