• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Hardware and performance

Scheduled Pinned Locked Moved Hardware
2 Posts 2 Posters 1.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • E Offline
    ewanmcleanhelms
    last edited by Nov 11, 2015, 11:24 AM

    Hi

    I'm trying to use pfsense as a firewall/router/web filter/IDS. It will sit between my edge switch and my ISP-managed router. The only real routing bit will be the occasional inter-VLAN stuff plus acting as a gateway for internet traffic.

    I have managed to get it all setup including with snort etc. and it seems to be working however the performance is terrible. It can take a good ten seconds to load a google search, but then sometimes it's instant. And on AJAX heavy pages like our IT helpdesk it just crumbles. It also seems to cause problems with Outlook and certain file attachments on our CRM but I think this is likely due to misconfigured snort settings etc.

    The server has the following hardware. We have a 50mbps internet pipe but I'm only trying this with one user right now and it's like this. Am i skimping on hardware?

    Thanks

    Dell PowerEdge 860
    Processor: 2.40 GHz Dual-Core Xeon (3060) - 800/4MB
    Memory: 8GB - (4 x 2GB) - DDR2 - DDR2 ECC
    Hard Drive #1: 80GB - SATA II - 7200RPM
    PCIe Card #1 (FH): Dual Port Gigabit NIC - PCIe

    1 Reply Last reply Reply Quote 0
    • ? This user is from outside of this forum
      Guest
      last edited by Nov 11, 2015, 2:35 PM

      I'm trying to use pfsense as a firewall/router/web filter/IDS.

      Nearly a really UTM without AV scanning, or?

      For how many users this pfSense box must be running well, please?
      200, 400 or 1000 users? A greater or newer model should be used
      Witch other services do you use that are "eating" the CPU power?
      Perhaps something like DPI?
      Another CPU would be fine
      Do you use Squid as a proxy?
      Perhaps a SSD will help speeding things up?

      Processor: 2.40 GHz Dual-Core Xeon (3060) - 800/4MB

      Available for ~$10 at eBay

      Memory: 8GB - (4 x 2GB) - DDR2 - DDR2 ECC

      Ok

      Hard Drive #1: 80GB - SATA II - 7200RPM

      A mSATA or SATA III SSD would be fine and would be speeding up caching using Squid.

      PCIe Card #1 (FH): Dual Port Gigabit NIC - PCIe

      Can be all, please tell us the vendor or upgrade this against a Dual or Quad Port card from Intel.

      There are many options for you:

      • Upgrading the existing box with a SSD and an Intel server NIC (2 or 4 Port)
        If this not is helping out, you could use this as spare parts for another one!
      • Intel Celeron J1900 pfsense Box Box 1 Box 2
      • SG-2440, SG-4860 or SG-8860 units from the pfSense store
      • Self made box based on Supermicro Intel Atom C2000 (Rangeley) Boards
      • Axiomtek NA342, NA342R, NA361, NA361R appliances
      • Xeon E3-1241 Quad Core CPU starting @3,0GHz
      • Intel Xeon D-1540

      For sure not only for the 50 MBit/s WAN throughput but more tended to the other services you run on the box
      and perhaps the number of users this box is serving.

      1 Reply Last reply Reply Quote 0
      2 out of 2
      • First post
        2/2
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        This community forum collects and processes your personal information.
        consent.not_received