[pfSense Support] Small remarks about OpenBGPD packaget
Hi!
1) I find it a little bit inconvenient that you can not add a neighbor
when you do not have any group configured. Suppose I want to add just
two neighbors without messing with groups set up.
This small thing solves it:
# diff -rub openbgpd_neighbors.xml.bak openbgpd_neighbors.xml
--- openbgpd_neighbors.xml.bak 2009-07-22 21:31:13.0 +
+++ openbgpd_neighbors.xml 2009-08-05 04:11:06.0 +
@@ -171,6 +171,11 @@
$counter++;
}
}
+ else{
+ $newoptions['option'][0]['name'] = "";
+ $newoptions['option'][0]['value'] = "";
+ $pkg['fields']['field'][2]['options'] =
$newoptions;
+ }
2) Cosmetic but may be you would wish to implement it. Neighbors not
belonging to any group not aligned properly:
group "G1" {
remote-as 11
neighbor 1.1.1.1 {
descr "N1"
announce all
remote-as 1
}
}
neighbor 2.2.2.2 {
descr "N2"
announce all
holdtime 300
remote-as 2
}
This small patch
# diff -rub openbgpd.inc.bak openbgpd.inc
--- openbgpd.inc.bak2009-07-22 21:31:13.0 +
+++ openbgpd.inc2009-08-05 03:31:14.0 +
@@ -103,14 +103,14 @@
foreach($openbgpd_neighbors as $neighbor) {
$used_this_item = false;
if($neighbor['groupname'] == "") {
- $conffile .= " neighbor {$neighbor['neighbor']} {\n";
+ $conffile .= "neighbor {$neighbor['neighbor']} {\n";
$conffile .= " descr
\"{$neighbor['descr']}\"\n";
$used_this_item = true;
foreach($neighbor['row'] as $row) {
$conffile .= " {$row['paramaters']}
{$row['parmvalue']} \n";
}
if($used_this_item)
-$conffile .= " }\n";
+$conffile .= "}\n";
}
}
if($used_this_item)
makes it more intuitive (at least for me)
group "G1" {
remote-as 11
neighbor 1.1.1.1 {
descr "N1"
announce all
remote-as 1
}
}
neighbor 2.2.2.2 {
descr "N2"
announce all
holdtime 300
remote-as 2
}
Eugene
-
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Enable LDAP
On Tue, Aug 4, 2009 at 9:18 PM, Marcelo Silva wrote: > Victor, > > Quero saber como colocar o PFSense para se comunicar com o meu Active > Directory, para realizar as regras com base nos logins dos usuários do meu > Domínio. > > Atc, > > Marcelo > > Victor Padro escreveu: > > On Tue, Aug 4, 2009 at 9:06 PM, Fabricio Ferreira wrote: > > > Hello Victor. > Can I help you? I'm from Brazil... > > > Posso te ajudar? Escreva diretamente para meu E-mail gu...@bol.com.br > Até... > > Fabrício. > > > > -Mensagem original- > De: Victor Padro [mailto:vpa...@gmail.com] > Enviada em: terça-feira, 4 de agosto de 2009 22:27 > Para: support@pfsense.com > Assunto: Re: [pfSense Support] Enable LDAP > > On Tue, Aug 4, 2009 at 6:26 PM, Marcelo Silva > wrote: > > > Hi, I am PFSense version 1.2.3-RC1, I wonder if you are like the rules of > the firewall are for LDAP, my LDAP server is Windows 2003 Server. > Excuse my English, I am writing from Brazil. Thanks for the help. > > Marcelo Silva > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > > > > I can't understand what are you trying to explain, > are you trying to authenticate users using LDAP in a MS enviroment? > > why don't you post your question here(portuguese forum): > http://forum.pfsense.org/index.php?PHPSESSID=f61a96472ba74794d9f12dcb61e5dbe0&board=12.0 > > Adeus. > > -- > Linux User #452368 > Ubuntu User #28025 > > "Doing a thing well is often a waste of time." > > //HP Mini 2GB 60GB - Ubuntu Netbook Remix JJ > //Core 2 Duo 2.40Ghz 8GB 500GB - Win Vista / 7 /Ubuntu JJ > //Core 2 Duo 2.40Ghz 8GB 320GB - MacOS X > //Athlon 64 2.7Ghz 8GB 400GB - CentOS 5.3 > //Core 2 Duo 1.86Ghz 8GB 1TB - Proxmox 1.3 > //Celeron 1.8Ghz 2GB 160GB - pfSense > //NSLU2 266Mhz 32MB 1TB - Debian Lenny > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > > > > Well I'm not the one who needs help right now. > > Obrigado. > > > > - To > unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional > commands, e-mail: support-h...@pfsense.com Commercial support available - > https://portal.pfsense.org No hablo portugues, solo español, pero puedes verificar si esto te sirve: http://www.pfsense.org/mirror.php?section=tutorials/cp_config/radius_win2k3.htm o hacer una busqueda mas amplia en el foro: http://forum.pfsense.org/index.php?action=search2 -- Linux User #452368 Ubuntu User #28025 "Doing a thing well is often a waste of time." //HP Mini 2GB 60GB - Ubuntu Netbook Remix JJ //Core 2 Duo 2.40Ghz 8GB 500GB - Win Vista / 7 /Ubuntu JJ //Core 2 Duo 2.40Ghz 8GB 320GB - MacOS X //Athlon 64 2.7Ghz 8GB 400GB - CentOS 5.3 //Core 2 Duo 1.86Ghz 8GB 1TB - Proxmox 1.3 //Celeron 1.8Ghz 2GB 160GB - pfSense //NSLU2 266Mhz 32MB 1TB - Debian Lenny - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Enable LDAP
Victor, Quero saber como colocar o PFSense para se comunicar com o meu Active Directory, para realizar as regras com base nos logins dos usuários do meu Domínio. Atc, Marcelo Victor Padro escreveu: On Tue, Aug 4, 2009 at 9:06 PM, Fabricio Ferreira wrote: Hello Victor. Can I help you? I'm from Brazil... Posso te ajudar? Escreva diretamente para meu E-mail gu...@bol.com.br Até... Fabrício. -Mensagem original- De: Victor Padro [mailto:vpa...@gmail.com] Enviada em: terça-feira, 4 de agosto de 2009 22:27 Para: support@pfsense.com Assunto: Re: [pfSense Support] Enable LDAP On Tue, Aug 4, 2009 at 6:26 PM, Marcelo Silva wrote: Hi, I am PFSense version 1.2.3-RC1, I wonder if you are like the rules of the firewall are for LDAP, my LDAP server is Windows 2003 Server. Excuse my English, I am writing from Brazil. Thanks for the help. Marcelo Silva - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org I can't understand what are you trying to explain, are you trying to authenticate users using LDAP in a MS enviroment? why don't you post your question here(portuguese forum): http://forum.pfsense.org/index.php?PHPSESSID=f61a96472ba74794d9f12dcb61e5dbe0&board=12.0 Adeus. -- Linux User #452368 Ubuntu User #28025 "Doing a thing well is often a waste of time." //HP Mini 2GB 60GB - Ubuntu Netbook Remix JJ //Core 2 Duo 2.40Ghz 8GB 500GB - Win Vista / 7 /Ubuntu JJ //Core 2 Duo 2.40Ghz 8GB 320GB - MacOS X //Athlon 64 2.7Ghz 8GB 400GB - CentOS 5.3 //Core 2 Duo 1.86Ghz 8GB 1TB - Proxmox 1.3 //Celeron 1.8Ghz 2GB 160GB - pfSense //NSLU2 266Mhz 32MB 1TB - Debian Lenny - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org Well I'm not the one who needs help right now. Obrigado. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Enable LDAP
On Tue, Aug 4, 2009 at 9:06 PM, Fabricio Ferreira wrote: > Hello Victor. > Can I help you? I'm from Brazil... > > > Posso te ajudar? Escreva diretamente para meu E-mail gu...@bol.com.br > Até... > > Fabrício. > > > > -Mensagem original- > De: Victor Padro [mailto:vpa...@gmail.com] > Enviada em: terça-feira, 4 de agosto de 2009 22:27 > Para: support@pfsense.com > Assunto: Re: [pfSense Support] Enable LDAP > > On Tue, Aug 4, 2009 at 6:26 PM, Marcelo Silva wrote: >> Hi, I am PFSense version 1.2.3-RC1, I wonder if you are like the rules of >> the firewall are for LDAP, my LDAP server is Windows 2003 Server. >> Excuse my English, I am writing from Brazil. Thanks for the help. >> >> Marcelo Silva >> >> - >> To unsubscribe, e-mail: support-unsubscr...@pfsense.com >> For additional commands, e-mail: support-h...@pfsense.com >> >> Commercial support available - https://portal.pfsense.org >> >> > > I can't understand what are you trying to explain, > are you trying to authenticate users using LDAP in a MS enviroment? > > why don't you post your question here(portuguese forum): > http://forum.pfsense.org/index.php?PHPSESSID=f61a96472ba74794d9f12dcb61e5dbe0&board=12.0 > > Adeus. > > -- > Linux User #452368 > Ubuntu User #28025 > > "Doing a thing well is often a waste of time." > > //HP Mini 2GB 60GB - Ubuntu Netbook Remix JJ > //Core 2 Duo 2.40Ghz 8GB 500GB - Win Vista / 7 /Ubuntu JJ > //Core 2 Duo 2.40Ghz 8GB 320GB - MacOS X > //Athlon 64 2.7Ghz 8GB 400GB - CentOS 5.3 > //Core 2 Duo 1.86Ghz 8GB 1TB - Proxmox 1.3 > //Celeron 1.8Ghz 2GB 160GB - pfSense > //NSLU2 266Mhz 32MB 1TB - Debian Lenny > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > Well I'm not the one who needs help right now. Obrigado. -- Linux User #452368 Ubuntu User #28025 "Doing a thing well is often a waste of time." //HP Mini 2GB 60GB - Ubuntu Netbook Remix JJ //Core 2 Duo 2.40Ghz 8GB 500GB - Win Vista / 7 /Ubuntu JJ //Core 2 Duo 2.40Ghz 8GB 320GB - MacOS X //Athlon 64 2.7Ghz 8GB 400GB - CentOS 5.3 //Core 2 Duo 1.86Ghz 8GB 1TB - Proxmox 1.3 //Celeron 1.8Ghz 2GB 160GB - pfSense //NSLU2 266Mhz 32MB 1TB - Debian Lenny - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RES: [pfSense Support] Enable LDAP
Hello Victor. Can I help you? I'm from Brazil... Posso te ajudar? Escreva diretamente para meu E-mail gu...@bol.com.br Até... Fabrício. -Mensagem original- De: Victor Padro [mailto:vpa...@gmail.com] Enviada em: terça-feira, 4 de agosto de 2009 22:27 Para: support@pfsense.com Assunto: Re: [pfSense Support] Enable LDAP On Tue, Aug 4, 2009 at 6:26 PM, Marcelo Silva wrote: > Hi, I am PFSense version 1.2.3-RC1, I wonder if you are like the rules of > the firewall are for LDAP, my LDAP server is Windows 2003 Server. > Excuse my English, I am writing from Brazil. Thanks for the help. > > Marcelo Silva > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > I can't understand what are you trying to explain, are you trying to authenticate users using LDAP in a MS enviroment? why don't you post your question here(portuguese forum): http://forum.pfsense.org/index.php?PHPSESSID=f61a96472ba74794d9f12dcb61e5dbe0&board=12.0 Adeus. -- Linux User #452368 Ubuntu User #28025 "Doing a thing well is often a waste of time." //HP Mini 2GB 60GB - Ubuntu Netbook Remix JJ //Core 2 Duo 2.40Ghz 8GB 500GB - Win Vista / 7 /Ubuntu JJ //Core 2 Duo 2.40Ghz 8GB 320GB - MacOS X //Athlon 64 2.7Ghz 8GB 400GB - CentOS 5.3 //Core 2 Duo 1.86Ghz 8GB 1TB - Proxmox 1.3 //Celeron 1.8Ghz 2GB 160GB - pfSense //NSLU2 266Mhz 32MB 1TB - Debian Lenny - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Enable LDAP
On Tue, Aug 4, 2009 at 6:26 PM, Marcelo Silva wrote: > Hi, I am PFSense version 1.2.3-RC1, I wonder if you are like the rules of > the firewall are for LDAP, my LDAP server is Windows 2003 Server. > Excuse my English, I am writing from Brazil. Thanks for the help. > > Marcelo Silva > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > I can't understand what are you trying to explain, are you trying to authenticate users using LDAP in a MS enviroment? why don't you post your question here(portuguese forum): http://forum.pfsense.org/index.php?PHPSESSID=f61a96472ba74794d9f12dcb61e5dbe0&board=12.0 Adeus. -- Linux User #452368 Ubuntu User #28025 "Doing a thing well is often a waste of time." //HP Mini 2GB 60GB - Ubuntu Netbook Remix JJ //Core 2 Duo 2.40Ghz 8GB 500GB - Win Vista / 7 /Ubuntu JJ //Core 2 Duo 2.40Ghz 8GB 320GB - MacOS X //Athlon 64 2.7Ghz 8GB 400GB - CentOS 5.3 //Core 2 Duo 1.86Ghz 8GB 1TB - Proxmox 1.3 //Celeron 1.8Ghz 2GB 160GB - pfSense //NSLU2 266Mhz 32MB 1TB - Debian Lenny - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] Enable LDAP
Hi, I am PFSense version 1.2.3-RC1, I wonder if you are like the rules of the firewall are for LDAP, my LDAP server is Windows 2003 Server. Excuse my English, I am writing from Brazil. Thanks for the help. Marcelo Silva - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Problem with apinger
On Tue, Aug 4, 2009 at 10:56 AM, Matthias Niggemeier wrote: > Von: Matthias Niggemeier [mailto:m...@thias.de] > Gesendet: Dienstag, 4. August 2009 08:47 > An: support@pfsense.com > Betreff: [pfSense Support] Problem with apinger > >> Hi there, >>since the upgrade to 1.2.3-RC2 (July 23) parts of my failoverpools go > offline once a day. The system log shows entries >like this: >> >>apinger: ALARM: 208.67.220.220(208.67.220.220) *** down ***. Loss 0.0%, > Delay 75.436ms >> >>In this situation, I have to go to load_balancer_pool.php, edit one pool > and hit save. After that, everything is >>fine and online. >>Is there a workaround for this? > > Update: > > The sequence before failing is as follows: > > Aug 4 15:38:33 apinger: Target "208.67.220.220": Lost packet count mismatch > (-7(recently_lost) != 0(really_lost))! > Aug 4 15:38:33 apinger: Target "208.67.220.220": Received packets buffer: > ## #... > Aug 4 15:38:40 apinger: ALARM: 208.67.220.220(208.67.220.220) *** down ***. > Loss 12.0%, Delay 72.620ms > > After that apinger does not recover until I go to the pool configuration and > hit save. This is a known issue that we are working on. No workarounds exist at present. Scott - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
AW: [pfSense Support] Problem with apinger
Von: Matthias Niggemeier [mailto:m...@thias.de] Gesendet: Dienstag, 4. August 2009 08:47 An: support@pfsense.com Betreff: [pfSense Support] Problem with apinger > Hi there, >since the upgrade to 1.2.3-RC2 (July 23) parts of my failoverpools go offline once a day. The system log shows entries >like this: > >apinger: ALARM: 208.67.220.220(208.67.220.220) *** down ***. Loss 0.0%, Delay 75.436ms > >In this situation, I have to go to load_balancer_pool.php, edit one pool and hit save. After that, everything is >fine and online. >Is there a workaround for this? Update: The sequence before failing is as follows: Aug 4 15:38:33 apinger: Target "208.67.220.220": Lost packet count mismatch (-7(recently_lost) != 0(really_lost))! Aug 4 15:38:33 apinger: Target "208.67.220.220": Received packets buffer: ## #... Aug 4 15:38:40 apinger: ALARM: 208.67.220.220(208.67.220.220) *** down ***. Loss 12.0%, Delay 72.620ms After that apinger does not recover until I go to the pool configuration and hit save. Regards Matthias - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
FW: FW: [pfSense Support] Re: Can't get more than 15kpps.
From: Lenny [mailto:five2one.le...@gmail.com] Sent: Tuesday, August 04, 2009 4:04 AM To: support@pfsense.com Subject: Re: [pfSense Support] Re: Can't get more than 15kpps. well, this is what I got: bypass the firewall (just 2 PCs connected via the switch): iperf -c server-ip -t 60 -M 500 380Mb/s iperf -c server-ip -t 60 -M 500 -d 477Mb/s 422 Mb/s comparing to the tests with bce driver: iperf -c server-ip -t 60 -M 500 300Mb/s 52 -85kpps iperf -c server-ip -t 60 -M 500 -d 303Mb/s (and it says write2 failed: broken pipe) with firewall turned off (in the advanced options): iperf -c server-ip -t 60 -M 500 -d 199Mb/s 656Mb/sec 85kpps iperf -c server-ip -t 60 -M 500 371-487Mb/s 67-114kpps it gave me different results every time. all the rules on the firewall were "allow any to any". the results look kinda weird to me. Especially that the same test would gave me 2 absolutely different results. Does it tell you anything? Lenny. I would eliminate TCP acknowledgments factor here. Although it should not dramatically affect speed here anyway I would go with UDP stream. Just add -u option. Plus put -t 120 and -i 10 and you'll see whether throughput is stable or not, usually the first period does not give good results. Eugene.
Re: [pfSense Support] Help with Siproxd
On Aug 3, 2009, at 11:32 PM, Aarno Aukia wrote: As 1.2.3 hasn't been released yet, I assume you are using 1.2.3-rc1. You said you installed the siproxd package on 1.2.3-rc1 embedded ? Have you: - configured siproxd ? services -> siproxd, set the in- and outbound interfaces, port ranges etc - added firewall rules to WAN to allow the configured port ranges ? - configured AON by simply clicking "Manual Outbound NAT rule generation" in Firewall -> NAT -> Outbound, leaving the default rule untouched and applying ? -Aarno On Tue, Aug 4, 2009 at 11:08, Jeremy Bennett wrote: On Aug 3, 2009, at 6:29 PM, David Burgess wrote: On Mon, Aug 3, 2009 at 9:55 PM, Jeremy Bennett wrote: When I install siproxd, everything looks good, however when I go to my "services" page and press the "play/start" button, PFsense reports that "siproxd has been started", but when the page refreshes, the status still shows up as "stopped". Have you tried refreshing the Services>>Status page after waiting a few more seconds? I haven't used the siproxd package, but I know that some services take longer to start than it does for the page to refresh. db Yes I have waited for 30 seconds, a minute, 5 minutes, It never changes from "stopped" - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org -- Aarno Aukia Atrila GmbH Switzerland - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org Checked through Aarno's suggestions. Was able to get siproxd to "running" status. Next issue to wade through: My VOIP provider doesn't use RTP. If I disable RTP in siproxd, it won't run. Does that mean I am out of luck? Mahalo, Jeremy - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Help with Siproxd
As 1.2.3 hasn't been released yet, I assume you are using 1.2.3-rc1. You said you installed the siproxd package on 1.2.3-rc1 embedded ? Have you: - configured siproxd ? services -> siproxd, set the in- and outbound interfaces, port ranges etc - added firewall rules to WAN to allow the configured port ranges ? - configured AON by simply clicking "Manual Outbound NAT rule generation" in Firewall -> NAT -> Outbound, leaving the default rule untouched and applying ? -Aarno On Tue, Aug 4, 2009 at 11:08, Jeremy Bennett wrote: > > On Aug 3, 2009, at 6:29 PM, David Burgess wrote: > >> On Mon, Aug 3, 2009 at 9:55 PM, Jeremy Bennett >> wrote: >> >>> When I install siproxd, everything looks good, however when I go to my >>> "services" page and press the "play/start" button, PFsense reports that >>> "siproxd has been started", but when the page refreshes, the status still >>> shows up as "stopped". >> >> Have you tried refreshing the Services>>Status page after waiting a >> few more seconds? I haven't used the siproxd package, but I know that >> some services take longer to start than it does for the page to >> refresh. >> >> db >> > > Yes I have waited for 30 seconds, a minute, 5 minutes, It never changes from > "stopped" > > > > - > To unsubscribe, e-mail: support-unsubscr...@pfsense.com > For additional commands, e-mail: support-h...@pfsense.com > > Commercial support available - https://portal.pfsense.org > > -- Aarno Aukia Atrila GmbH Switzerland - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Help with Siproxd
On Aug 3, 2009, at 6:29 PM, David Burgess wrote: On Mon, Aug 3, 2009 at 9:55 PM, Jeremy Bennett wrote: When I install siproxd, everything looks good, however when I go to my "services" page and press the "play/start" button, PFsense reports that "siproxd has been started", but when the page refreshes, the status still shows up as "stopped". Have you tried refreshing the Services>>Status page after waiting a few more seconds? I haven't used the siproxd package, but I know that some services take longer to start than it does for the page to refresh. db Yes I have waited for 30 seconds, a minute, 5 minutes, It never changes from "stopped" - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Re: Can't get more than 15kpps.
well, this is what I got: bypass the firewall (just 2 PCs connected via the switch): iperf -c server-ip -t 60 -M 500 380Mb/s iperf -c server-ip -t 60 -M 500 -d 477Mb/s 422 Mb/s comparing to the tests with bce driver: iperf -c server-ip -t 60 -M 500 300Mb/s 52 -85kpps iperf -c server-ip -t 60 -M 500 -d 303Mb/s (and it says write2 failed: broken pipe) with firewall turned off (in the advanced options): iperf -c server-ip -t 60 -M 500 -d 199Mb/s 656Mb/sec 85kpps iperf -c server-ip -t 60 -M 500 371-487Mb/s 67-114kpps it gave me different results every time. all the rules on the firewall were "allow any to any". the results look kinda weird to me. Especially that the same test would gave me 2 absolutely different results. Does it tell you anything? Lenny. On Mon, Aug 3, 2009 at 7:51 PM, Tim Dressel wrote: > > Hi Lenny, > > I'm not sure if this would be useful or not, if you connected the > iperf server and client with a cable and repeated the same test (i.e. > not going through the router) you should be able to see what the > theoretical max is for your setup. If you compare that to the results > you just got and you don't see a huge drop (more than 20%) then that > should be pretty accurate for that. You probably should also do the > bidirectional test as well (-d option) to see if your one way > performance drops (it should not). >
