Author: Ryan Language: text
Description: pfSense Very Costly Overhead? Timestamp: 2013-06-13 17:38:35 +0000
View raw paste Reply
  1. Hi guys. A few episodes ago you talked about network performance and iperf. Well, as soon as I got home, I saturated my network with iperf tests to see how it would stand up to my theoretical 1GIG infrastructure.
  2.  
  3. Between my OpenSUSE servers, I can obtain 950mb/s across an Asante manageable switch. 850mb/s when the switch is bypassed with a direct cat-6 cable (kind of weird).
  4.  
  5. Here's the part that shocked me: I use pfSense on an Intel 3200SH server motherboard with 3 Intel Pro 1000 NICs, 4GB of ram and an Intel 2.8GHz Core2Due processor.
  6.  
  7. I installed the iperf package on pfSense and tested the throughput to the firewall. I was getting 850mb/s. When I tested from a server attached to one NIC - through the firewall - to a server attached to the other Pro1000 NIC, I could only obtain 350mb/s!!!
  8.  
  9. The NICs are both in PCI-e 4x slots. Is there a configuration change I can make on in pfSense to get better throughput? I can understand some loss in speed since the firewall has to process the traffic but losing 500mb/s seems a bit excessive. Hopefully you (well, probably the freeBSD genius) can shine some light on this.
  10.  
  11. Congrats on show 100. Unfortunately I started listening late and am still catching up on shows and missed my opportunity to get a 100 t-shirt but you can be sure I'll be caught up and around for episode 200!
  12.  
  13. Love the show,
  14. Ryan
View raw paste Reply