Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Hardware and performance

    Scheduled Pinned Locked Moved Hardware
    2 Posts 2 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      ewanmcleanhelms
      last edited by

      Hi

      I'm trying to use pfsense as a firewall/router/web filter/IDS. It will sit between my edge switch and my ISP-managed router. The only real routing bit will be the occasional inter-VLAN stuff plus acting as a gateway for internet traffic.

      I have managed to get it all setup including with snort etc. and it seems to be working however the performance is terrible. It can take a good ten seconds to load a google search, but then sometimes it's instant. And on AJAX heavy pages like our IT helpdesk it just crumbles. It also seems to cause problems with Outlook and certain file attachments on our CRM but I think this is likely due to misconfigured snort settings etc.

      The server has the following hardware. We have a 50mbps internet pipe but I'm only trying this with one user right now and it's like this. Am i skimping on hardware?

      Thanks

      Dell PowerEdge 860
      Processor: 2.40 GHz Dual-Core Xeon (3060) - 800/4MB
      Memory: 8GB - (4 x 2GB) - DDR2 - DDR2 ECC
      Hard Drive #1: 80GB - SATA II - 7200RPM
      PCIe Card #1 (FH): Dual Port Gigabit NIC - PCIe

      1 Reply Last reply Reply Quote 0
      • ?
        Guest
        last edited by

        I'm trying to use pfsense as a firewall/router/web filter/IDS.

        Nearly a really UTM without AV scanning, or?

        For how many users this pfSense box must be running well, please?
        200, 400 or 1000 users? A greater or newer model should be used
        Witch other services do you use that are "eating" the CPU power?
        Perhaps something like DPI?
        Another CPU would be fine
        Do you use Squid as a proxy?
        Perhaps a SSD will help speeding things up?

        Processor: 2.40 GHz Dual-Core Xeon (3060) - 800/4MB

        Available for ~$10 at eBay

        Memory: 8GB - (4 x 2GB) - DDR2 - DDR2 ECC

        Ok

        Hard Drive #1: 80GB - SATA II - 7200RPM

        A mSATA or SATA III SSD would be fine and would be speeding up caching using Squid.

        PCIe Card #1 (FH): Dual Port Gigabit NIC - PCIe

        Can be all, please tell us the vendor or upgrade this against a Dual or Quad Port card from Intel.

        There are many options for you:

        • Upgrading the existing box with a SSD and an Intel server NIC (2 or 4 Port)
          If this not is helping out, you could use this as spare parts for another one!
        • Intel Celeron J1900 pfsense Box Box 1 Box 2
        • SG-2440, SG-4860 or SG-8860 units from the pfSense store
        • Self made box based on Supermicro Intel Atom C2000 (Rangeley) Boards
        • Axiomtek NA342, NA342R, NA361, NA361R appliances
        • Xeon E3-1241 Quad Core CPU starting @3,0GHz
        • Intel Xeon D-1540

        For sure not only for the 50 MBit/s WAN throughput but more tended to the other services you run on the box
        and perhaps the number of users this box is serving.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.