Internal Bandwidth Monitoring With PfSense

B

BarryCarey

New Member
Sep 5, 2014
2
0
1
First, I'll preface this by saying I'm pretty new to network management and I'm by no means an expert.

I currently have a PfSense VM setup on a dedicated NIC. Everything is working fine. However, I'm noticing that PfSense doesn't seem to pick up on network usage within the internal network. As an example, transferring files from my PC to a VM.

This may seem trivial but I'm interested in seeing internal bandwidth usage.

My current network setup is as follows.

WAN (eth1) > PfSense > LAN (eth2) > Physical Switch - Feeds my whole internal network

Proxmox is connected to the switch via eth0

All VMs are set to use eth2(vmbr1) which is PfSense's LAN port.

I would assuming traffic from my PC to a VM would be routed: PC > PfSense > VM

http://i.imgur.com/2En7ocs.jpg

However, when checking the current bandwidth usage in PfSense it only seems the 11mbps coming from an outside download, not the 200mbps of internal traffic.

Can anyone shed some light on this?
 
I'm confused. Why are there 3 interfaces? It sounds like proxmox host is connected to the switch with eth0 *and* eth2? If so, why? If not, can you clarify?
 
There are 3 interfaces. The idea was to pipe all external traffic through PfSense first and then to the LAN. My thinking was this keeps Proxmox from being directly connected to the internet and puts it behind the firewall.

My 3 interfaces are setup as follows.:

vmbr0 (eth0) - This is only used for access the Proxmox panel internally
vmbr1 (eth1) - Set to PfSense LAN port. This device feeds out to my switch. All VMs are set to use this as their interface.
vmbr2 (eth2) - WAN connection coming straight off my modem. This is set to PfSense WAN.



WAN (eth2) --> PfSense --> LAN (eth1) --> Physical Switch --> Home Network

The VMs are then set to use eth1 and proxmox is connect to the physical switch via eth0
 
Got it. What I wasn't getting was the point of having two interfaces on the LAN. Is eth0 a different subnet?
 
Also, you might want to move this conversation to the pfsense forum - I use it but am not an expert. I seem to recall vaguely that traffic has to go into pfsense and then back out to be monitored (although my memory might be flawed), which if true would explain this.
 
pfSense will not pickup any traffic unless it is going through its interfaces. Internal traffic does not have to leave virtual environment unless it is WAN traffic which is what the pfSense is for.
From your message it seems to me you are particularly interested to know what the internal bandwidth usage and not the internet traffic bandwidth. I suggest you install nload in each Proxmox node and monitor the LAN bandwidth going in and out of Proxmox node. For example, on node 1:
#apt-get install nload

Then run nload to monitor eth1 if that is what used for LAN.
#nload eth1

You will see nice graph like below and see actual real time LAN usage per node:
nload-1.PNG
 
You must log in or register to reply here.
Top Bottom