Hello, Has anyone measured the maximum number of packets-per-second that a 5501 can handle as a router - ideally using PPPoE mode for the WAN side?
I'm running pfSense 1.2.3 (based on FreeBSD 7.2) on an ADSL link, running PPPoE with a Draytek Vigor 120 modem. Normally this setup is solid, but if I run Nessus with default settings against lots of IP addresses, the PPPoE session drops. pfSense shows high CPU utilization when this happens. A workaround appears to be to set up the traffic shaper in pfSense, imposing upload and download limits slightly lower than the net throughout expected for the ADSL link. One possible explanation is that Nessus sends a very large number of very short packets during its port-scanning phase, so the 5501 receives an unusually large number of packets per second - causing problems if the sustained packet rate is higher than the 5501 can really cope with. Yet I note that the 5501 can handle sustained traffic of 300 PPS with only modest CPU utilization being reported in pfSense. Another possibility is that the upstream ISP equipment requires LCP Echo replies in order to keep the PPPoE link up, and somehow pfSense's MPD (version 3.18) doesn't send the LCP Echo replies quickly enough when under such load. This seems unlikely though, as my impression was that LCP Echo was only required to keep the link up when there's no user traffic to send. I'd be grateful for any information. At this stage I'm starting to wonder whether an old Pentium 4 desktop would be worth testing as the pfSense router, in case the problem is that the 5501 can't process more than a certain number of interrupts per second. But of course a PC burns a lot more energy than a Soekris board. Thanks, - Martin _______________________________________________ Soekris-tech mailing list [email protected] http://lists.soekris.com/mailman/listinfo/soekris-tech
