On Wed, Dec 10, 2008 at 10:05 AM, Tim Roberts [EMAIL PROTECTED] wrote:
Im still trying to track this issue down. I have one of the two new nodes up
finally without blowing up the network. I re-arranged VHIDs on all PFSense
servers on the network so they are unique and that did the trick for one
On Thu, Dec 18, 2008 at 7:00 AM, a800 pentes...@scanit.be wrote:
The FreeBSD advisory says one has to upgrade to 7.0-RELEASE-p6 to get he
bug fixed. pfSense 1.2.1-RC4 image I have downloaded couple days ago
says it runs 7.0-RELEASE-p5.
Do you mean this flaw was fixed in the source tree of
On Sat, Dec 20, 2008 at 4:45 PM, Lenny five2one.le...@gmail.com wrote:
Hi,
I'm kind of desperate here, so please try to help me.
Here's my problem:
I have a setup in production (a very dynamic website).
It consists of pfsense--Alteon Load Balancer--IBM Bladecenter(with a
Squids cluster
On Sun, Dec 21, 2008 at 2:08 AM, Lenny five2one.le...@gmail.com wrote:
Bill Marquette wrote:
On Sat, Dec 20, 2008 at 4:45 PM, Lenny five2one.le...@gmail.com wrote:
Hi,
I'm kind of desperate here, so please try to help me.
Here's my problem:
I have a setup in production (a very dynamic
On Mon, Dec 22, 2008 at 5:31 PM, Jason Lixfeld
jason-lists.pfse...@lixfeld.ca wrote:
Hi Dimitri,
It is a CARP address, yes and it does in fact match the mask on the WAN
interface; they are both /28.
After doing some more digging, I figured it out. It was a VMWare thing. I
had to set the
On Sat, Jan 10, 2009 at 3:45 AM, Dominik Schips domi...@s235.de wrote:
Hello,
I am using pfSense 1.2.2 and it is wonderfull.
However I have one problem with SIP (port 5060) calls.
My (german) provider does every 24 hours a reconnect of the ADSL line
(PPPoE). Normally that is never a
On Sun, Jan 11, 2009 at 2:19 PM, Chris Buechler c...@pfsense.org wrote:
On Sun, Jan 11, 2009 at 11:22 AM, Karl Fife karlf...@gmail.com wrote:
I want to say that I recall a move to IPTables was
anticipated at some point. Has that happened?
What?! hah Never. Wow, the chance of anyone with a
On Sun, Jan 11, 2009 at 5:02 PM, Karl Fife karlf...@gmail.com wrote:
Tell them to use a worthwhile browser. The reason the SVG graphs don't
work is because IE is the only browser that doesn't come with SVG
integrated and for whatever reason the plugin has issues if you force
authentication
On Mon, Jan 12, 2009 at 6:28 AM, Veiko Kukk veiko.k...@krediidipank.ee wrote:
Erwan David wrote:
On Mon, Jan 12, 2009 at 11:30:44AM CET, Veiko Kukk
veiko.k...@krediidipank.ee said:
Do you have also load sharing or only failover?
How are your failover pools configured?
---
Veiko
I have
On Tue, Jan 13, 2009 at 6:13 PM, Aliet Santiesteban Sifontes
alietsantieste...@gmail.com wrote:
Testing 20090112 2.0 Alpha I have found that the lagg interfaces are
not listed in the combo for vlan parent interface, any workaraound for
this???.
write code
submit patch
get famous
continue
On Mon, Jan 19, 2009 at 3:07 AM, Veiko Kukk veiko.k...@krediidipank.ee wrote:
Bill Marquette wrote:
Setup a load balancer entry with an active node and a failover node.
As I previously said, I dont want load balancing, I only need failover.
duh, what do you think this provides? Rhetorical
fwiw, that's not an install guide, it was really a how to make it boot
over the network guide - very helpful for development. I don't know
of anyone that has had a successful install to a soekris over the
network. Not to say it can't be done, but you've got a lot of
exploring ahead of you.
On Mon, Feb 9, 2009 at 3:14 PM, Joel Robison robisonj...@gmail.com wrote:
Hello All,
I was wondering if anyone here would be able to give me some pointers in
context of traffic redirection. What I am attempting (and failing at I
should add) to do is redirect all SMTP traffic from the LAN to
On Mon, Feb 9, 2009 at 5:11 PM, Chris Buechler c...@pfsense.org wrote:
On Mon, Feb 9, 2009 at 5:43 PM, Tim Nelson tnel...@rockbochs.com wrote:
- Bill Marquette bill.marque...@gmail.com wrote:
The MTA needs to not be on the same network as you are redirecting.
ie. You can't send LAN
On Mon, Feb 9, 2009 at 5:30 PM, Joel Robison robisonj...@gmail.com wrote:
I have done a little experimenting with this over the past few hours (while
dodging IT requests, I am sure most of you are familiar). I setup a VLAN
interface that is off of the LAN interface to put the email server in a
On Sun, Feb 15, 2009 at 5:58 PM, Nathan Eisenberg
nat...@atlasnetworks.us wrote:
Hello,
I recently changed the timezone on one of our PFSense boxes, as it thought
it was 12 hours ahead of where it actually is. Since I have made that
change, states do not appear to be expiring normally, and
Logs won't be fixed short of a reboot, unless you like monkeying
around in the shell. Syslog records it's offset from GMT when it
starts up.
--Bill
On Mon, Feb 16, 2009 at 8:17 AM, Bill Marquette
bill.marque...@gmail.com wrote:
On Sun, Feb 15, 2009 at 5:58 PM, Nathan Eisenberg
nat
Go troll elsewhere.
On Thu, Feb 19, 2009 at 5:51 AM, Mikel Jimenez mi...@irontec.com wrote:
Hello
Is pfsync better than contrackd?
Who cares, pfsense runs on FreeBSD where there be demons, not penguins.
In what aspects?
It runs on *BSD, not linux, so yes, infinitely better.
--Bill
On Thu, Feb 19, 2009 at 12:26 PM, mikel mi...@irontec.com wrote:
I ask this question, because I am favour ogf *BSD, and one friend discuss
me that what pfsync+carp does, is possible with contrackd.
I have read that contrackd only syncs tcp states, and is a user space
daemon, not kernel
Your ipsec policy matches all traffic, this isn't a routing issue.
What you've told the kernel is that all traffic uses an ipsec poliicy
that encrypts it and sends it to a different site.
--Bill
On Tue, Mar 10, 2009 at 9:02 AM, Pabel Zenteno
pzent...@prodemffp.com.bo wrote:
I have an IPsec
On Tue, Mar 10, 2009 at 9:30 AM, Pabel Zenteno
pzent...@prodemffp.com.bo wrote:
So, is there something I can do?
Change your ipsec policy.
--Bill
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional
On Wed, Mar 18, 2009 at 7:32 AM, five2one.le...@gmail.com wrote:
Hi,
ok, I'm back with some tests and results.
I read a lot about the em driver settings, and this is what I did:
in /etc/sysctl.conf I added:
dev.em.0.rx_processing_limit=1600
dev.em.1.rx_processing_limit=1600
although I
On Wed, Mar 18, 2009 at 10:27 AM, five2one.le...@gmail.com wrote:
So the question is, should I go for it? Will it help me in any way? I mean,
if I have 2 Xeon CPUs and Hyper Threading enabled, I can actually divide it
into 4 threads, right?
Don't use hyperthreading. It's likely to cause you
On Wed, Mar 18, 2009 at 3:12 PM, Lenny five2one.le...@gmail.com wrote:
Hi Bill,
thanks for answering.
a couple of questions:
I'm gonna disable hyperthreading tomorrow, but tell me, should I do it in
BIOS and just boot it up,
All our older Intel machines had it disabled in BIOS. The
On Wed, Mar 18, 2009 at 3:14 PM, Lenny five2one.le...@gmail.com wrote:
Hi,
ok, thanks.
Regarding MSI - I never checked, but as far as I remember the BIOS settings
- I never saw it there.
I'll check tomorrow.
That reminds me. Our HP gear has an APIC setting in BIOS - we set it
to Full
Further, CARP doesn't run on a dedicated NIC, pfsync does (and no,
it's not required, however it isn't encrypted or authenticated).
--Bill
Sent from my iPhone
On Mar 18, 2009, at 7:01 PM, Chris Buechler c...@pfsense.org wrote:
On Wed, Mar 18, 2009 at 7:55 PM, Nathan Eisenberg
...@google.com
ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=NEEDS-ACTION;RSVP=
TRUE;cn=supp...@pfsense.com;X-NUM-GUESTS=0:mailto:support@pfsense.com
ATTENDEE;CUTYPE=INDIVIDUAL;ROLE=REQ-PARTICIPANT;PARTSTAT=ACCEPTED;RSVP=TRUE
;CN=Bill Marquette;X-NUM-GUESTS=0:mailto:bill.marque...@gmail.com
On Wed, Mar 18, 2009 at 11:06 PM, Victor Padro vpa...@gmail.com wrote:
Intel 1Gbps are the best for routing, data transfer, etc.
Although intel pro 100Mbps are quite alright in a 300 kbps routing
enviroment.
thousands of PACKETs per second, not bits. You'd need a bit more than
100Mbit capable
On Thu, Mar 19, 2009 at 6:56 AM, Michel Servaes mic...@mcmc.be wrote:
I just updated my pfSense 1.2.3 prerelease version through a webupdate.
Which just seems to be working fine, allthough I cannot access the
webinterface anymore ??
Yeah, it wasn't a very popular feature so we removed it.
On Thu, Mar 19, 2009 at 6:09 PM, Mikel Jimenez Fernandez
mi...@irontec.com wrote:
mm OK
I think that I understna sysctl value what mean..
backup:~# ping -f 10.10.0.98 -c 500
PING 10.10.0.98 (10.10.0.98) 56(84) bytes of data.
.
--- 10.10.0.98 ping statistics ---
500 packets transmitted,
On Fri, Mar 20, 2009 at 4:50 AM, Mikel Jimenez Fernandez
mi...@irontec.com wrote:
If I check, or dont chek, bad cksum in tcpdump always appear.
I have to reboot ?
You are chasing up the wrong tree. Bad checksums are normal when
using checksum offloading, tcpdump shows the packet before the
On Sat, Mar 21, 2009 at 6:00 PM, Lenny five2one.le...@gmail.com wrote:
Hi Bill,
snip
Now, for the bad part. I got to a total of almost 50kpps, and that was via
70% CPU. Which probably means that at about 70kpps or so I'd hit 100%. Which
actually was a lot like what you said about Xeons (you
On Sun, Mar 22, 2009 at 3:32 PM, Lenny five2one.le...@gmail.com wrote:
Hi Bill,
ok, thanks.
So as I understand it, in my production environment I will not be able to
get more than say 150-200kpps even if I had the best CPU available on the
You should be able to hit much more than that.
BTW, whats your average packet size?
--Bill
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
(addr 2) disconnected
uhid0: detached
#
Bill Marquette wrote:
On Sun, Mar 22, 2009 at 3:32 PM, Lenny five2one.le...@gmail.com wrote:
Hi Bill,
ok, thanks.
So as I understand it, in my production environment I will not be able to
get more than say 150-200kpps even if I had the best CPU
On Sun, Mar 22, 2009 at 4:39 PM, Bill Marquette
bill.marque...@gmail.com wrote:
On Sun, Mar 22, 2009 at 4:13 PM, Lenny five2one.le...@gmail.com wrote:
sorry, you got me there:) how do I check that?
Bill Marquette wrote:
BTW, whats your average packet size?
Easiest way to get
On Sun, Mar 22, 2009 at 4:13 PM, Lenny five2one.le...@gmail.com wrote:
sorry, you got me there:) how do I check that?
Bill Marquette wrote:
BTW, whats your average packet size?
Easiest way to get in the ballpark should be to:
tcpdump -w /tmp/pps.pcap -i WAN -c 1
substitute WAN
On Sun, Mar 22, 2009 at 5:20 PM, Chris Buechler c...@pfsense.org wrote:
On Sun, Mar 22, 2009 at 5:33 PM, Bill Marquette
bill.marque...@gmail.com wrote:
I believe so. The newer Core designs have lower Ghz ratings. Any
chance you know the models? I'm not seeing the VTX feature in your
dmesg
On Mon, Mar 23, 2009 at 12:33 AM, Lenny five2one.le...@gmail.com wrote:
It's 530 (bytes?)
(and yet for 50kpps I had around 150Mb of traffic. Is this possible?)
http://www.ccievault.net/index.php/tools says it's possible
--Bill
On Mon, Mar 23, 2009 at 9:26 AM, Vick Khera vi...@khera.org wrote:
On Mon, Mar 23, 2009 at 8:30 AM, Lenny five2one.le...@gmail.com wrote:
I got offered a Sun Fire X2200 with Opteron Dual Core 2210(that's 1.8GHz).
Will that do it? (for ~150kpps)
That's a little slower than what I use in prod
On Wed, May 13, 2009 at 6:54 AM, Lenny five2one.le...@gmail.com wrote:
Hi again,
sorry to wake an old thread, but this is still an issue for me.
I was offered a Dell R200 server today, which comes with a single Xeon x3220
2.4GHz Quad Core CPU.
(I understand it's a repacked Q6600 or
On Wed, May 13, 2009 at 10:25 AM, Bill McIlhargey Jr b...@mcilhargey.com
wrote:
Sounds like over kill for pfsense! :D
Message sent from my iPhone
Bill McIlhargey Jr
COMPUTERONIX, LLC
978.500.5936
supp...@compute-ronix.com
www.compute-ronix.com
It's only overkill if you don't need the
On Wed, May 13, 2009 at 7:47 PM, Scott Ullrich sullr...@gmail.com wrote:
On Wed, May 13, 2009 at 8:36 PM, Dimitri Rodis
dimit...@integritasystems.com wrote:
My understanding is that Giant lock is gone from the FreeBSD network stack
in 8:
On Wed, May 13, 2009 at 10:58 AM, Scott Ullrich sullr...@gmail.com wrote:
On Wed, May 13, 2009 at 11:55 AM, Chris Buechler c...@pfsense.org wrote:
Slowing down considerably when under full load is normal, slowing to
the point that sites don't load anymore when you're just running a few
Windows
On Thu, May 14, 2009 at 7:20 AM, Sean Cavanaugh
millenia2...@hotmail.com wrote:
Bill
he USED to have 2 bonded T1's but they reduced to a single T1 connection to
save money.
-Sean
Yes, I'm referring to the old circuit intentionally. I didn't get
bonded out of The current connection is
On Thu, May 14, 2009 at 7:43 AM, Bill Marquette
bill.marque...@gmail.com wrote:
On Thu, May 14, 2009 at 7:20 AM, Sean Cavanaugh
millenia2...@hotmail.com wrote:
Bill
he USED to have 2 bonded T1's but they reduced to a single T1 connection to
save money.
-Sean
Yes, I'm referring to the old
intentionally not trimming - see below
On Wed, Jul 29, 2009 at 12:55 PM,
apiase...@midatlanticbb.comapiase...@midatlanticbb.com wrote:
iggd...@gmail.com wrote:
On Wed, Jul 29, 2009 at 1:45 PM, Curtis LaMasters
curtislamast...@gmail.com mailto:curtislamast...@gmail.com wrote:
Gotta tell
On Thu, Jul 30, 2009 at 6:08 AM, Veiko Kukkveiko.k...@krediidipank.ee wrote:
This is a good example, why bottom-posting sucks...
Why do i need to scroll past all previous teks i read just few seconds ago,
following that thread?
If i need to read it, then i could scroll down, but rarely there
On Fri, Jul 31, 2009 at 5:02 AM, Paul
Mansfieldit-admin-pfse...@taptu.com wrote:
Scott Ullrich wrote:
http://www.caliburn.nl/topposting.html
http://idallen.com/topposting.html
while we're all whinging, please can I whinge about thead hijacking
where people start a new discussion by clicking
On Fri, Jul 31, 2009 at 10:30 AM, Paul
Mansfieldit-admin-pfse...@taptu.com wrote:
Rainer Duffner wrote:
I may be wrong, but his problem is pps (packets per second).
That's not the same as being able to download a large file.
Unfortunately.
How does one generate a large a mount of (small)
On Tue, Aug 18, 2009 at 9:28 AM, Veiko Kukkveiko.k...@krediidipank.ee wrote:
How should I configure pfsync if I want to use three machines?
I'm curious why you might want such a setup.
--Bill
-
To unsubscribe, e-mail:
On Wed, Aug 19, 2009 at 1:41 PM, Christopher M.
Iarocciciaro...@tfop.net wrote:
On Tue, Aug 18, 2009 at 9:28 AM, Veiko Kukkveiko.k...@krediidipank.ee
wrote:
How should I configure pfsync if I want to use three machines?
I'm curious why you might want such a setup.
--Bill
[Christopher
On Sat, Aug 22, 2009 at 2:24 PM, Evgeny Yurchenkoevg.yu...@rogers.com wrote:
Trying to get my branch cloned on local system
%git clone http://gitweb.pfsense.org/pfsense-packages/EugeneY-OpenBGPD.git
after many lines of digits I get an error:
got 1bba2c06e541573fb5b5eeac12eb13eca0eab3c0
error:
Don't forget to reset your cable modem after changing this. Even the
business modem has a way of retaining MAC addresses.
--Bill
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail:
On Fri, Aug 28, 2009 at 8:41 AM, Jesse Vollmarvollm...@gmail.com wrote:
You shouldn't use the parent interface generally. Don't think that's
related though. You losing connectivity from the firewall to the
gateway? You're far from uncharted territory, the several boxes I've
worked on that have
On Fri, Aug 28, 2009 at 8:57 AM, Jesse Vollmarvollm...@gmail.com wrote:
On Fri, Aug 28, 2009 at 9:47 AM, Bill Marquette bill.marque...@gmail.com
wrote:
What's not normal (and not recommended) is the use of the physical NIC
for a network while simultaneously sending tagged frames
On Fri, Aug 28, 2009 at 8:51 AM, Evgeny Yurchenkoevg.yu...@rogers.com wrote:
Bill Marquette wrote:On Wed, Aug 26, 2009 at 7:53 PM, Evgeny
Yurchenkoevg.yu...@rogers.com wrote:
On Wed, Aug 26, 2009 at 7:53 PM, Evgeny Yurchenkoevg.yu...@rogers.com
wrote:
What do you use to develop pfSense
On Fri, Aug 28, 2009 at 10:21 AM, Jim Pingleli...@pingle.org wrote:
Bill Marquette wrote:
Speaking personally..I use MacFusion (ssfs via FUSE with a gui
wrapper) to mount the filesystem via ssh. Then I point my local
editor at the locally mounted filesystem. This workflow should work
fine
On Fri, Aug 28, 2009 at 2:44 PM, Guy Boisvertboisvert@videotron.ca wrote:
Chris Buechler wrote:
Your firewall rules on VLAN3 need to allow the traffic.
There is no firewall rules on VLAN3. This is simple routing with the
2910AL (Layer 3) that simply forward traffic to its default
On Fri, Oct 23, 2009 at 8:06 AM, Evgeny Yurchenko evg.yu...@rogers.com wrote:
Lyle Giese wrote:
Peter Roosenboom wrote:
hello,
On pfsense board I cannnot find out whether spamd is working on pfsense
1.2.3 or not.
Most messages on this topic suggest that it is not working.
I would like
On Fri, Oct 23, 2009 at 3:45 PM, Evgeny Yurchenko evg.yu...@rogers.com wrote:
Bill Marquette wrote:
On Fri, Oct 23, 2009 at 2:45 PM, Evgeny Yurchenko evg.yu...@rogers.com
wrote:
And for the third opinion in this thread :)
You want the 'other' VIP type. It's used in situations where you
On Mon, Nov 2, 2009 at 1:32 PM, Vick Khera vi...@khera.org wrote:
On Sun, Nov 1, 2009 at 9:12 PM, Ugo Bellavance u...@lubik.ca wrote:
3com 905 (xl)
I'd put this on your WAN and the intel on the LAN. 3Com have been
well support in FreeBSD (and even in the original 4.2BSD before that)
On Wed, Nov 11, 2009 at 9:24 AM, Glenn Kelley gl...@typo3usa.com wrote:
short update -
I have blocked
but still seem like we might have issues -
1394ip$EXTERNAL_NETany$HOME_NETany SHELLCODE x86 inc ecx NOOP
has anyone else seen this - when all the user is doing is remote email ?
I would
On Thu, Jul 8, 2010 at 3:17 PM, Adam Thompson athom...@c3a.ca wrote:
My problem: reply packets to inbound NAT’d connection are being sent back
out the wrong interface, and being rejected as bogons by the next-hop
router.
The setup…
OPT1(OPT1) - vlan0 -
On Tue, Jul 13, 2010 at 1:19 PM, Adam Thompson athom...@c3a.ca wrote:
-Original Message-
From: Bill Marquette [mailto:bill.marque...@gmail.com]
Sent: Monday, July 12, 2010 8:30 PM
To: support@pfsense.com
Subject: Re: [pfSense Support] 1:1 multi-homed NAT broken?
This sounds like
On Fri, May 6, 2011 at 10:06 AM, Oliver Hansen oliver.han...@gmail.com wrote:
I signed up for the IPv6 trial and was accepted. I then signed into the
Comcast trial website but am really at a loss whether it is available to me
or not. I'm willing to help test things if I can be of any help.
The
On Fri, May 6, 2011 at 1:19 PM, Oliver Hansen oliver.han...@gmail.com wrote:
It sounds doubtful that I do have an IPv6 enabled connection but I do have a
DOCSIS 3 modem and have synced with the 2.0RC1 IPv6 branch at home. I won't
have time to check it out this weekend but at least I can attempt
On Tue, May 10, 2011 at 7:15 AM, Shibashish shi...@gmail.com wrote:
Hi All,
I have a clustered service which needs to be load-balanced on the lan
network. The following setup doesn't work for me.
--- lan ip 1
load balanced lan vip --- lan ip 2
On Tue, Aug 9, 2011 at 7:19 AM, Cleber L. Medina clebermed...@gmail.comwrote:
I configured thje imspector on RC3, but it dont make any report... there
are some bug?
Which imspector package did you use? Also, what protocol isn't logging?
Thanks
--Bill
701 - 769 of 769 matches
Mail list logo
