Some of the centrally managed stuff can push over 30mbps "real
world", the Meru and Trapeze stuff supposedly can. This is of course
using something like iperf that just moves packets. Adding a B
client will of course slow it down.
-
Nic
Agreed, I was speaking generally and strictly from testing I've seen
or done. I should have clarified that I was comparing with Cisco
AP12xx and not pfsense.
-
Nick Buraglio
[EMAIL PROTECTED]
GnuPG Key: 0x2E5B44F4
On Dec 2, 2005, at 11:48 AM
The netscreens are not too bad, I have experience with the ns5400's
and the little ns5gt. They have a decent gui but the cli is a little
unintuitive until you get used to it. They start getting pretty
pricey when you start adding interfaces too. As a different approach
you could always
Of those of you that have been using the captive portal, how large
and diverse are your user bases? I'm going to test this under
simulated load and on a limited test base but I'm curious if given
some higher end hardware if the portal can handle a few hundred heavy
users daily. I see no r
What are the issues you have with your ISP? Are you sure they are
related to routing? I was the senior network engineer for a decent
sized ISP for years and in my experience last mile problems are
almost always relate to the telco and not [dynamic] routing. Why do
you feel you need dyn
Just to clarify, I'm not trying to discourage but more to see if what
you want to do will actually solve your problem and not just be a lot
of work for little or no gain.
nb
On Feb 18, 2006, at 9:32 PM, Nick Buraglio wrote:
What are the issues you have with your ISP? Are you sure
em and not just be a lot
of work for little or no gain.
nb
On Feb 18, 2006, at 9:32 PM, Nick Buraglio wrote:
What are the issues you have with your ISP? Are you sure they are
related to routing? I was the senior network engineer for a
decent sized ISP for years and in my experience last mile
This is somewhat related...
I just ran the shaping wizard (which I had not done in quite some
time) has it changed much? It seemed to be a little different to me.
Didn't there used to be an option to not use the wizard and create
your own rules (I'm trying to remember how I did it)?
Is there
On Feb 20, 2006, at 10:29 AM, Bill Marquette wrote:
On 2/20/06, Nick Buraglio <[EMAIL PROTECTED]> wrote:
This is somewhat related...
I just ran the shaping wizard (which I had not done in quite some
time) has it changed much? It seemed to be a little different to me.
Not visibly - b
Take it out and test without it. If the results are the same then
you can point at them. Why is the Cisco in there? If I'm understand
correctly, you have:
[some internet connecton] <=> [Cisco 2500] <=> [pfSense box] <=> [LAN]
Is the cisco doing some kind of routing? What is the model of
ng in stages; Last mile, provider, some facility
that has decent connectivity, etc..
How are you testing?
On Feb 21, 2006, at 12:52 PM, Nick Buraglio wrote:
Take it out and test without it. If the results are the same then
you can point at them. Why is the Cisco in there? If I'm
Isn't a lot of this substantially lower layer feature? A lot (not
the static udp stuff) of what you're wanting is pf level development
work. That said, last time I had looked at the pf list (which was a
whiile ago) they were not interested in adding a lot of "goo" into
pf, but instead kee
On Mar 1, 2006, at 9:31 AM, Adam Gibson wrote:
Nick Buraglio wrote:
Isn't a lot of this substantially lower layer feature? A lot (not
the static udp stuff) of what you're wanting is pf level
development work. That said, last time I had looked at the pf
list (which was a
Could you just grab the /tmp/rules.debug file?
On Mar 9, 2006, at 2:08 PM, DarkFoon wrote:
I am curious if it is possible to "merge"-for want of a better word-
pfSense with a FreeBSD install. Why? Well, I have a client who
wants to integrate everything into 1 box if possible. I told him
its
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I've been thinking about adding pftabled to pfsense but have not had
the time to really do it yet since I'm slow at writing the gui
parts. It's certainly possible to use pftabled to remotely
manipulate a pf table, even via scripts. If I get so
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
That was what I was thinking, and it does present a hurdle to jump if
implementing pftabled.
nb
On Jun 26, 2006, at 6:07 PM, Bill Marquette wrote:
On 6/26/06, Nick Buraglio <[EMAIL PROTECTED]> wrote:
-BEGIN PGP SIGNED MESSAGE
Does m0n0 still use dummynet for it's packet scheduling? I have not
used it in years.
nb
On Jul 5, 2006, at 10:14 AM, Scott Ullrich wrote:
On 7/5/06, Jan-Patrick Perisse <[EMAIL PROTECTED]> wrote:
I see that captive portal with per user bandwitdh
limiting has been implemented in monowall
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Is there an easy way to get the pfsense gui to see a gif interface that
I create manually? I'm working on some v6 stuff via a public v6
delegation (and a tunnel) and want to be able to use the gui of the rule
generation if possible. If not I can prob
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
You're the man, thanks.
nb
Scott Ullrich wrote:
> On 8/3/06, Nick Buraglio <[EMAIL PROTECTED]> wrote:
>> -BEGIN PGP SIGNED MESSAGE-
>> Hash: SHA1
>>
>> Is there an easy way to get the pfsense gui t
On a side note, I was always taught to use boot tftp:// as a last effort to get the boxes booted, if it can't load anything else. For example:boot system flash disk0:s72033-pk9sv-mz.122-18.SXD7.binboot system flash sup-bootflash:
s72033-pk9sv-mz.122-18.SXD5.binboot system tftp tftpserver:/cisco/6
FYI, this is pretty standard (assigning a framed-route via radius or whatever) for business class DSL provisioning. I did this all the time when I worked for an ISP and rolled my own DSL. As far as I've seen most DSL providers that use PPPoE (ATT is the big one) do it this way.
nbOn 10/30/06
On 11/10/06, Marcus Bajohr <[EMAIL PROTECTED]> wrote:
Sanjay Arora wrote:> I wish to enable logging of events onto a syslog server on the LAN> segment. Can somebody tell me about the security & operational issues> involved?>> e.g.>
> - Do I introduce any security vulnerability in selecting logging
Is there any active development being done on the quagga package? I
noticed it's still on my local mirror but not in the packages list. I
started messing around with making it work since I have need for "simple"
ospf. Since I'm lazy by nature I don't want to replicate work being done by
someon
Cool, thanks for the quick response.
nb
On 11/30/06, Bill Marquette <[EMAIL PROTECTED]> wrote:
As far as I know, nobody with commit access is working on this and I
haven't seen anything regarding someone else working on it.
--Bill
On 11/30/06, Nick Buraglio <[EMAIL PROTECTED
What was the OS that had the support that you suggested?
nb
On 6/17/07, RB <[EMAIL PROTECTED]> wrote:
> > As things stand, devices on separate ports are capable of communicating
with each other, but the traffic is unseen on fxp0.
> Well, this is the normal behaviour of a switch...
Agreed - I
/suggested/expected/
On 6/17/07, Nick Buraglio <[EMAIL PROTECTED]> wrote:
What was the OS that had the support that you suggested?
nb
On 6/17/07, RB <[EMAIL PROTECTED]> wrote:
> > > As things stand, devices on separate ports are capable of communicating
with each othe
There is a fine line between useful access and too little access in a
campus environment. I've had pretty good luck in the MDUs I've put
pfsense boxes in. Doing direct comparison to other products like
L7-filter based linux boxes and some commercial solutions the pfsense
box does what it does an
Although not freeware, omnigraffle is a nice alternative if you have a Mac.
nb
-Original Message-
From: Chris Buechler <[EMAIL PROTECTED]>
Date: Wed, 11 Jul 2007 22:16:57
To:discussion@pfsense.com
Subject: Re: [pfSense-discussion] drawing network diagrams
On Wed, 2007-07-11 at 13:18
Is there a reason you're running jumbo frames? If you're going to enable it
you should run it on all interfaces that touch the segment. It will likely
work on lower mtu devices but it is certainly not beat practice to mix and
match. If you are running it internally to gain performance then yo
On 8/7/07, Eugen Leitl <[EMAIL PROTECTED]> wrote:
>
> On Tue, Aug 07, 2007 at 01:00:55PM +, Nick Buraglio wrote:
> > Is there a reason you're running jumbo frames? If you're going to
>
> I need more performance on NFS and RDP (assuming, RDP can make
> use
What wireless AP are you using?
nb
On 9/5/07, Tunge2 <[EMAIL PROTECTED]> wrote:
>
> Hello,
> Are we the only one with this problem, with PFsense? Iám running the
> newste version *1.2-RC2*
> built on Mon Aug 20 12:41:04 EDT 2007
>
> The only router is our PFsense router...
>
>
You can QoS based on the ToS bit for SCP transfers if that is
something you're worried about.
nb
On 10/3/07, Andrew C Burnette <[EMAIL PROTECTED]> wrote:
> Hey guys,
>
> any dirty tricks in pfsense to limit the amount of bandwidth on ssh
> transfers outbound? I've got 5Mbps upload bandwidth, bu
I guess I should be more clear, I've been using transparent squid +
altq traffic shaping for a lng time without issues. I have *not*,
however, tried using the penalize feature with squid.
nb
On 2/27/08, Nick Buraglo <[EMAIL PROTECTED]> wrote:
> I've been using this on several high traffic s
You can also choose to disable nat for a routing only platform, which
may work a little better for what you are wanting to do. If memory
serves, it is a check box in system / advanced.
nb
On Mar 14, 2008, at 9:11 AM, Mark Crane <[EMAIL PROTECTED]> wrote:
This should help:
Setup a transpar
34 matches
Mail list logo