New to pfsense. Hardware and setup
-
@mer I knew it had aes-ni since the beginning. Reason why I'd be buying different components vs grabbing some old stuff I have at home. What I touched on earlier is if maybe I should be considering a QAT card as well. Some of the older ones are available for under 150 and are rated at 20 or 25gbps encryption speed which is way overkill. But if the cpu isn't up to the task short of some quad core pumping out 5ghz then that would be my next option.
-
@frankr2994
Cool. I honestly have nothing more than compare to the 5100/6100 and go from there. RAM and storage are irrelevant, NICs become a bit more important. -
@mer ok then. Still trying to figure out what nic I want. Wouldn't mind future proofing it a bit but I'm not going to drop 400 or 500 on one.
-
@frankr2994 Well your upstream is 1G up and down. So if your internal LAN had all 10G, everything gets throttled to 1G on WAN (now does the throttle happen at your WAN or further into ISP network?) I think that quad 1G Intel is relatively inexpensive and remember it wasn't all that long ago that 56K dialup was common.
I personally don't have any recommendations on NICs, but if you are in US, I'd start with amazon, best buy, tiger direct and new egg. I'm sure there are a lot of other choices but these are at top of my head.
-
Currently the QAT driver/hardware won't help you with OpenVPN.
If you already have that machine then I would just try it and see how it performs.
Steve
-
@stephenw10 said in New to pfsense. Hardware and setup:
Currently the QAT driver/hardware won't help you with OpenVPN.
If you already have that machine then I would just try it and see how it performs.
Steve
That's what I was waiting to hear. Thanks
Ok so what I have planned is to get an intel x540-t2 nic. Its a 10gb dual port card. I can't use 10G atleast through my isp but I would assume that this will atleast have enough on the controller end to deal with not being a bottleneck. Thats a pcie 2.0 x8 card. That will go into my pcie 3.0 x16 slot. I will still have a 2.0 x4 slot available If I wanted to add an intel I350T4 card. I may do this as I don't think my planned area for a switch will be near this box but I may have a server or two near that could use the additional ports.
Not accounting for the I350 nic that I may or may not buy in the future the full build is 280 bucks. I did change from the xeon 1271 to a 1246 to get integrated graphics. base is 3.5 and turbos 3.9 so not too much different and now I don't have to use one of my pcie slots with some little quadro card I have lying around.
Going to get this ordered up and get it going. Thanks for the help.
-
@frankr2994 Just a note, I have 2 10Gb ports, one goes untagged through my switch to ATT, the other has 3 VLANs to my switch. Because all of the systems are 1Gb or less the 10Gb handles the traffic with ease. And it freed copper ports on my switch.
-
Ok so I know that nordvpn provides OpenVPN configuration. I honestly didn't know the difference between openvpn and wire guard before. However I just found this https://www.reddit.com/r/PFSENSE/comments/m0989o/nordvpn_wireguard_setup_works/
Apparently I could use wire guard with that provider. Wouldn't that take care of alot of speed issues?
-
WireGuard is certainly faster for a single connection. Significantly faster. There are a lot of variables so I couldn't tell you the exact speed you'll see.
Steve
-
@stephenw10 said in New to pfsense. Hardware and setup:
There are a lot of variables so I couldn't tell you the exact speed you'll see.
Steve
Ya that's a given. I know once I get it together it will be time to test, reconfigure, rinse and repeat.
