How Many clients are capable to manage at the same time de captive portal?



  • Hi,
    I have installed a PFsense with the last firmware, 2.1.5 in a càmping with a Capitve portal, in august the captive portal it's over 500 persons Connected in, and the pfsense begin to lose packets, and its not capable to manipulate this working charge. Any Idea to solve this problem ? when it runs over 300 it Works with any problem…can you help me?
    Thank you,
    Josep,


  • Netgate

    I've pushed 4000 active captive portal sessions with minimal CPU load (say 10% max) and 150Mbits in.out.  Sounds like you might need beefier hardware.



  • How many access points did you have hanging off pfsense for 4K Captive Portal clients? Were they all wireless clients?AP Radio details Please(Dual-Tri Mode/indoor ect). I assume your running rackmount pfsense for that kind of load..Are the Access Points using POE?
    Thanks Again Frank


  • Netgate

    Hundreds of APs.  All PoE.  They log in through the portal once and I am currently using an 18-hour idle timeout with no hard timeout.  Working pretty well.  Those around for multiple days usually only have to navigate the portal once.

    Yes, it's an IBM rackmount with Intel(R) Xeon(TM) CPU 3.60GHz 4 CPUs: 2 package(s) x 1 core(s) x 2 HTT threads.  Currently at 1GB RAM.



  • Thanks for yours answers,
    I can't understand, normally i use a Intel Xeon CPU E3-1220 v2 3.10Ghz 4CPU's 1 Package x 4 Cores, but if i use a normal pc, the cpu's doesn't arribe at 10% of cpu too, even if you use a powerful server or a normal PC CPU does not consume more than 10%. When we connect more 500 people, the problems begin and also if i  active the traffic shaper although there are only 50 people in the pfsense 2 hours and was very slow, even though the CPU continues at 10%. I have tried diferents options, but i am not capable to solved. Can I see and screen shoot with your 4000 clients and your traffic graph ? Wich is your internet connection(wan)? and your configuration?

    The internet connection i use, is a wimax with a 18Mbps in and 9 Out. I have a lot of Ubiquiti antens, may be with the latency, i don't know what i have to do to solve my problem… I've a big problem...
    Thanks a lot for your help,
    Josep


  • Netgate

    I'm not running shaping but I am limiting traffic for each user.  I'm not doing this in CP settings but manually in traffic shaper/limiter.

    Seems that if your problem was captive portal sessions or pfSense in general, it would manifest itself in running short on CPU, memory, states, mbufs, or some other resource.

    You need to graph everything over time and look for flat lines where normal peaks should be.  Flat lines are bad.

    I don't quite understand how you expect to service 500 simultaneous users on 18Mbps.

    Post up a daily and weekly rrd graph of your LAN traffic, CP Sessions, WAN Traffic and WAN gateway quality.  (Status->RRD Graphs.)



  • Normally, when  I see 500 Connected persons, with a 18 Mbps in wimax, and they consum 10/11/12Mbps. The consum not arrive to 18Mbps..but as well the connection are very slowly or unrunning…


  • Netgate

    Which is why you need to look at history (graphs) because if you have a flat line at 12Mbps, then that's all you have, not 18.  Don't guess.  Measure, log, and evaluate.

    WAN gateway quality graph will likely show you exactly why it's slow.