Maxing Out Build



  • We are currently using a Pentium 4 3.0ghz for our small buisness. We Run multiple servers Web server, file server, pbx. 2 windows servers replicating. My system is running at 99% cpu usage and lan traffic is slowing down. I recently rewired everything to run a gigabyte network.

    I have a xeon e3-1220 from a server that either the ram or motherboard failed so i could build a router with that if it will help.

    Anyone have any ideas

    Thanks In Advance!!

    PFSENSE is awesome!!



  • Is it routing Your internal traffic (between subnets or VLANs)?
    If yes then Layer 3 switch should take care about it, not the router.

    E3 series are pretty good cpus, we ran multiple servers on single E3 1230 without any noticeable slowdowns.



  • I am running on just one subnet im not sure why it is going through my router on internal transfers.


  • Netgate Administrator

    I would expect a P4 3GHz to manage 1Gbps, just. If you add Squid, which I see you're running, or Snort etc that througput will fall and the CPU will be maxed out.
    Where is that LAN traffic going? It doesn't appear to be going out of either WAN.

    The Xeon will be faster, much faster! It's 3x faster on a single thread rating but 17x fatser across all cores. That's just a benchmark score but you get the idea.

    Steve



  • The traffic is a combination of server replication and copying files from file server. Each of my servers have 4 1gb connections bridged. When I took this picture i was copying some large install files.  What would be better getting a layer 3 switch or using the xeon?



  • What kind of aggregation You use on Quad Gigabit links?
    Are they Intels or Broadcoms?
    What is Your WAN link speed?
    Please provide Your IP addressing?
    I see there are multiple interfaces on a router (and should be WAN, WAN2 and LAN or link to core switch according to best practices) so I'm starting to belive You're sending all traffic through the router and this server is overloaded because of this..
    Is it planned feature? (SNORT analyzing internal traffic or something?)


  • Netgate Administrator

    Yes, more details please.
    If you're hoping to get 4Gbps through your aggregated links you may hit other restrictions.

    Steve



  • @TooMeeK:

    What kind of aggregation You use on Quad Gigabit links?
    Are they Intels or Broadcoms?
    What is Your WAN link speed?
    Please provide Your IP addressing?
    I see there are multiple interfaces on a router (and should be WAN, WAN2 and LAN or link to core switch according to best practices) so I'm starting to belive You're sending all traffic through the router and this server is overloaded because of this..
    Is it planned feature? (SNORT analyzing internal traffic or something?)

    Please excuse my ignorance I am fairly new to doing all the networking stuff.

    They say "switch independant" for aggregation.
    They are intels
    I have 2 wans 25mb down x 25mb up and 15 mb down x 2mb up.
    What do you mean by ip addressing all interal ips are 192.168.1.2-200
    I am not trying to watch internal traffic just incoming so that someone doesnt download things they shouldnt be.


  • Netgate Administrator

    From your screenshot above we can see that you have interfaces labelled WAN, WAN1, WAN2, LAN, OPT3, and OPT4 and at least one other interface. What are doing with those? How do you have them connected?

    So each of your servers has a quad NIC with all four interfaces aggregated somehow to the switch?

    Steve



  • @stephenw10:

    From your screenshot above we can see that you have interfaces labelled WAN, WAN1, WAN2, LAN, OPT3, and OPT4 and at least one other interface. What are doing with those? How do you have them connected?

    So each of your servers has a quad NIC with all four interfaces aggregated somehow to the switch?

    Steve

    Yeah we use to have an extra Wan connection that we don't have anymore. Use to come free with our phones but when I switch to pbx we lost it.
    Yes all 4 just connect back to the switch.

    I  dont know if these pictures will help you understand what I am doing. Basically a hodgepodge of stuff here Iv been working on since about 10 years old. Again I apologize for my ignorance and greatly appreciate the help, Family run small business stretches me thin :). If any of you need any draft beer equipment or home brew stuff let me know ill get it to you at below whole :)







  • Netgate Administrator

    Ok. I assume you don't have any link aggregation setup between the switch and the pfSense box?

    In the first screen shot you have around 200Mbps on your LAN interface. Since you have WANs of 25+16Mbps the majority of that LAN traffic must have been going to another internal interface. Do you want/need that traffic to be going through the pfSense box? Are you running Squid or Snort on those internal interfaces?

    In your recent screenshot we can see 16Mbps of traffic on WAN with 21% CPU usage. That implies that your current machine should be able to support your total WAN side traffic without a problem. However if you're routing internal subnets it will not.

    Steve



  • @stephenw10:

    Ok. I assume you don't have any link aggregation setup between the switch and the pfSense box?

    In the first screen shot you have around 200Mbps on your LAN interface. Since you have WANs of 25+16Mbps the majority of that LAN traffic must have been going to another internal interface. Do you want/need that traffic to be going through the pfSense box? Are you running Squid or Snort on those internal interfaces?

    In your recent screenshot we can see 16Mbps of traffic on WAN with 21% CPU usage. That implies that your current machine should be able to support your total WAN side traffic without a problem. However if you're routing internal subnets it will not.

    Steve

    Yeah I dont need it to manage it, I have windows using NIC teaming not sure how it does it but it seems to be allowing more then 1gb throughput.
    I Turned off squid and now usage isnt going through the box. I must of had it setup wrong.



  • I see there are 2 Hyper-V hosts. I assume they have Quad Gigabit both.
    You'll not get more than 1Gbit on server-client connection, but You can get more when server-multiple-clients are connected or/and they use different IP subnets.
    Here is good explanation how to use Network Teaming with Intels:
    http://www.intel.com/support/network/sb/cs-009747.htm
    Note, that according to Best Practices You should have at least 2 separate Gigabit switches for redundancy.
    You may hit internal forwarding limit on this single switch.. (at least - We DID ;D now I know that Gigabit doesn't always mean Gigabit..)
    You should use LACP (dynamic) or no-LACP (static) Link Aggregation which has to be supported by the switch.
    SQUID can mess up things since it's redirecting requests on LAN interface..

    EDIT: In Your case You should be interested in Virtual Machine Load Balancing (VMLB)