On 19/02/2016 17:12, David Burgess wrote: > I'm a little surprised at your experience. A few years ago I built a > PFSense unit with an Intel motherboard, 1st gen Core i3 CPU, and a > single onboard Intel (em) GBE NIC. All routing was done through vlans > and it had no trouble reaching wire speed with around 50% CPU usage. > > I do recommend using the net.inet.ip.fastforwarding=1 tweak if you > can. Note that it breaks IPSEC and captive portal. > > As far as 10G NICs, I was sure I read recently that the FreeNAS people > were recommending Chelsio, but I can't find the reference now. I imagine it's probably going to be our ridiculous PPS figures that start to bottleneck things. There's 2-3 thousand hardcore gamers behind these boxes when we run our events all generating shedloads of tiny UDP packets, as well as a big demand for normal web browsing, downloading, streaming on top of all that. What we used to see was the ix (and before the 10G NICs the bge) driver heavily pushing single CPU cores - but at about ~1.2Gbit we just start seeing small amounts of packet loss - even when there's no obvious single cause. I'm guessing its a combination of a few factors, but to be honest we just move traffic off to another box - PL for gamers is the end of the world. :(
I don't think we had set fastforwarding yet - so i'll definitely look into that. Don't care about IPSec or captive portal at all! We're also getting pricing for Chelsio NICs now too - so perhaps that'll help as well. Thanks again (and thanks Ed for those stats too). Cheers, Giles. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
