Hi
I know this issue have been raised before, but I haven't really found a
satisfying answer, so here I go again...
My problem is related to sip-nat.
I'm running a network with approximately 2000 home users.
I have choosen pfsense back in the 1.0.1 days, and is still very satisfied
with it's
Pfsense 1.2.2
2 NICS (WAN/LAN)
1 WAN IP
NAT, with outbound NAT set to static port
1 Sip phone
Phone works great (since I read about the static port rule), but if I
use the traffic shaper wizard inbound calls stop working (outbound and
two way audio seems ok). If i disable the shaper, inbound
Hi,
ok, I'm back with some tests and results.
I read a lot about the em driver settings, and this is what I did:
in /etc/sysctl.conf I added:
dev.em.0.rx_processing_limit=1600
dev.em.1.rx_processing_limit=1600
although I also tried -1 and some smaller values.
in /boot/loader.conf I added:
Perfect! It fixed the problem for me
-Original Message-
From: cbuech...@gmail.com [mailto:cbuech...@gmail.com] On Behalf Of Chris
Buechler
Sent: Monday, March 16, 2009 8:57 PM
To: support@pfsense.com
Subject: Re: [pfSense Support] Nat traversal and Asterisk
On Mon, Mar 16, 2009 at 7:52
Nearly always, rewriting source port on SIP breaks it so it's not done
by default. Enable AON and it will be.
On Wed, Mar 18, 2009 at 6:11 AM, and...@fiberby.dk wrote:
Hi
I know this issue have been raised before, but I haven't really found a
satisfying answer, so here I go again...
My
It looked that easy-- just wanted to be sure before messing with a
production set up!
Thanks,
Dimitri Rodis
Integrita Systems LLC
-Original Message-
From: Paul Mansfield [mailto:it-admin-pfse...@taptu.com]
Sent: Wednesday, March 18, 2009 4:45 AM
To: support@pfsense.com
Subject: Re:
Also, while searching the net for the emX taskq solution, I read that few
people are successfully running the modified em driver from Yandex.
This is their README:
RX queue is being processed w/more than one thread. Use sysctl
dev.em.X.rx_kthreads to alter number of threads.
TX interrupts has
You would have to build a kernel yourself without the em/ixgbe modules
to be able to use yandex driver.
Ever checked if you have MSI enabled on your motherboard and what
happens if you disable it?
On Wed, Mar 18, 2009 at 4:27 PM, five2one.le...@gmail.com wrote:
Also, while searching the net for
All,
I've got two wireless segments that I recently tried to implement a
pfsense firewall on. They currently are running with a simple iptables
firewall on a linux box. This works, but I'm trying to streamline a few
things here, and the pfsense firewall seemed like a good fit for what I
was
Hi Chris
Thanks for the quick response. I already tested it, and that solved my
problem.
But your probably also right when you say that it won't fix the actual
problem: SIP does not like NAT.
Keep up the good work...
Kind regards Anders
-Oprindelig meddelelse-
Fra: cbuech...@gmail.com
On Wed, Mar 18, 2009 at 7:32 AM, five2one.le...@gmail.com wrote:
Hi,
ok, I'm back with some tests and results.
I read a lot about the em driver settings, and this is what I did:
in /etc/sysctl.conf I added:
dev.em.0.rx_processing_limit=1600
dev.em.1.rx_processing_limit=1600
although I
On Wed, Mar 18, 2009 at 10:27 AM, five2one.le...@gmail.com wrote:
So the question is, should I go for it? Will it help me in any way? I mean,
if I have 2 Xeon CPUs and Hyper Threading enabled, I can actually divide it
into 4 threads, right?
Don't use hyperthreading. It's likely to cause you
I use Linksys SPA 921 which do a BADASS job of going over NAT. They
have a good "keep alive" function that keeps them nice and cozy behind
a nat. We use them for our hosted pbx product and havent had any
problems.
Chris Flugstad
Cascadelink
900 1st ave s, suite 201a
seattle, wa 98134
p:
What is BADASS and what are you saying here?
It seems to be mixed messages and not consistent to me.
I'd like to understand what it is that you understand please.
Kind regards
David
- Original Message -
From: Chris Flugstad
To: support@pfsense.com
Sent: Thursday, March 19, 2009 7:43 AM
Hi Bill,
thanks for answering.
a couple of questions:
I'm gonna disable hyperthreading tomorrow, but tell me, should I do it
in BIOS and just boot it up,
without any change(reinstall)? or should I use this method:
FreeBSD supports hyperthreading on Intel CPU's on the i386 platform.
Hi,
ok, thanks.
Regarding MSI - I never checked, but as far as I remember the BIOS
settings - I never saw it there.
I'll check tomorrow.
thanks,
Lenny.
Ermal Luçi wrote:
You would have to build a kernel yourself without the em/ixgbe modules
to be able to use yandex driver.
Ever
Just bumping this question up. :)
Best Regards,
Nathan Eisenberg
Atlas Networks, LLC
Phone: 206-577-3078
supp...@atlasnetworks.usmailto:supp...@atlasnetworks.us
www.atlasnetworks.ushttp://www.atlasnetworks.us
From: Nathan Eisenberg
Sent: Tuesday, March 17, 2009 9:54 AM
To: support@pfsense.com
On Wed, Mar 18, 2009 at 4:25 PM, Nathan Eisenberg
nat...@atlasnetworks.us wrote:
Just bumping this question up.
Gary answered it yesterday. The only way it doesn't work that way is
if you have some sort of proxy running on the firewall.
Huh, odd, I didn't get that message.
No proxy, but still seeing the firewall's IP as the source IP. Very confusing.
Best Regards,
Nathan Eisenberg
Atlas Networks, LLC
Phone: 206-577-3078
supp...@atlasnetworks.us
www.atlasnetworks.us
-Original Message-
From: cbuech...@gmail.com
Agi,
Did you get this working at all?
I have the same situation. Two subnets and want my VPN users to access both
subnets.
Regards,
Chuck
From: Agi Subagio [mailto:a...@mbs.co.id]
Sent: Tuesday, February 10, 2009 3:00 AM
To: support@pfsense.com
Subject: Re: [pfSense Support] ip aliases for
On Wed, Mar 18, 2009 at 3:12 PM, Lenny five2one.le...@gmail.com wrote:
Hi Bill,
thanks for answering.
a couple of questions:
I'm gonna disable hyperthreading tomorrow, but tell me, should I do it in
BIOS and just boot it up,
All our older Intel machines had it disabled in BIOS. The
On Wed, Mar 18, 2009 at 3:14 PM, Lenny five2one.le...@gmail.com wrote:
Hi,
ok, thanks.
Regarding MSI - I never checked, but as far as I remember the BIOS settings
- I never saw it there.
I'll check tomorrow.
That reminds me. Our HP gear has an APIC setting in BIOS - we set it
to Full
Seems like I'm ending up asking a lot of questions here lately.
(Long Version)
I have two servers I want to set up as a CARP cluster. So I did, and that's
working fine. The only issue is that the servers only have 2 NICs. I setup a
VLAN on the LAN interface to function as a temporary CARP
On Wed, Mar 18, 2009 at 7:55 PM, Nathan Eisenberg
nat...@atlasnetworks.us wrote:
Is there any provision for doing CARP over serial/SLIP, or do I have to have
a third Ethernet interface?
No, because it wouldn't work unless you have a 512 Kb Internet pipe or
slower. Serial is *way* too slow to
Further, CARP doesn't run on a dedicated NIC, pfsync does (and no,
it's not required, however it isn't encrypted or authenticated).
--Bill
Sent from my iPhone
On Mar 18, 2009, at 7:01 PM, Chris Buechler c...@pfsense.org wrote:
On Wed, Mar 18, 2009 at 7:55 PM, Nathan Eisenberg
Hello Pfsensers!
I need some help with brands of NIC to buy, I need Giga ether cards
with more or less 300kpps (real throughput) only for routing.
What card is the best for this? Intel? 3com? What model?
Can anyone help me?
So I have a pfsense router in my colospace, and 1 out on a cable
connection. I want to be able to setup a block on the LAN side of the
pfsense box in my colospace, and use that block or ip's on the same
subnet on the other side, going over the vpn. Is this doable?
Chris Flugstad
Cascadelink
Some phones, such as the SPA921 will have a "keep alive" function or
NAT transversal. This will allow the phone to not disappear from
behind a firewall. So you could take the phone and stick it on any
192.XXX home network/office network and it will connect to a voip
server and not go missing
Also forgot to note, that most phones will register on port 5060. This
however behind a NAT wont work if you have more than 1 phone. You will
have to statically configure the port different on each port OR someone
phone will have a "random" port selection OR sometimes you can select
5061 and
To Pfsense project teams
I don't know it is a bug or not. First, I use your product and I =
have 4 LAN cards then
I want to bridge LAN interface with WAN interface and want to bridge =
OPT1 With OPT2 in webGUI
but.
When I typed ifconfig I have bridge0 interface
On Wed, Mar 18, 2009 at 9:44 PM, Chris Flugstad ch...@cascadelink.com wrote:
Also forgot to note, that most phones will register on port 5060. This
however behind a NAT wont work if you have more than 1 phone. You will have
to statically configure the port different on each port OR someone
On Wed, Mar 18, 2009 at 9:55 PM, Sean Cavanaugh millenia2...@hotmail.comwrote:
I've actually had VERY good results with NetGear GA311 gigabit cards. they
have TCP/IP offloading too. run like tanks and are pretty inevpensive.
not sure about the pps rating on them though
-Sean
BEGIN:VCALENDAR
PRODID:-//Google Inc//Google Calendar 70.9054//EN
VERSION:2.0
CALSCALE:GREGORIAN
METHOD:REQUEST
BEGIN:VEVENT
DTSTART:20090319T043000Z
DTEND:20090319T053000Z
DTSTAMP:20090319T041244Z
ORGANIZER;CN=Bill Marquette:mailto:bill.marque...@gmail.com
On Wed, Mar 18, 2009 at 11:06 PM, Victor Padro vpa...@gmail.com wrote:
Intel 1Gbps are the best for routing, data transfer, etc.
Although intel pro 100Mbps are quite alright in a 300 kbps routing
enviroment.
thousands of PACKETs per second, not bits. You'd need a bit more than
100Mbit capable
I've actually had VERY good results with NetGear GA311 gigabit cards. they
have TCP/IP offloading too. run like tanks and are pretty inevpensive.
not sure about the pps rating on them though
-Sean
--
From: Alexandre F. Guimarães
On Wed, Mar 18, 2009 at 10:15 PM, Bill Marquette
bill.marque...@gmail.comwrote:
On Wed, Mar 18, 2009 at 11:06 PM, Victor Padro vpa...@gmail.com wrote:
Intel 1Gbps are the best for routing, data transfer, etc.
Although intel pro 100Mbps are quite alright in a 300 kbps routing
enviroment.
Thank you very much
--
From: Chris Buechler c...@pfsense.org
Sent: Thursday, March 19, 2009 11:26 AM
To: support@pfsense.com
Subject: Re: [pfSense Support] Fw: About bridge network interface and
rc.conf
Did you not see my previous reply? Here:
37 matches
Mail list logo
