Re: [pfSense Support] Re: Can't get more than 15kpps.
On Wed, Jul 29, 2009 at 11:38 PM, Chris Buechler c...@pfsense.org wrote: On Wed, Jul 29, 2009 at 3:38 PM, Lennyfive2one.le...@gmail.com wrote: That's all understandable when speaking of errors and packet loss, but would it really cause the CPU hit 100% at 50kpps? both em0 and em1? By the way, it worked for 3 weeks with regular load (about 10kpps) and the CPU was around 20%(each) and there were no errors. That indicates the errors are related to the load, rather than something like a duplex mismatch. Have you tried polling? Checkbox in System - Advanced. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org I have in the past, not with the recent setup. As far as I understood it doesn't help much in the latest releases of FreeBSD.
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Wed, Jul 29, 2009 at 11:27 PM, Evgeny Yurchenko evgeny.yurche...@frontline.ca wrote: *From:* Lenny [mailto:five2one.le...@gmail.com] *Sent:* July 29, 2009 3:38 PM Evgeny Yurchenko wrote: I would try to swap cables and interfaces in config and see errors. Do they go to em0? stay on em1? It's pointless trying to fix tcp/ip without eliminating problem on media. Eugene. That's all understandable when speaking of errors and packet loss, but would it really cause the CPU hit 100% at 50kpps? both em0 and em1? By the way, it worked for 3 weeks with regular load (about 10kpps) and the CPU was around 20%(each) and there were no errors. Lenny. 10kpps - 20% CPU 50kpps - 100% CPU looks like we have some logic here. I've looked at my graphs - there is no relation between cpu load and pps. Do you have this relation? Not talking about your extreme case 50kpps, generally - when load fluctuates let's say 10 to 15kpps, does you cpu load also goes higher/lower? I experienced 100% CPU only in two cases: 1) Multicast went from LAN to WAN and caused storm (in carped setup) 2) There is known bug with slbd. Eugene I'm attaching links to the RRD graphs from the same period. http://img119.imageshack.us/img119/1573/statusrrdgraphimgcpu.png http://img253.imageshack.us/img253/4677/statusrrdgraphimgpacket.png http://img248.imageshack.us/img248/4779/statusrrdgraphimgtraffi.png http://img75.imageshack.us/img75/168/statusrrdgraphimgqualit.png Lenny.
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Wed, Jul 29, 2009 at 11:27 PM, Evgeny Yurchenko evgeny.yurche...@frontline.ca wrote: 10kpps - 20% CPU 50kpps - 100% CPU looks like we have some logic here. I've looked at my graphs - there is no relation between cpu load and pps. Do you have this relation? Not talking about your extreme case 50kpps, generally - when load fluctuates let's say 10 to 15kpps, does you cpu load also goes higher/lower? I experienced 100% CPU only in two cases: 1) Multicast went from LAN to WAN and caused storm (in carped setup) 2) There is known bug with slbd. Eugene Please remember that the CPU is at 25% because I have 8 cores. So it's 2 cores, each 100% emX taskq.
Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you.
This is a good example, why bottom-posting sucks... Why do i need to scroll past all previous teks i read just few seconds ago, following that thread? If i need to read it, then i could scroll down, but rarely there is need for that. -- Veiko iggd...@gmail.com wrote: On Wed, Jul 29, 2009 at 1:33 PM, Curtis LaMasters curtislamast...@gmail.com mailto:curtislamast...@gmail.com wrote: And I think the point is being missed. WHY WAS MY MESSAGE VIEWED AS TOP POSTED. Ok, I committed my internet crime of YELLING in caps for the day. In Gmail, is there a proper way to not top post? Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com On Wed, Jul 29, 2009 at 12:28 PM, David Burgessapt@gmail.com mailto:apt@gmail.com wrote: On Wed, Jul 29, 2009 at 11:25 AM, Curtis LaMasterscurtislamast...@gmail.com mailto:curtislamast...@gmail.com wrote: Thanks Scott. I know what top posting is...I just don't know why you think I did. I hit reply, type my message and go forth. Didn't think it needed to be any harder than that. It can be a lot harder than that. It's effectively illustrated in the links that Scott provided. A little effort in replying can save a lot of wasted effort in trying to bring oneself up to speed or refresh one's memory on a long thread. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org flick the scroll wheel to get to the bottom of the post basically. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you.
I think that top-posting is better or simpler top-posting is more natural, everything in the nature that is newer is on the top ... this is what we as first see on the other hand we are more trained to read from top to bottom, the newest words in a message are on the bottom... we write from top to bottom... just my 20ct greetings michael 2009/7/30 Veiko Kukk veiko.k...@krediidipank.ee: This is a good example, why bottom-posting sucks... Why do i need to scroll past all previous teks i read just few seconds ago, following that thread? If i need to read it, then i could scroll down, but rarely there is need for that. -- Veiko iggd...@gmail.com wrote: On Wed, Jul 29, 2009 at 1:33 PM, Curtis LaMasters curtislamast...@gmail.com mailto:curtislamast...@gmail.com wrote: And I think the point is being missed. WHY WAS MY MESSAGE VIEWED AS TOP POSTED. Ok, I committed my internet crime of YELLING in caps for the day. In Gmail, is there a proper way to not top post? Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com On Wed, Jul 29, 2009 at 12:28 PM, David Burgessapt@gmail.com mailto:apt@gmail.com wrote: On Wed, Jul 29, 2009 at 11:25 AM, Curtis LaMasterscurtislamast...@gmail.com mailto:curtislamast...@gmail.com wrote: Thanks Scott. I know what top posting is...I just don't know why you think I did. I hit reply, type my message and go forth. Didn't think it needed to be any harder than that. It can be a lot harder than that. It's effectively illustrated in the links that Scott provided. A little effort in replying can save a lot of wasted effort in trying to bring oneself up to speed or refresh one's memory on a long thread. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org flick the scroll wheel to get to the bottom of the post basically. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- = = = m i c h a e l - s c h u h . n e t = = = Projektmanagement - IT-Consulting - Professional Services IT Michael Schuh Postfach 10 21 52 66021 Saarbrücken phone: 0681/8319664 mobil: 0175/5616453 @: m i c h a e l . s c h u h @ g m a i l . c o m = = = Ust-ID: DE251072318 = = = - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Help on Simple FailOver Scenario (Dual Wan)
Hi, I have just posted a help request on pfSense Forum but I don't know if this list is watching the forum itself and all help is appreciated. I have built a simple FailOver Scenario but I can't get it to work. I know I need to add a FailOver Pool and Add rules to the LAN Interface and finally, add NAT rules, but... Can someone help me please on this? http://forum.pfsense.org/index.php/topic,18136.0.html Thanks in advance PS: Yes I have readed [http://doc.pfsense.org/index.php/MultiWanVersion1.2 ], but maybe I've missed something
Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you.
On Thu, Jul 30, 2009 at 02:08:38PM +0300, Veiko Kukk wrote: This is a good example, why bottom-posting sucks... God gracious help us. What's wrong with interleaved posting? Why do i need to scroll past all previous teks i read just few seconds ago, following that thread? Because they're Doing It Wrong(tm). If i need to read it, then i could scroll down, but rarely there is need for that. Thinking does help, at times. -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] pfsense 1.2.2 adding queue no rrd graph for added queue....
Hello every one. While adding a new queue after wizard is created I want to see data passing through this queue but rrd graph do not display information about that so from where can I get that information. I curiously waiting for your reply.. All suggestion will be appreciated. Thanks in advance. Regards, Vinit
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Thu, Jul 30, 2009 at 3:25 AM, Lennyfive2one.le...@gmail.com wrote: I have in the past, not with the recent setup. As far as I understood it doesn't help much in the latest releases of FreeBSD. It can if you're getting killed by interrupts but that doesn't seem to be the case. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Thu, Jul 30, 2009 at 4:00 PM, Chris Buechler cbuech...@gmail.com wrote: On Thu, Jul 30, 2009 at 3:25 AM, Lennyfive2one.le...@gmail.com wrote: I have in the past, not with the recent setup. As far as I understood it doesn't help much in the latest releases of FreeBSD. It can if you're getting killed by interrupts but that doesn't seem to be the case. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org Right. So do you have any other ideas? I NEED this to work. Lenny.
RE: [pfSense Support] Re: Can't get more than 15kpps.
From: Lenny [mailto:five2one.le...@gmail.com] Sent: July 30, 2009 3:28 AM On Wed, Jul 29, 2009 at 11:27 PM, Evgeny Yurchenko evgeny.yurche...@frontline.ca wrote: From: Lenny [mailto:five2one.le...@gmail.com] Sent: July 29, 2009 3:38 PM Evgeny Yurchenko wrote: I would try to swap cables and interfaces in config and see errors. Do they go to em0? stay on em1? It's pointless trying to fix tcp/ip without eliminating problem on media. Eugene. That's all understandable when speaking of errors and packet loss, but would it really cause the CPU hit 100% at 50kpps? both em0 and em1? By the way, it worked for 3 weeks with regular load (about 10kpps) and the CPU was around 20%(each) and there were no errors. Lenny. 10kpps - 20% CPU 50kpps - 100% CPU looks like we have some logic here. I've looked at my graphs - there is no relation between cpu load and pps. Do you have this relation? Not talking about your extreme case 50kpps, generally - when load fluctuates let's say 10 to 15kpps, does you cpu load also goes higher/lower? I experienced 100% CPU only in two cases: 1) Multicast went from LAN to WAN and caused storm (in carped setup) 2) There is known bug with slbd. Eugene I'm attaching links to the RRD graphs from the same period. http://img119.imageshack.us/img119/1573/statusrrdgraphimgcpu.png http://img253.imageshack.us/img253/4677/statusrrdgraphimgpacket.png http://img248.imageshack.us/img248/4779/statusrrdgraphimgtraffi.png http://img75.imageshack.us/img75/168/statusrrdgraphimgqualit.png Lenny. Weird, I do not have any relation between cpu and bandwidth/packets: http://img43.imageshack.us/img43/4127/bandwidth.png http://img78.imageshack.us/img78/8375/cpu.png http://img78.imageshack.us/img78/5235/packets.png Eugene
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Thu, Jul 30, 2009 at 4:07 PM, Evgeny Yurchenko evgeny.yurche...@frontline.ca wrote: Weird, I do not have any relation between cpu and bandwidth/packets: http://img43.imageshack.us/img43/4127/bandwidth.png http://img78.imageshack.us/img78/8375/cpu.png http://img78.imageshack.us/img78/5235/packets.png Eugene Is there any possibility of misconfiguration? would attaching of my config.xml be any help? Lenny.
RE: [pfSense Support] Re: Can't get more than 15kpps.
From: Lenny [mailto:five2one.le...@gmail.com] Sent: July 30, 2009 9:16 AM On Thu, Jul 30, 2009 at 4:07 PM, Evgeny Yurchenko evgeny.yurche...@frontline.ca wrote: Weird, I do not have any relation between cpu and bandwidth/packets: http://img43.imageshack.us/img43/4127/bandwidth.png http://img78.imageshack.us/img78/8375/cpu.png http://img78.imageshack.us/img78/5235/packets.png Eugene Is there any possibility of misconfiguration? would attaching of my config.xml be any help? Lenny. My traffic spike is between em and bge interfaces... I have another box with two bge interfaces with load peaking at 250Mb/s and packets 24kpps and there I have cpu-bandwidth relation. If you do not mind you can send my your config, but I doubt that there is a problem at this high level. What about interrupt numbers? Two nics use different interrupts, right? Eugene.
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Thu, Jul 30, 2009 at 4:25 PM, Evgeny Yurchenko evgeny.yurche...@frontline.ca wrote: My traffic spike is between em and bge interfaces... I have another box with two bge interfaces with load peaking at 250Mb/s and packets 24kpps and there I have cpu-bandwidth relation. If you do not mind you can send my your config, but I doubt that there is a problem at this high level. What about interrupt numbers? Two nics use different interrupts, right? Eugene. # dmesg | grep irq ioapic1 Version 2.0 irqs 24-47 on motherboard ioapic0 Version 2.0 irqs 0-23 on motherboard em0: Intel(R) PRO/1000 Network Connection 6.9.6 port 0x5000-0x503f mem 0xc6fe-0xc6ff,0xc6f8-0xc6fb irq 24 at device 1.0 on pci20 em1: Intel(R) PRO/1000 Network Connection 6.9.6 port 0x5040-0x507f mem 0xc6fc-0xc6fd irq 25 at device 1.1 on pci20 bce0: Broadcom NetXtreme II BCM5708 1000Base-T (B2) mem 0xc800-0xc9ff irq 18 at device 0.0 on pci4 aac0: IBM ServeRAID-8k port 0x4000-0x40ff mem 0xcce0-0xccff,0xcafe-0xcaff irq 17 at device 0.0 on pci2 pcib12: ACPI PCI-PCI bridge irq 16 at device 28.0 on pci0 bce1: Broadcom NetXtreme II BCM5708 1000Base-T (B2) mem 0xce00-0xcfff irq 16 at device 0.0 on pci6 uhci0: Intel 631XESB/632XESB/3100 USB controller USB-1 port 0x2200-0x221f irq 23 at device 29.0 on pci0 uhci1: Intel 631XESB/632XESB/3100 USB controller USB-2 port 0x2600-0x261f irq 22 at device 29.1 on pci0 uhci2: Intel 631XESB/632XESB/3100 USB controller USB-3 port 0x2a00-0x2a1f irq 23 at device 29.2 on pci0 ehci0: Intel 63XXESB USB 2.0 controller mem 0xf900-0xf90003ff irq 23 at device 29.7 on pci0 vgapci0: VGA-compatible display port 0x3000-0x30ff mem 0xd000-0xd7ff,0xdfff-0xdfff irq 22 at device 1.0 on pci1 sio0: 16550A-compatible COM port port 0x3f8-0x3ff irq 4 flags 0x10 on acpi0 atkbd0: AT Keyboard irq 1 on atkbdc0 sio1: configured irq 3 not in bitmap of probed irqs 0 looks like it.
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Thu, Jul 30, 2009 at 4:25 PM, Evgeny Yurchenko evgeny.yurche...@frontline.ca wrote: My traffic spike is between em and bge interfaces... I have another box with two bge interfaces with load peaking at 250Mb/s and packets 24kpps and there I have cpu-bandwidth relation. If you do not mind you can send my your config, but I doubt that there is a problem at this high level. What about interrupt numbers? Two nics use different interrupts, right? Eugene. This is my config, aliases and most rules removed. ?xml version=1.0? pfsense version3.0/version lastchange/ themenervecenter/theme system optimizationnormal/optimization hostnamepfsense/hostname domainlocal/domain usernameadmin/username passwordsomepass/password timezoneAsia/Jerusalem/timezone time-update-interval/ timeservers0.pfsense.pool.ntp.org/timeservers webgui protocolhttp/protocol certificate/ private-key/ port/ /webgui disablenatreflectionyes/disablenatreflection ssh authorizedkeys/ port/ /ssh enablesshdyes/enablesshd maximumstates100/maximumstates shapertype/ dnsserver208.67.220.220/dnsserver dnsserver208.67.222.222/dnsserver dnsallowoverride/ /system interfaces lan ifbce0/if ipaddr192.168.0.249/ipaddr subnet24/subnet media/ mediaopt/ bandwidth100/bandwidth bandwidthtypeMb/bandwidthtype /lan wan ifem0/if mtu/ media/ mediaopt/ bandwidth100/bandwidth bandwidthtypeMb/bandwidthtype spoofmac/ disableftpproxy/ ipaddrx.x.x.104/ipaddr subnet28/subnet gatewayx.x.x.97/gateway blockpriv/ blockbogons/ /wan opt1 ifem1/if descrOPTICAL/descr bridge/ enable/ ipaddry.y.y.25/ipaddr subnet29/subnet gateway/ spoofmac/ mtu/ /opt1 opt2 ifbce1/if descrOPT2/descr /opt2 /interfaces staticroutes route interfaceopt1/interface networkz.z.z.160/27/network gatewayy.y.y.26/gateway descr/ /route /staticroutes pppoe username/ password/ provider/ /pppoe pptp username/ password/ local/ subnet/ remote/ /pptp bigpond username/ password/ authserver/ authdomain/ minheartbeatinterval/ /bigpond dyndns typedyndns/type username/ password/ host/ mx/ /dyndns dhcpd lan range from192.168.1.10/from to192.168.1.245/to /range defaultleasetime/ maxleasetime/ netmask/ failover_peerip/ gateway/ ddnsdomain/ next-server/ filename/ /lan /dhcpd pptpd mode/ redir/ localip/ remoteip/ /pptpd ovpn/ dnsmasq enable/ /dnsmasq snmpd syslocation/ syscontact/ rocommunitypublic/rocommunity /snmpd diag ipv6nat/ /diag bridge/ syslog nentries50/nentries filter/ system/ dhcp/ remoteservers.s.s.129/remoteserver enable/ nologdefaultblock/ /syslog nat ipsecpassthru/ advancedoutbound enable/ /advancedoutbound /nat filter rule typepass/type interfacewan/interface max-src-nodes/ max-src-states/ statetimeout/ statetypekeep state/statetype os/ protocoltcp/protocol source any/ /source destination addressSquids_VIP/address port80/port /destination descrAllow http to squids./descr /rule some wan rules removed. rule typepass/type interfaceopt1/interface max-src-nodes/ max-src-states/ statetimeout/ statetypekeep state/statetype os/ source networkopt1/network /source destination networkopt1/network /destination descr/ /rule rule typepass/type interfaceopt1/interface max-src-nodes/ max-src-states/ statetimeout/
Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you.
On Thu, Jul 30, 2009 at 8:21 AM, Eugen Leitleu...@leitl.org wrote: On Thu, Jul 30, 2009 at 02:08:38PM +0300, Veiko Kukk wrote: This is a good example, why bottom-posting sucks... God gracious help us. What's wrong with interleaved posting? Why do i need to scroll past all previous teks i read just few seconds ago, following that thread? Because they're Doing It Wrong(tm). If i need to read it, then i could scroll down, but rarely there is need for that. Thinking does help, at times. -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ I agree with Eugen. Folks, this is the lists rules. If you do not like it I kindly ask you to go to the forum and participate there. It's either that or I will stop reading these lists altogether. Bottom post or do not post at all. Thanks. Scott PS: my kill bit is armed and folks that continue to do so will be removed from the list. Sorry to be harsh but I have had enough with this subject. Thanks. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Thu, Jul 30, 2009 at 9:32 AM, Lennyfive2one.le...@gmail.com wrote: bce0: Broadcom NetXtreme II BCM5708 1000Base-T (B2) mem 0xc800-0xc9ff irq 18 at device 0.0 on pci4 Are things any better/different if you use the onboard Broadcom NICs instead? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Thu, Jul 30, 2009 at 8:06 PM, Chris Buechler c...@pfsense.org wrote: On Thu, Jul 30, 2009 at 9:32 AM, Lennyfive2one.le...@gmail.com wrote: bce0: Broadcom NetXtreme II BCM5708 1000Base-T (B2) mem 0xc800-0xc9ff irq 18 at device 0.0 on pci4 Are things any better/different if you use the onboard Broadcom NICs instead? - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org Actually I've never tried with this server. Only with the old one and then the interrupt was pretty high. But I remember you and the other guys advised against using Broadcom in favor of Intel. Are you suspecting the NIC itself? Or the driver? Lenny.
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Thu, Jul 30, 2009 at 1:17 PM, Lennyfive2one.le...@gmail.com wrote: Actually I've never tried with this server. Only with the old one and then the interrupt was pretty high. But I remember you and the other guys advised against using Broadcom in favor of Intel. Are you suspecting the NIC itself? Or the driver? Driver, maybe in combination with that specific NIC model. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: Can't get more than 15kpps.
On Thu, Jul 30, 2009 at 8:21 PM, Chris Buechler c...@pfsense.org wrote: On Thu, Jul 30, 2009 at 1:17 PM, Lennyfive2one.le...@gmail.com wrote: Actually I've never tried with this server. Only with the old one and then the interrupt was pretty high. But I remember you and the other guys advised against using Broadcom in favor of Intel. Are you suspecting the NIC itself? Or the driver? Driver, maybe in combination with that specific NIC model. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org OK, then should I just install the stable 1.2.2 version?
RE: [pfSense Support] Re: Can't get more than 15kpps.
Date: Thu, 30 Jul 2009 20:24:27 +0300 From: five2one.le...@gmail.com To: support@pfsense.com Subject: Re: [pfSense Support] Re: Can't get more than 15kpps. On Thu, Jul 30, 2009 at 8:21 PM, Chris Buechler c...@pfsense.org wrote: On Thu, Jul 30, 2009 at 1:17 PM, Lennyfive2one.le...@gmail.com wrote: Actually I've never tried with this server. Only with the old one and then the interrupt was pretty high. But I remember you and the other guys advised against using Broadcom in favor of Intel. Are you suspecting the NIC itself? Or the driver? Driver, maybe in combination with that specific NIC model. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org OK, then should I just install the stable 1.2.2 version? I would think you should stay with what you have, the RC's are always pretty high quality and then you can compare results directly with what happened using the Intel NIC. If you change the pfSense version then the comparison fails because of different software and all that. _ Windows Live™ Hotmail®: Search, add, and share the web’s latest sports videos. Check it out. http://www.windowslive.com/Online/Hotmail/Campaign/QuickAdd?ocid=TXT_TAGLM_WL_QA_HM_sports_videos_072009cat=sports
[pfSense Support] BGP status
Any word on BGP status. or a simple alternative, until pfsense has BGP function? -chris - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] BGP status
On Thu, Jul 30, 2009 at 2:19 PM, Chris Flugstadch...@cascadelink.com wrote: Any word on BGP status. or a simple alternative, until pfsense has BGP function? BGP has existed in system - packages for 2+ years. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] BGP status
how did i miss all these packages that were available to install via the gui. now i got a lot of fun stuff to play with over the weekend. thanks, and sorry for being such a nuckle head ;) -topher Scott Ullrich wrote: On Thu, Jul 30, 2009 at 2:19 PM, Chris Flugstadch...@cascadelink.com wrote: Any word on BGP status. or a simple alternative, until pfsense has BGP function? BGP has existed in system - packages for 2+ years. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] BGP status
-- From: Chris Flugstad ch...@cascadelink.com Sent: Thursday, July 30, 2009 6:18 PM To: support@pfsense.com Subject: Re: [pfSense Support] BGP status how did i miss all these packages that were available to install via the gui. that's actually kinda funny considering that's the one main benefit that pfSense has over other software firewalls - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] IGMP packet out of WAN
From: Ermal Luçi [mailto:ermal.l...@gmail.com] Sent: July 25, 2009 5:30 PM On Sat, Jul 25, 2009 at 9:55 PM, Evgeny Yurchenkoevgeny.yurche...@frontline.ca wrote: What I am trying to understand here is how should it work? 'IGMP proxy' means that it should proxy IGMP-packets. Ok, now I got it working with some modification of its code. Now IGMP from downstream interface is proxied to upstream interface. Device on upstream interface start multicasting on this network segment, so pfSense starts receiving multicast stream on upstream interface. Now the question, what should happen with these multicast packets? 1) kernel shoud route them to downstream interface. 2) igmpproxy should be receiving them and transmitting on downstream interface. Your thoughts please? Yeah kernel should do the routing. I think there might be a sysctl for alloing multicast forwarding to work but that should be activated when you create the socket(to be verified!). I will give it a look soon and find the solution that feets all. Though on 2.0 based on 8.0 freebsd it works without as it is. I was stupid enough sending multicast UDP traffic with TTL=1 (although settings in my player were telling me 10). Everything is working fine now. No static routes needed. Multicast routing is done by kernel. Upstream interface starts receiving mcast packets as soon as you call setsockopt(UdpSock, IPPROTO_IP, IP_ADD_MEMBERSHIP ... ). Downstream interface starts transmitting mcast packets as soon as you call setsockopt( MRouterFD, IPPROTO_IP, MRT_ADD_MFC, ...). The code of igmpproxy is heavily inherited from mrouted and actual proxying of IGMP-packets does not happen. It is not a problem if mcast sender on upstream interface does not care about memberships and just multicasts always, but if it is wise sender, or if sender is located in several routers upstream then IGMP is needed. So I fixed this small issue for 1.2.2 (I have only this development version). There was another problem with understanding interfaces consisting of more than 3 letters (em1 - ok, bge1 - can't start), also fixed. Could somebody validate and put my several lines of code in repository please? How does it work at all - if somebody found solution for some problem, what to do? Thank you. Eugene. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] A note about top vs bottom posting ...
-Original Message- From: Scott Ullrich [mailto:sullr...@gmail.com] Sent: July-30-09 9:47 AM To: support@pfsense.com Subject: Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you. It's either that or I will stop reading these lists altogether. I don't want to add to this thread, other than to say that I hope it doesn't come to that. Your input is highly valued here. (Along with Chris Buechler as well, or course.) This list is great, and there is allot of valuable information provided here for us pf-anatics. Bottom post or do not post at all. Thanks. Amen. Thanks for providing pfSense pfDNS as well as taking the time to support it via this list. Fantastic work, guys! Best regards, Michael - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you.
intentionally not trimming - see below On Wed, Jul 29, 2009 at 12:55 PM, apiase...@midatlanticbb.comapiase...@midatlanticbb.com wrote: iggd...@gmail.com wrote: On Wed, Jul 29, 2009 at 1:45 PM, Curtis LaMasters curtislamast...@gmail.com mailto:curtislamast...@gmail.com wrote: Gotta tell you guys...this is out right frustrating. Is it the fact that I'm using Gmail or that by definition, threading in email is broken by design. I would have imagined that the Spamassassin mailing list would have eaten all Gmail users alive if Gmail were the issue. Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com On Wed, Jul 29, 2009 at 12:42 PM, David Burgessapt@gmail.com mailto:apt@gmail.com wrote: The current is an example of top-posting, in response to your top-post. I don't think you've bottom-posted in this thread yet. db On Wed, Jul 29, 2009 at 11:41 AM, Curtis LaMasterscurtislamast...@gmail.com mailto:curtislamast...@gmail.com wrote: To which one? Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com On Wed, Jul 29, 2009 at 12:40 PM, David Burgessapt@gmail.com mailto:apt@gmail.com wrote: Yes. On Wed, Jul 29, 2009 at 11:38 AM, Curtis LaMasterscurtislamast...@gmail.com mailto:curtislamast...@gmail.com wrote: This is top posting apparently. Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com On Wed, Jul 29, 2009 at 12:34 PM, iggd...@gmail.com mailto:iggd...@gmail.com wrote: On Wed, Jul 29, 2009 at 1:33 PM, Curtis LaMasters curtislamast...@gmail.com mailto:curtislamast...@gmail.com wrote: And I think the point is being missed. WHY WAS MY MESSAGE VIEWED AS TOP POSTED. Ok, I committed my internet crime of YELLING in caps for the day. In Gmail, is there a proper way to not top post? Curtis LaMasters http://www.curtis-lamasters.com http://www.builtnetworks.com This is a middle post, All beware who reads the middle post. On Wed, Jul 29, 2009 at 12:28 PM, David Burgessapt@gmail.com mailto:apt@gmail.com wrote: On Wed, Jul 29, 2009 at 11:25 AM, Curtis LaMasterscurtislamast...@gmail.com mailto:curtislamast...@gmail.com wrote: Thanks Scott. I know what top posting is...I just don't know why you think I did. I hit reply, type my message and go forth. Didn't think it needed to be any harder than that. It can be a lot harder than that. It's effectively illustrated in the links that Scott provided. A little effort in replying can save a lot of wasted effort in trying to bring oneself up to speed or refresh one's memory on a long thread. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org flick the scroll wheel to get to the bottom of the post basically. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com mailto:support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com mailto:support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail:
Re: [pfSense Support] A note about top vs bottom posting -- please read and make sure you bottom post on our lists. Thank you.
On Thu, Jul 30, 2009 at 6:08 AM, Veiko Kukkveiko.k...@krediidipank.ee wrote: This is a good example, why bottom-posting sucks... Why do i need to scroll past all previous teks i read just few seconds ago, following that thread? If i need to read it, then i could scroll down, but rarely there is need for that. A good MUA will hide the quoted text. Thus allowing you to see context of interleaved comments when you wish to. A good poster will also trim crap that isn't pertinent to his message or doesn't provide any contextual value. As Michael notes, people read top to bottom, I don't want to read something, wonder what the hell it's about and scroll to the bottom to figure it out, I'll just move on. --Bill - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org