On 17Sep, 2014, at 07:39, Ryan Coleman <[email protected]> wrote: > Victor, > > You should have absolutely no issues with that particular CPU, it’s pretty > well suited (IMO) for the work at hand. I was going to suggest if it was a > lower powered CPU (I haven’t tried the new APUs but the ALIX Geode) it might > have issues with that many VLANs.
may be > I’m sorry I cannot be of much more help. Thanks for your reply Ryan! Now I have more clear results. Traffic stops for one-two minutes for all incoming connections when I simply add firewall alias and press “Apply”. I think pfsense reload all tables used for all rules at this time. > On Sep 16, 2014, at 22:31, Victor Gamov <[email protected]> wrote: > >> >> On 17Sep, 2014, at 07:07, Ryan Coleman <[email protected]> wrote: >> >>> What hardware are you using? Specifically what model if it’s a negate? >> >> This is Intel-based server: >> Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz >> 4GB mem >> two integrated em NICs (em0 used only) >> >> I’ll check motherboard later but I think it server class motherboard. >> >>> On Sep 16, 2014, at 1:53, Victor Gamov <[email protected]> wrote: >>> >>>> Hi All! >>>> >>>> I have pfsense-2.1.3 with configuration like following: >>>> — one physical interface >>>> — 10 VLANs. All VLANs are OPTx interface (interfaces marked as LAN or WAN >>>> by pfsense are disabled) >>>> — 2 VLANs used to Multi-WAN connection >>>> — 3-4 virtual IP (IP-address aliases) at WAN VLANs >>>> — about 150 aliases with fixed IP and/or DNS-names >>>> — about 25 NAT port-forward rules (from WAN to other interfaces) >>>> — about 20 floating rules >>>> — many rules for every VLAN >>>> >>>> My problem is following. When I add alias or firewall rule and apply it >>>> then port-forward via address aliases at WAN VLANs is not worked about >>>> 1-10 minutes. Sometimes no incoming traffic on this interfaces (looks >>>> like no ARP entries at provider router for this address). Sometimes >>>> traffic blocked by default rule (looks like no other rules installed some >>>> minutes) >>>> >>>> >>>> So my question: is it network/hardware/software problem or it pfsense >>>> feature? (this is my first pfsense installation and first PF experience — >>>> I use FreeBSD and IPFW many years before without any problems) >>>> >>>> Thanks! >>>> -- CU, Victor Gamov [email protected] _______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
