Im using PFSense to build integrated automated fire prevention systems. Just wanted to pass on, one of the 1000s of ways, you're helping people make the world better. Great videos well made, with real world benefits to huge amounts of people.
Excellent video. Thanks for posting. Seeing how jumpy some of those graphs are, helps to show how much cable modems suck, especially if you are hoping to run VoIP phones or other real time stuff over it. I was looking over some of the same graphs on the pfSense firewalls I manage on fiber-optic and they are buttery smooth where those cable modem graphs you show are rather lumpy and spiky (for things like latency and packet loss). Ouch! I remember one time I was having to deal with a cross country data dump where the CentOS based servers had a kernel security patch that broke TCP fast retransmits for large in flight transmit buffers (which is needed for transmission across the country). On a heavily loaded fiber-optic line through AT&T (not the best carrier), the large transfers would cut out every 20 minutes or so and I had to modify the Python routines I wrote to detect these dropouts and restart the transfers. Testing it on a cable modem where this was all that the cable modem was doing at the time and it would drop basically right away due to all of the random packet loss on the cable modem. This was after taking every measure possible to minimize packet loss. Then tried on a lightly loaded fiber connection (not AT&T) and the transfers completed without a hitch every time because no fast retransmits were ever needed because no packets were ever lost. This was all done in the same place going across country to the same servers, just different Internet connections used. I took time doing captures with Wireshark to verify what was happening and used knowledge from raw socket programming to dig down to the lowest levels and the difference in quality of the connections was striking. Right now the deal seems to be a properly done fiber connection is the baseline all other communication technologies needs to be measured against. Everything else really kind of sucks and especially if you are trying to run a business or at least just trying to work from home, it really hurts to not have fiber, at least for your primary connection.
I'm currently dealing with dual wans, loadbalancer and vlans on a test environments. Not succeeded right now. Hope such videos will help me to find my way to success. Thanks.
That was a really useful video. There were lots of little tips and tricks that were new to me. I guarantee this is one I'll end up coming back to more than once in the future :)
I also want to throw in…RTFM. Netgate gives a whole tshoot section to every common problem seen. 90% of the forum posts could be resolved by reading the manual.
I really enjoyed this video as well. I will be getting into these type of situations as I install our new FW infrastructure (pfSense) and this definitely opened my eyes to the tools that are there for me to use. Great, well done video! Thanks!
I’d love to try gray log on my pi but getting it working has been a major headache. I kinda leaned a lot about docker but also am still very lost in it
This couldn't come at a better time. Was hoping someone could advise on an issue with my ISP controlling my DNS even though my DNS is set to pfSense to do root DNS resolution, and firewall rules created to make sure my LAN and VLANs block everything for TCP/UDP to DNS, and then allow only DNS to my Pihole. My pihole is then set up to use pfSense as the upstream DNS and conditional forwarding is enabled as pfsense does my DHCP. Any idea why when I run an extended DNS leak test it always shows as my ISP?
So I have four DHCP servers running on my box. The primary lan gives out IP addresses no problem. When my other machines try to grab IPs from the other DHCPs PF Sense crashes. If I look on the CLI it shows the configurations are still there. However they don't serve out any IP addresses from any port. Any suggestions. I can restore everything from the backup. Everything will work right until I try to add things again. I'm using 2.7 if that helps.
I've got a long time issue I can't figure out with pfSense and my VPN setup. I have one VLAN that should only go out the VPN. The VPN subnet has a rule to use only route out through the VPN gateway... which works... unlesss the VPN goes down. Then nodes on the VPN VLAN still have internet access through the defualt gateway... even though there is no rule for that... and the default WAN gateway is on another subnet and I have even added a block everything rule to the pfSense defualt gateway on the VPN VLAN firewall rules??? If I restart the OpenVPN service the traffic will revert back over the VPN...
I’m trying to setup ddns on my edge router x and when I save and check the configs it says other insted of eth0 and I have tryed setting it up over 50 times and it does the same thing so I’m wondering how do I fix it
Im using PFSense to build integrated automated fire prevention systems. Just wanted to pass on, one of the 1000s of ways, you're helping people make the world better. Great videos well made, with real world benefits to huge amounts of people.
Thanks, friend. This helps a lot. I really wish the rest of the pfsense community was this friendly.
You really have a good handle or understanding on diagnostics within a network environment.
Thanks
So appreciate your generosity with these videos 🙏
Excellent video. Thanks for posting.
Seeing how jumpy some of those graphs are, helps to show how much cable modems suck, especially if you are hoping to run VoIP phones or other real time stuff over it. I was looking over some of the same graphs on the pfSense firewalls I manage on fiber-optic and they are buttery smooth where those cable modem graphs you show are rather lumpy and spiky (for things like latency and packet loss). Ouch!
I remember one time I was having to deal with a cross country data dump where the CentOS based servers had a kernel security patch that broke TCP fast retransmits for large in flight transmit buffers (which is needed for transmission across the country). On a heavily loaded fiber-optic line through AT&T (not the best carrier), the large transfers would cut out every 20 minutes or so and I had to modify the Python routines I wrote to detect these dropouts and restart the transfers. Testing it on a cable modem where this was all that the cable modem was doing at the time and it would drop basically right away due to all of the random packet loss on the cable modem. This was after taking every measure possible to minimize packet loss. Then tried on a lightly loaded fiber connection (not AT&T) and the transfers completed without a hitch every time because no fast retransmits were ever needed because no packets were ever lost. This was all done in the same place going across country to the same servers, just different Internet connections used. I took time doing captures with Wireshark to verify what was happening and used knowledge from raw socket programming to dig down to the lowest levels and the difference in quality of the connections was striking.
Right now the deal seems to be a properly done fiber connection is the baseline all other communication technologies needs to be measured against. Everything else really kind of sucks and especially if you are trying to run a business or at least just trying to work from home, it really hurts to not have fiber, at least for your primary connection.
awesome! added to my pfsense video list
I'm currently dealing with dual wans, loadbalancer and vlans on a test environments. Not succeeded right now. Hope such videos will help me to find my way to success. Thanks.
Crazy needing this right now, loving your content since before, searching for this topic and having this conveniently delivered just in time 😂
+ Thank you!
🙂
That was a really useful video. There were lots of little tips and tricks that were new to me. I guarantee this is one I'll end up coming back to more than once in the future :)
More great pfSense videos!
thanks for this video, Just saved me hours of troubleshooting.
I also want to throw in…RTFM.
Netgate gives a whole tshoot section to every common problem seen. 90% of the forum posts could be resolved by reading the manual.
R.ead T.hat F.ine M.anual every day 🙂
I really enjoyed this video as well. I will be getting into these type of situations as I install our new FW infrastructure (pfSense) and this definitely opened my eyes to the tools that are there for me to use. Great, well done video! Thanks!
Glad it was helpful!
Awesome video!!! Best Christmas gift from Tom
🙂
Great stuff here. Appreciate the high quality nuggets. HNY🎉
Ha thanks. I didn’t know about pftop and was packet capturing and using wireshark
Great video, how do you delete old unneeded packet captures from the pfsense?
It only ever keeps the last one which is located in /root/packetcapture.cap and you can delete it by SSHing into the system.
I’d love to try gray log on my pi but getting it working has been a major headache. I kinda leaned a lot about docker but also am still very lost in it
This couldn't come at a better time. Was hoping someone could advise on an issue with my ISP controlling my DNS even though my DNS is set to pfSense to do root DNS resolution, and firewall rules created to make sure my LAN and VLANs block everything for TCP/UDP to DNS, and then allow only DNS to my Pihole. My pihole is then set up to use pfSense as the upstream DNS and conditional forwarding is enabled as pfsense does my DHCP. Any idea why when I run an extended DNS leak test it always shows as my ISP?
Very helpful! Thanks!
Great Guide, Thnks!
This is so helpful! thank you!.
Glad it was helpful!
Dear Tom, a wonderful training video again May the god bless you..
Many thanks!
Great video, thanks
So I have four DHCP servers running on my box. The primary lan gives out IP addresses no problem. When my other machines try to grab IPs from the other DHCPs PF Sense crashes. If I look on the CLI it shows the configurations are still there. However they don't serve out any IP addresses from any port. Any suggestions. I can restore everything from the backup. Everything will work right until I try to add things again.
I'm using 2.7 if that helps.
I've got a long time issue I can't figure out with pfSense and my VPN setup. I have one VLAN that should only go out the VPN. The VPN subnet has a rule to use only route out through the VPN gateway... which works... unlesss the VPN goes down. Then nodes on the VPN VLAN still have internet access through the defualt gateway... even though there is no rule for that... and the default WAN gateway is on another subnet and I have even added a block everything rule to the pfSense defualt gateway on the VPN VLAN firewall rules??? If I restart the OpenVPN service the traffic will revert back over the VPN...
I have a video on that here ruclips.net/video/ulRgecz0UsQ/видео.html
@@LAWRENCESYSTEMS Ahh... Tagging to create a killswitch.. Brilliant!!!
I’m trying to setup ddns on my edge router x and when I save and check the configs it says other insted of eth0 and I have tryed setting it up over 50 times and it does the same thing so I’m wondering how do I fix it
hi. do you have a tutorial pfsense ospf to mikrotik ospf?
no
reboot... always reboot first... :)
Yes! lots of rebooting!
does anyone know why pfsense is blocking netflix? I don't have pfblocker or ads blockers.
weird dude
Oh yeah? Don't act like you did not inherit some of my weird genetics 😀
🌟❤️🔥💚❤️💖💙💜🖤🤍🤎💝🫶🏽💚🌟🌟🌟