Netgate SG-1000 microFirewall

Author Topic: what is pfsense limitation for handling clients ?  (Read 153 times)

0 Members and 1 Guest are viewing this topic.

Offline maherg

  • Newbie
  • *
  • Posts: 7
  • Karma: +0/-1
    • View Profile
what is pfsense limitation for handling clients ?
« on: January 23, 2018, 09:06:24 am »
hi

what is the limitation of Pfsense. how many clients pfsense can handle ?

if i have 4Gb Ram and Dual Core CPU can pfsense handle 1000+ client .

pfsense limitation is based on hardware or on software.

please need details of this how many users or clients pfsense can handle

Offline Gertjan

  • Hero Member
  • *****
  • Posts: 2435
  • Karma: +192/-9
    • View Profile
Re: what is pfsense limitation for handling clients ?
« Reply #1 on: January 23, 2018, 09:49:06 am »
As you said :
... need details ....
because with only this informaton at our disposal :
4Gb Ram and Dual Core CPU
you will only receive rather stupid replies (like mine).

The good news :
pfSense isn't limited whatsoever.
A limit is : what is your hardware budget ?
Another limit factor is : between keyboard and chair.

The bad news :
For any of these rules : whatever comes first.

Checkout this forum - like : you do the searching - and you will find pfSense admins talking about their setup, handling several thousands of connected users.

Example : if 100 (not 1000) clients open a Netflix session, your true 1 Gbit WAN connection will look like scrawling in a mud pool.

Btw : I'm using this :
Intel(R) Pentium(R) 4 CPU 3.20GHz - Current: 2800 MHz, Max: 3200 MHz - 2 CPUs: 1 package(s) x 2 hardware threads
and it works pretty well up until 80 users (Captive portal - I never saw more users then that). My WAN is limited to 32 Mbit/sec so I guess this saves me.

Btw : why the big print ?

Online JKnott

  • Hero Member
  • *****
  • Posts: 1206
  • Karma: +53/-11
    • View Profile
Re: what is pfsense limitation for handling clients ?
« Reply #2 on: January 23, 2018, 10:09:53 am »
Quote
please need details of this how many users or clients pfsense can handle

How long is a piece of string?  How active are the clients?  How is the hardware performance?  The only limiting factor within pfSense is the size configured for the subnet.  You can't have more clients than available addresses.

Offline maherg

  • Newbie
  • *
  • Posts: 7
  • Karma: +0/-1
    • View Profile
Re: what is pfsense limitation for handling clients ?
« Reply #3 on: January 23, 2018, 10:10:43 am »
currently i have 210 users and chances to increases is pfsense is ok for that.

As you said :
... need details ....
because with only this informaton at our disposal :
4Gb Ram and Dual Core CPU
you will only receive rather stupid replies (like mine).

The good news :
pfSense isn't limited whatsoever.
A limit is : what is your hardware budget ?
Another limit factor is : between keyboard and chair.

The bad news :
For any of these rules : whatever comes first.

Checkout this forum - like : you do the searching - and you will find pfSense admins talking about their setup, handling several thousands of connected users.

Example : if 100 (not 1000) clients open a Netflix session, your true 1 Gbit WAN connection will look like scrawling in a mud pool.

Btw : I'm using this :
Intel(R) Pentium(R) 4 CPU 3.20GHz - Current: 2800 MHz, Max: 3200 MHz - 2 CPUs: 1 package(s) x 2 hardware threads
and it works pretty well up until 80 users (Captive portal - I never saw more users then that). My WAN is limited to 32 Mbit/sec so I guess this saves me.

Btw : why the big print ?

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15192
  • Karma: +1414/-206
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: what is pfsense limitation for handling clients ?
« Reply #4 on: January 23, 2018, 10:21:52 am »
Your limitations are going to be how big your internet pipe is, how you configure the lan side, etc.  I personally would not put 1000 devices on the same segment - because that ends up being a lot of broadcast noise..

There will be a limitation of your state table, etc. If you only have 1 public IP to nat too that could end up being a limiting factor even if you had a 10ge pipe to handle traffic, etc.

But you could have 1000's of clients behind sure..
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or https://www.freebsdfoundation.org/donate/
1x SG-2440 2.4.2-RELEASE-p1 (work)
1x SG-4860 2.4.2-RELEASE-p1 (home)