That brings up a good question: what sort of hardware *should* I be using to forward ~1Gbps of IP traffic between two NICs (or two VLANs, doesn't matter)? I'm currently pfSense under VMWare ESXi, on an 8-core Xeon 2.8GHz machine with 24Gb of RAM and 4x1GbE bonded network(i.e. lots of spare overhead, it's not even fully utilized yet) and have noticed a few things: 1. passing all the VLAN tags through to pfSense and setting up VLAN interfaces there gives lower performance than configuring 4 x virtual networks in VMware and setting up 4 x virtual NICs in the VM. 2. routing between VLANs in VMware seems to provide significantly lower peak performance than using dedicated hardware: a dual P-III 1.0GHz running dual 1GbE on a PCI-X card outperformed the VMware install by a factor of five. I suspect some subtle interaction between my switch, VMware and VLANs.
The numbers: the dual-1GHz-PIII could sustain between 200-300Mbit/sec between the two 1Gb ports (untagged). The VM can only sustain about 10-20Mbit/sec between the same two VLANs. I haven't yet attempted to dedicate one port in VMware to each VLAN in order to completely remove tagging. -Adam Thompson Chief Technical Architect, C3A Inc. [email protected] (204) 272-9628 / fax: (204) 272-8291 > -----Original Message----- > From: Chris Buechler [mailto:[email protected]] > Sent: Wednesday, July 14, 2010 2:38 PM > To: [email protected] > Subject: Re: [pfSense Support] Minimal configuration for pfSense. > > On Wed, Jul 14, 2010 at 3:33 PM, Laurentiu STEFAN > <[email protected]> wrote: > > OKa. I have seen.... > > I have 2 connextion 30-100mbps so I need no less than 1.0 GHz CPU > > > > Yeah that's reasonable, to ensure you aren't going to overload the > system. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] For > additional commands, e-mail: [email protected] > > Commercial support available - https://portal.pfsense.org
