Well, I just divide the servers in the private network, half using the 1st pfSense as the Def.Gateway, the other half using the 2nd pfSense.
I'm not really sure about the underlying system in terms of Make/Model; it's in my Cloud Providers datacenter. I'm guaranteed, though, to have the following: * 4 Physical Cores (at 2.0 GHz each, whatever that's supposed to mean) * 4 GB RAM * 100 GB Storage * 2 Public IP addresses Since I have 4 Physical Cores, I figure allocating 2 vCPUs should burden the system too much, and helps threading in pfSense. I could be wrong, though, so I'd value your input very much. Rgds, -- Pandu E Poluan On Wed, Jan 5, 2011 at 09:42, Jesse Vollmar <[email protected]> wrote: > On Tue, Jan 4, 2011 at 9:32 PM, Pandu Poluan <[email protected]> wrote: > >> Hello, >> >> I am planning to deploy pfSense, mostly for firewall and NAT, on my >> production Cloud. It is based on VMware. >> >> What do you recommend: >> + 1 big multi-CPU pfSense VM, or >> + 2 smaller single-CPU pfSense VMs >> >> A question: >> Will 2 smaller VMs provide higher throughput than a single big VM? >> >> And some notes: >> - RAM is at a premium here. >> - I got only 2 Public IP Addresses. >> >> Thank you for any input! >> >> Rgds, >> -- >> Pandu E Poluan >> * ~ IT Optimizer ~ * >> *Visit my Website: http://pandu.poluan.info* >> Google Talk: pepoluan >> Y! messenger: pepoluan >> MSN / Live: [email protected] (do *not* send email here) >> Skype: pepoluan >> More on me: LinkedIn <http://www.linkedin.com/in/pepoluan> >> Facebook<http://www.facebook.com/pepoluan> >> >> > Not sure how you plan on using 2 routers to do the same job, but keep in > mind that adding multiple CPUs to a vmware virtual machine is nothing like > having multiple physical CPUs. It will allow the VM to process more than a > single thread at a time, but the scheduling can be slowed down. There has to > be the same number of physical threads available on your host system as the > number of virtual CPUs on your VM. This means that even single threads can > end up waiting on processor ready time because you added more virtual CPUs > than the underlying system has idle. > > Bottom line = Don't add more than 1 or 2 virtual CPUs to a pfsense VM. > > What kind of host system(s) would it run on? > > Jesse Vollmar > Aedis IT, LLC >
