To clarify further...
In this situation, we are downgrading to a T1 (1.5Mbit/1.5Mbit) connection from
a new service provider. The current connection is 3Mbit/3Mbit, works, but is
insanely expensive (way more than twice the price). Locked into a service
agreement. Switching will basically save
I would suggest placing in a bandwidth shaper.
There are some open source alternatives out there - just do some
research as to what will fit best for you -
ie - do you know freebsd / linux / or stuck in windows ?
I would suggest the shaping to be done per protocol.
You may also want to place
During this new firewall installation, someone decided to run Windows
Updates on a four computers. Previously, this would not have choked the
network, but with the new firewall (and new T1), it is choking it. Choking
it dead. The four machines appear to contend for connectivity but after a
It did not happen with the other connection. But the previous firewall didn’t
allow me to look at nice graphs and see it maxing out, etc… It just worked. It
was twice as fast as you said. I hooked up the old connection and it is not
dying with the 4 windows updates… in fact, it’s humming
This is north of Toronto, outside of the DSL service area unfortunately. Really
not many options up here... There are wireless services available, but they are
fairly expensive and inline with the T1 costs (but with traffic caps/ price per
GB). The old 3Mbit service is very expensive and no
On Wed, May 13, 2009 at 2:47 AM, Chuck Mariotti cmario...@xunity.comwrote:
This is north of Toronto, outside of the DSL service area unfortunately.
Really not many options up here... There are wireless services available,
but they are fairly expensive and inline with the T1 costs (but with
PF
El mar, 12-05-2009 a las 11:15 -0600, RB escribió:
On Tue, May 12, 2009 at 10:59, luismi asturlui...@gmail.com wrote:
Hi, well, I was looking for something more complex.
http://catb.org/~esr/faqs/smart-questions.html#beprecise
Ask a nebulous question, you get a nebulous answer.
put in a big squid proxy with a large disk cache, and or set up windows
clients to auto-download updates during the night so at least congestion
happens outside critical times
if you're using managed switches, can you throttle
back individual ports?
otherwise, traffic shaping may be your friend
Hi again,
sorry to wake an old thread, but this is still an issue for me.
I was offered a Dell R200 server today, which comes with a single Xeon x3220
2.4GHz Quad Core CPU.
(I understand it's a repacked Q6600 or something).
I was wondering if this would be sufficient for my needs.
The better
Rob Pickerill schrieb:
havent been following this one, so dont know if its been mentioned
before, but have you looked at WSUS?
http://technet.microsoft.com/en-us/wsus/default.aspx
let that collect the updates - preferably overnight - and distribute
them to your workstations/servers
He's
Lenny wrote:
I was offered a Dell R200 server today, which comes with a single Xeon
x3220 2.4GHz Quad Core CPU.
(I understand it's a repacked Q6600 or something).
I was wondering if this would be sufficient for my needs.
I use a R200 at work for our pfSense, and we've had no issues with it.
On Wed, May 13, 2009 at 03:02, luismi asturlui...@gmail.com wrote:
PF
You do, of course, realize that 99.9% of the people that offer help on
this list are not paid to do so and that by copping an attitude you've
pretty much blown your chances of getting help?
Hi,
thanks for answering, but I guess you didn't read the whole thread. I don't
blame you, since it's a zillion posts:)
Anyway, I need it for a website, where I have about 300Mb traffic, which is
around 150kpps, and I need some CPU power to spare.
IBM x336 with dual Xeon 3.6GHz could only handle
If the business warrants it, you might want to look at techniques to save
bandwidth overall such as running a Windows Server Update Service internally
(ports repo for FreeBSD, yum repo if you have linux) so you only have to
download updates once and all internal systems can get their updates
Thanks everyone... I should clarify a little more of what my worry is.
Specifically the 4 machines downloading updates at the exact same time and
taking the internet connection to its knees probably isn't too realistic a
scenario. We did do it in the middle of the night, so it can happen, but
Interesting maybe I try it when the new pfsense version is out
thank you very much!
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support
-Oorspronkelijk bericht-
Van: Chuck Mariotti [mailto:cmario...@xunity.com]
Verzonden: woensdag 13 mei 2009 15:30
Aan: support@pfsense.com
Onderwerp: RE: [pfSense Support] RE: T1 Saturating - Windows update kills
the connection... ??
Thanks Jeppe... that's my feeling too.
I don't want to discuss about this, for me it is a waste of time.
Here is the details of the syslog-ng thread x-D
I found the solution few days ago in the pfsense boards/forum, before I
sent the email to mailing list.
I modified the code to include the proper configuration for my
environment and
On Wed, May 13, 2009 at 6:54 AM, Lenny five2one.le...@gmail.com wrote:
Hi again,
sorry to wake an old thread, but this is still an issue for me.
I was offered a Dell R200 server today, which comes with a single Xeon x3220
2.4GHz Quad Core CPU.
(I understand it's a repacked Q6600 or
Bill Marquette schrieb:
Ask the vendors for eval gear and make sure it supports the load before you
buy.
AFAIK, SUN still provides eval-systems for free.
I would evaluate one of the new X2270 with the Nehalem Xeons.
This should provide a 50% boost even on 5400-series Xeons.
Also, they
On Wed, May 13, 2009 at 10:21 AM, Rainer Duffner rai...@ultra-secure.de wrote:
AFAIK, SUN still provides eval-systems for free.
I would evaluate one of the new X2270 with the Nehalem Xeons.
This should provide a 50% boost even on 5400-series Xeons.
Also, they use Intel NICs, IIRC.
The
Rainer Duffner wrote:
AFAIK, SUN still provides eval-systems for free.
I would evaluate one of the new X2270 with the Nehalem Xeons.
This should provide a 50% boost even on 5400-series Xeons.
Also, they use Intel NICs, IIRC.
we've got a shiny Dell R710 with twin L5520 Xeon-EPs, very nice;
Sounds like over kill for pfsense! :D
Message sent from my iPhone
Bill McIlhargey Jr
COMPUTERONIX, LLC
978.500.5936
supp...@compute-ronix.com
www.compute-ronix.com
On May 13, 2009, at 11:24 AM, Paul Mansfield it-admin-pfse...@taptu.com
wrote:
Rainer Duffner wrote:
AFAIK, SUN still
Normally, the packages sent out from the Windows Update service are quite
small in size and the BITS service helps to stream these at a reasonable
rate to your local system. However, there have been a couple of recently
released security patches that are quite large (one was +300 MB) which could
Thanks Michael, that is some great advice.
The machines are setup for AutoUpdate for critical patches only, so in this
case it was just the optional ones. But the total download sizes were in the
~200MB per machine. So sizable. In this case, we ran updates on 4 of the
roughly 20 workstations.
On Wed, May 13, 2009 at 2:47 AM, Chuck Mariotti cmario...@xunity.com wrote:
To clarify further...
In this situation, we are downgrading to a T1 (1.5Mbit/1.5Mbit) connection
from a new service provider. The current connection is 3Mbit/3Mbit, works,
but is insanely expensive (way more than
On Wed, May 13, 2009 at 09:53, Chuck Mariotti cmario...@xunity.com wrote:
I used cheapo DLink 10/100 Network cards to build the server. But I'm
doubting that would be the cause. The only other oddity is that I threw a
little DLink 8 Port Gigabit Switch between the router and firewall, simply
On Wed, May 13, 2009 at 11:55 AM, Chris Buechler c...@pfsense.org wrote:
Slowing down considerably when under full load is normal, slowing to
the point that sites don't load anymore when you're just running a few
Windows updates is definitely not. Sounds like there's something wrong
with the
Date: Wed, 13 May 2009 09:57:32 -0600
From: aoz@gmail.com
To: support@pfsense.com
Subject: Re: [pfSense Support] RE: T1 Saturating - Windows update kills the
connection... ??
On Wed, May 13, 2009 at 09:53, Chuck Mariotti cmario...@xunity.com wrote:
I used cheapo DLink 10/100
It should just get slower and divide the bandwidth evenly since there are no
rules to shape it.
Thats basically what should happen.
Of course things get all out of whack when the connection isn't symmetric
(like most consumer connections). On those, you will see severe degradation
in speed on
Great suggestions everyone. Thanks...
I looked up the data report on AllStreams system for the last 24 hours.
In 534.5 bytes/sec 298.2 bytes/sec
Out 532.2 bytes/sec 310.5 bytes/sec
So I think this implies that we are not hitting the max on the T1... my math
sucks for this stuff (I never seem
WHY would you want to shape your downstream channel? that kind of defeats the
purpose of having the bandwidth there in the firstplace.
-Sean
Date: Wed, 13 May 2009 10:21:39 -0700
From: jol...@gmail.com
To: support@pfsense.com
Subject: Re: [pfSense Support] RE: T1 Saturating - Windows update
Sorry, those pairs are Max / Average number to clarify.
-Original Message-
From: Chuck Mariotti [mailto:cmario...@xunity.com]
Sent: Wednesday, May 13, 2009 1:31 PM
To: support@pfsense.com
Subject: RE: [pfSense Support] RE: T1 Saturating - Windows update kills the
connection... ??
Great
WHY would you want to shape your downstream channel? that kind of defeats
the purpose of having the bandwidth there in the firstplace.
For example if you have a fast connection to a building, and it is being
shared between tenants.
Without restricting the downstream, user A can severely impact
On Wed, May 13, 2009 at 8:55 AM, Chris Buechler c...@pfsense.org wrote:
Slowing down considerably when under full load is normal, slowing to
the point that sites don't load anymore when you're just running a few
Windows updates is definitely not. Sounds like there's something wrong
with the
Thanks… I am going to follow up with AllStream. The bytes/sec are the Max and
Average. I think their reporting system is broken. RRD reported 1.5Mb/s, it was
just a table top sitting there until we cancelled the windows updates. Then it
dropped right back down.
Chuck
From: Jeppe Øland
On Wed, May 13, 2009 at 10:25 AM, Bill McIlhargey Jr b...@mcilhargey.com
wrote:
Sounds like over kill for pfsense! :D
Message sent from my iPhone
Bill McIlhargey Jr
COMPUTERONIX, LLC
978.500.5936
supp...@compute-ronix.com
www.compute-ronix.com
It's only overkill if you don't need the
My understanding is that Giant lock is gone from the FreeBSD network stack
in 8:
http://unix.derkeiler.com/Mailing-Lists/FreeBSD/arch/2009-04/msg00075.html
Dimitri Rodis
Integrita Systems LLC
http://www.integritasystems.com
-Original Message-
From: Bill Marquette
On Wed, May 13, 2009 at 8:36 PM, Dimitri Rodis
dimit...@integritasystems.com wrote:
My understanding is that Giant lock is gone from the FreeBSD network stack
in 8:
http://unix.derkeiler.com/Mailing-Lists/FreeBSD/arch/2009-04/msg00075.html
PF is still protected by one giant lock and does not
39 matches
Mail list logo