@jjduru:
@JBNixx:
Appreciate the input, but I don't agree for a machine at home.
You should agree with bluepr0. Even if it's a home lab/network router, the requirements for a stable environment are as high as the ones for small business production environment, hence a server class mainboard should be your aim/makes sense.
ECC memory won't break your wallet, even if it's more expensive. Once you figure out what server class mainboard is able to handle ESXi correctly (VT-d capable), 72 heavenly virgins are going to open up in front of you when it comes to the possibilities of what you can do with your new toy. And really the dedicated vs virtualized debate should not exist in 2016.
And that 500W PSU, for a 24/7 server that does only pfsense, it's really the eye opener (read total overkill). With proper hardware you could get by with no issues with just 12V/5A/60W charger adapter.
The problem here is you're all missing the point.
This was built with cheap and parts I already had. Buying ECC memory, Buying a server grade motherboard, buying a Xeon CPU, buying a SFX PSU ect. would push the price up. It also wouldn't give me any more measureable stability or reliability.
As for the 500W PSU, sure it's overkill, but why buy a new smaller unit when i already a PSU on hand? Additionally I’d like to qualify exactly how much the whole unit pulls from the wall:
30W “Idle”
47W under load.
Pump that up to 50W an hour (Full load 24/7). That comes out to $20USD a year, but lets double it to be unfair. $40 bucks a year if the price of electivity doubles - My little PFSense box will be the last of my worries.
Regarding virtualization - I already use KVM on an Intel NUC that runs: Gitlab, Owncloud and Confluence. 2 Boxes that pull minimal electricity and they run the lot.
@BlueKobold:
pfSense is a software firewall and could or should not be compared to any kind of home router equipment
that is doing only SPI & NAT and mostly pushed by an FPGA/ASIC, so that the real work is done in Silicon!
And calling it for a home build is in the most countries something with 50 MBit/s down and 10 MBit/s upl
and NAT together with some firewall rules. This is for me a home set up able to realize with ~$200.
If you have other or more needs and need to install more packets or activating more services, you should not
start then call it home set up, because you are at home using this construct!!! So if this will be ending then
as a half or fully featured UTM device with 500 MBit/s to 1 GBit/s that must be fully routet at the WAN interface
and half of this throughput must be the VPN throughput on top, I think this might be answered by others then me.
Where i live "Homes" have fiber up to 1Gbps. So no, a "Normal" home in my area doesn’t have a 50/10 connection. They have maybe a 100/100 connection. Also i don't live in "Most countries" I live in MY country, so i have to make sure that the Firewall can support a 1Gbps connection.
Additionally I run some services behind this PFSense firewall such as Confluence, Owncloud, GitLab and VPN among other things. Maybe It’s not a "Typical" home firewall, but it's MY home firewall. I'm still a home user even though I have chosen to host my own services at home. A power user if you will.
**With all that being said. And taking given limitations and constraints of the project into account I now have a 5 port PFSense firewall. It's quiet, it's cool, it pulls little electricity and it does exactly what I want it to do for very minimal cost.
And I never ever said it was the best most awesome PFSense box in the entire solar system :)**
Sunshine, if you're dead set on this config, why are you still asking questions here? If you need a debate to clarify your thoughts on the hardware build, this is the place to do it, but this is increasingly not looking like a debate, but more like an one-sided axiom.
YOUR home firewall is wonderful and perfect. Have at it.