
<html>

  <head>

    <meta content="text/html; charset=ISO-8859-1"

      http-equiv="Content-Type">

  </head>

  <body text="#000000" bgcolor="#FFFFFF">

    <div class="moz-cite-prefix">One thing to watch for with pfsense in

      VM's <br>

      I have had 2 instances where for no particular reason it soaks

      buttloads of host CPU in KVM.<br>

      Like 20mbit throughput = 120% CPU in a quad xeon 3ghz host.<br>

      <br>

      Tried all sorts of different drivers and even added paravirt NIC's

      with no joy, <br>

      Dell R210 II and T210 hosts in both cases so there may be

      something there.<br>

      <br>

      Outside of that pfsense is the stuff, 2.1 is in RC stage now, and

      I hear its IPv6 functionality is quite good.<br>

      <br>

      On 09/08/13 13:38, Peter Tonoli wrote:<br>

    </div>

    <blockquote

cite="mid:1969422109.282440.1376019516885.JavaMail.root@zstore.medstv.unimelb.edu.au"

      type="cite">

      <style type="text/css">p { margin: 0; }</style>

      <div style="font-family: times new roman,new york,times,serif;

        font-size: 12pt; color: #000000">+1 again for PfSense. Running

        it under KVM as a small VM to do NAT and firewalling in an

        environment that's constrained for ipv4 addresses.<br>

        <br>

        Pretty much set and forget - very long uptimes as well. <br>

        <br>

        <hr id="zwchr">

        <blockquote style="border-left:2px solid rgb(16, 16,

          255);margin-left:5px;padding-left:5px;"><b>From: </b>"David

          Walsh" <a class="moz-txt-link-rfc2396E" href="mailto:davow@onthenet.com.au"><davow@onthenet.com.au></a><br>

          <b>To: </b><a class="moz-txt-link-abbreviated" href="mailto:ausnog@lists.ausnog.net">ausnog@lists.ausnog.net</a><br>

          <b>Sent: </b>Friday, 9 August, 2013 1:29:45 PM<br>

          <b>Subject: </b>Re: [AusNOG] Application Firewall

          Recommendations<br>

          <br>

          <div>+1 PfSense</div>

          <div><br>

          </div>

          <br>

          <div>

            <div>On 09/08/2013, at 1:26 PM, "Joshua D'Alton" <<a

                moz-do-not-send="true"

                href="mailto:joshua@railgun.com.au" target="_blank">joshua@railgun.com.au</a>>

              wrote:</div>

            <br class="Apple-interchange-newline">

            <blockquote>

              <div dir="ltr">pfsense is pretty hard to beat as a fairly

                full-featured firewall, I've used it in a lot of

                situations that don't warrant the cost of a cisco or

                similar setup. Works brilliantly in a VM as well.</div>

              <div class="gmail_extra"><br>

                <br>

                <div class="gmail_quote">On Fri, Aug 9, 2013 at 10:27

                  AM, Alex Samad - Yieldbroker <span dir="ltr"><<a

                      moz-do-not-send="true"

                      href="mailto:Alex.Samad@yieldbroker.com"

                      target="_blank">Alex.Samad@yieldbroker.com</a>></span>

                  wrote:<br>

                  <blockquote class="gmail_quote" style="margin:0 0 0

                    .8ex;border-left:1px #ccc solid;padding-left:1ex">

                    <div lang="EN-AU">

                      <div>

                        <p class="MsoNormal"><span

style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Hi</span></p>

                        <p class="MsoNormal"><span

style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span></p>

                        <p class="MsoNormal"><span

style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">So

                            what is the current industry thought on

                            using VM firewalls. And to take that further

                            what is the thought of using a plan OS for a

                            firewall, thinking Linux or BSD.</span></p>

                        <p class="MsoNormal"><span

style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"> </span></p>

                        <p class="MsoNormal"><span

style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d">Alex</span></p>

                        <p class="MsoNormal"><span

style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1f497d"></span><br>

                        </p>

                      </div>

                    </div>

                  </blockquote>

                </div>

              </div>

            </blockquote>

          </div>

        </blockquote>

        <br>

        <br>

        -- <br>

        <div><span name="x"></span>Peter Tonoli <

          <a class="moz-txt-link-abbreviated" href="mailto:peter@medstv.unimelb.edu.au">peter@medstv.unimelb.edu.au</a> > +61-3-9288-2399 <br>

          IT Manager <br>

          The University of Melbourne - Eastern Hill Academic Centre,

          St. Vincent's Institute and O'Brien Institute <span name="x"></span><br>

        </div>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

      <pre wrap="">_______________________________________________

AusNOG mailing list

<a class="moz-txt-link-abbreviated" href="mailto:AusNOG@lists.ausnog.net">AusNOG@lists.ausnog.net</a>

<a class="moz-txt-link-freetext" href="http://lists.ausnog.net/mailman/listinfo/ausnog">http://lists.ausnog.net/mailman/listinfo/ausnog</a>

</pre>

    </blockquote>

    <br>

  </body>

</html>