Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How Far Have You Scaled Your PFS Box?

    Scheduled Pinned Locked Moved General pfSense Questions
    61 Posts 29 Posters 49.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R Offline
      rexis
      last edited by

      Of all the imaginable settings I believe has been all tried out. I am still new and still feel like didn't even figured out how 10% of PFS works, anyhow here is my set up:

      8 PFS(1.2.3) on different subnets in one single LAN, providing wifi to a group of university students of some 20k from several campuses spread over different geographical location, CP is enable and auth'ing on windows server RADIUS so everybody login with their AD accounts. Squid is on transparent mode. Of course, the DHCP range won't be enough for all of them, I am getting maximum some 400 concurrent CP users logged in.

      I am interested to know that of all the scale you guys have here, how do you keep track of your servers and total bandwidth usage? Who downloaded most ahemm cartoon? Total connected users? Server load… etc

      NMAP and Nagios is one way to find out if your servers are alive and how well they are doing. But here is how I did it:

      From a dedicated linux box, have all the ssh keys set up, then make a bash script that looks something like:

      get_stat=$(
      ssh $host "grep -c "192.168." /var/db/captiveportal.db;
      grep -c "192.168." /var/dhcpd/var/db/dhcpd.leases;
      grep -c "active" /var/dhcpd/var/db/dhcpd.leases")

      Then make it into a function so you can do something like:
      getpfsstat "pflondon"
      getpfsstat "pfnewyork"
      getpfsstat "pfkinabalu"

      And arrange the output nicely on the screen with simple printf:

      Server: London
      Status: up users: 98, dhcpd: 269, active: 180
      Server: New York
      Status: up users: 78, dhcpd: 384, active: 172
      Server: Kinabalu
      Status: OMG SERVER DOWN HIT PANIC BUTTON NOW

      Run# watch -n20 ./servermonitor.sh
      And then you can happily counting how many total users you got over your network :D

      Optionally you can also output to a html file, host it on lighttpd. Then you can access to that webpage and brag about how many people is using your servers now.

      Now, seriously, has this been a common practice or I have been doing a simple thing complicated way...

      @dnky_bones:

      Fun to see a thread I started so long ago still kicking :)

      Fun to see that the TS is still kicking too :)

      @elalcaudon:

      'm actually in the middle of this argument with one of my bosses.  He wants Cisco, mainly because of paid support - which I completely understand.  I told him I'm more comfortable with pfsense, I know what it can and can't do.  I don't know anything about Cisco IOS.

      You can fire your boss, Cisco won't, that's why. :p

      nix noob

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.