[pfSense Support] Hardware dimensioning: Alix boards
Greetings list, We've been using Alix boards (2C1 initially, now 2D1 - 400Mhz Geode, 128MB RAM) for a few years with pfSense. One of our clients, whose network is normally about 50 users, is running an event this weekend which will see the number of connected devices rise to about 300. Does anyone have any experience as to whether the little Alix system will handle that number of users? The router is only doing fairly basic functions - DHCP, DNS and a small number of routing rules (no WLAN, no traffic shaping, etc.). Thanks in advance. Regards, Chris -- For full contact details visit http://www.minotaur.it This email is made from 100% recycled electrons - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Hardware dimensioning: Alix boards
Chris Bagnall wrote: We've been using Alix boards (2C1 initially, now 2D1 - 400Mhz Geode, 128MB RAM) for a few years with pfSense. One of our clients, whose network is normally about 50 users, is running an event this weekend which will see the number of connected devices rise to about 300. Does anyone have any experience as to whether the little Alix system will handle that number of users? The router is only doing fairly basic functions - DHCP, DNS and a small number of routing rules (no WLAN, no traffic shaping, etc.). I don't have any ALIX boxes with that many people behind them, so perhaps someone else may have more input into that specific scenario. That said, in my (albeit limited) testing those devices don't care so much about the amount of clients behind them as much as the throughput. You may want to monitor the number of states just to be safe. They are very CPU limited when it comes to server tasks. If you are just running basic services and no VPNs, as long as you keep the throughput under 80-85Mbit/s you should be OK. If your Internet link is well under that limit, you shouldn't have any problems. Jim - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Hardware dimensioning: Alix boards
Chris Bagnall wrote: We've been using Alix boards (2C1 initially, now 2D1 - 400Mhz Geode, 128MB RAM) for a few years with pfSense. One of our clients, whose network is normally about 50 users, is running an event this weekend which will see the number of connected devices rise to about 300. Does anyone have any experience as to whether the little Alix system will handle that number of users? The router is only doing fairly basic functions - DHCP, DNS and a small number of routing rules (no WLAN, no traffic shaping, etc.). You could have a spare P4 ready loaded with Pfsense ready to rock with a backup of the config from the Alix box. If it gets too much for the Alix it'll takes 5 mins to swap it over - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
RE: [pfSense Support] Proxy ARP for a block
-Original Message- From: cbuech...@gmail.com [mailto:cbuech...@gmail.com] On Behalf Of Chris Buechler Sent: 04 September 2009 17:54 To: support@pfsense.com Subject: Re: [pfSense Support] Proxy ARP for a block On Fri, Sep 4, 2009 at 9:28 AM, Hiren Joshij...@moonfruit.com wrote: This is the problem I'm facing, I have a master and slave setup and my ISP has just forced a load of new IPs on a different subnet, can anyone offer pointers? Is this a good idea? http://doc.pfsense.org/multiple-subnets-one-interface-pfsense.pdf No. With CARP you have to have the additional subnets routed to one of your CARP IPs. Then configure them as Other VIPs. Prefect! Thanks. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
[pfSense Support] How to backup pfSense complete?
Hello, I'd like to ask how to backup pfSense the correct way? If I use the WebGUI backup/restore option than I only get the xml config file with my settings. But what is with my VPN cert/keys etc. How to backup this things in the event of a failure where I have to st up a fresh installation? Would be nice to have a button to get this things as a tar file or something similar. The second is that I didn't have the config history at Diagnostics: Configuration History. The Browser show me No backups found. Do I have to activate this pfSense feature? -- Best regards Dominik Schips signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: [pfSense Support] How to backup pfSense complete?
On Wed, Sep 9, 2009 at 2:22 PM, Dominik Schipsdomi...@s235.de wrote: Hello, I'd like to ask how to backup pfSense the correct way? There is a backup package you can install that allows you to back up directories that you specify. db - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] Help with static routing
Chris Buechler wrote: On Fri, Aug 28, 2009 at 2:28 PM, Guy Boisvertboisvert@videotron.ca wrote: There is no firewall rules on VLAN3. This is simple routing with the 2910AL (Layer 3) that simply forward traffic to its default gateway which is pfSense on VLAN0. Oh, the VLANs are being routed by something else. Then you just need the static route(s) on LAN, and to change the LAN rule which only allows out the LAN subnet by default. That's assuming you're using automatic outbound NAT, if you have AON enabled you need NAT rules for those subnets too. Sorry for this response out of thread, i never received your response above so i took it from mail-acrhive.com and pasted it here. Yes, LANs 192.168.3.0/24 and 192.168.2.0/24 are routed by a Layer 3 Switch (HP 2910al L3 Switch) which is connected to pfSense LAN interface. 2910AL is 192.168.0.11 and pfSense is 192.168.0.222. Default gateway of the 2910AL is 192.168.0.222 of course. It still doesn't work and i don't know why! I'm mystified! Effectively, i use Manual Outbound NAT (MON). I have the following rule for MON: Interface: WAN Source: Network Address: 192.168.3.0/24 Destination: Any Translation: Interface Address As i previously said, firewall rule for LAN interface is wide open (all stars!!!). For static route, i have: - Interface: LAN Destination Network: 192.168.3.0/24 Gateway: 192.168.0.11 (2910al's interface addr on LAN) Ping from 192.168.3.40 (My Test PC on VLAN3) to 192.168.0.222 (pfSense) and 192.168.0.1 (Our file server) all work. I can connect to our terminal server from my PC. Only Internet is failing. With the above settings, i don't know what is blocking the traffic to the internet... I use pfSense 1.2.2 build Thu Jan 8 22:30:24 EST 2009 on a PC with hard drive. If anybody had an idea, let me know!!! Thanks! Guy Boisvert - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] How to backup pfSense complete?
On Wed, Sep 9, 2009 at 4:22 PM, Dominik Schipsdomi...@s235.de wrote: Hello, I'd like to ask how to backup pfSense the correct way? If I use the WebGUI backup/restore option than I only get the xml config file with my settings. But what is with my VPN cert/keys etc. The config includes all of that. If you're using easyrsa on the firewall for OpenVPN keys, you'll need the backup package to backup that directory. - To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] How to backup pfSense complete?
Hello, Am Mittwoch, den 09.09.2009, 18:48 -0400 schrieb Chris Buechler: On Wed, Sep 9, 2009 at 4:22 PM, Dominik Schipsdomi...@s235.de wrote: Hello, I'd like to ask how to backup pfSense the correct way? If I use the WebGUI backup/restore option than I only get the xml config file with my settings. But what is with my VPN cert/keys etc. The config includes all of that. If you're using easyrsa on the firewall for OpenVPN keys, you'll need the backup package to backup that directory. Thank you. I think I'll put easyrsa to a local box and do a backup of the config befor changes. pfSense is the best firewall system I have ever used. :) -- Best regards Dominik Schips signature.asc Description: Dies ist ein digital signierter Nachrichtenteil