Netgate 6100 Appliance

rcoleman-netgate

@blaytrail The RAM is not upgradable on the 6100.
There should be plenty of horsepower, but if you're running Suricata and other things that have a lot of logging get the MAX, not the BASE, or you'll likely burn out your eMMC storage shortly between 10-18 months after purchase.

blaytrail

Should I upgrade to the 128GB M.2 NVMe shortage?

rcoleman-netgate

@blaytrail That is the MAX option, yes. Or you can use the BASE and limit your logging to RAM Disks, but that will take away from the 8GB you already have on the system.

blaytrail

I will limit my logging.

My goal is to clear the logs every 24 hours to this being a test lab. Do think that will work?

rcoleman-netgate

@blaytrail The writes to the logs are the things that kill it, not the amount of time the logs stay on the system. Please peruse around the forum here to find out how to disable or offload the logging for those services. They can be found in the channels specifically for those services.

blaytrail

Thanks.

That makes sense.
The goal is to write the logs to a different storage device that can handle the volume. I did not know this was an option using the Netgate device. I will look through the forums to get the information.

The good news is that if the logs are being written to other devices, the Netgate device just needs enough horsepower to process the events and send the logs to the storage device. Is that correct?

stephenw10

That's correct. I would still choose to get the SSD if you're planning to run a number of packages though.

Steve

blaytrail

Totally agree, everything I run in my lab is SSD. :)

Thanks again for your time.

bcdouglas

Ok. I realize I may open up to a few grumpy replies on this, but is the 6100 in a good state? Should there be a 6150 or 6200 to change (improve?) some things? I would like to see the following:

1. Allow RJ45 Copper SFP Transceiver Modules on all SPF/SPF+ ports.

2. Allow 1/2.5/10G on all SPF ports.

3. The 6100 MAX should not only bump up the drive but also bump up the RAM to 16GB. (Potentially for greater ram drive utilization)

4. Improved cooling?

5. CPU update with one featuring a lower Leff...the Denverton CPU was released in 2017. Yes, I understand the power vs. cost relationship. Maybe something from the Parker Ridge (10nm) family released in June '22. But, I get it..."If it ain't broke, don't fix it."

6. I would support ditching the 4x combo ports in favor of 2x very flexible SPF/SPF+ ports...this would free up some physical space on the back of the unit. Sure, ship a certified (but cheap) 1G RJ45 Transceiver Modules for the WAN to help get people up and running without the need to use one of the "LAN labeled" ports.

7. A new silk screening scheme on the back that is less WAN/LAN specific.

Other ideas?

stephenw10

Nothing wrong with those suggestions but what you're describing is a completely new product really.
I would argue that the cooling on the 6100 is pretty good given that it's fanless which is a huge point for a lot of users.
I would also argue that 16GB of RAM is unnecessary for the vast majority of users.

The limitations of the ix ports stem from the SoC so swapping that out probably gets you past those anyway.

We are always looking at new devices but global supply chains being what they are currently the options are limited.

Steve

bcdouglas

@stephenw10 Cool. Thanks for listening and replying!

blaytrail

Thanks everyone for the information. Is it worth just building a PC with pfsense community edition?

Does pfsense+ give you more option than pfsense community?

Also, can you using pfsense+ on a non-Netgate appliance?

bcdouglas

If you just want to kick the pfsense tires, you could run it in a vm. Neetgste does offer free home/lab pfsense+ licenses. Those should work for either a vm or physical hardware. Note: The license is one-time activation, but requesting additional ones seems to be ok.

rcoleman-netgate

@bcdouglas Also the license is non-transferable so crushing a VM and replacing the VM with a new one will result in needing a new license.

If you have a VM configured how you want it, then request your license... mothball and resurrect the VM as needed in the future. Static MACs will help this system not get a new NDI in future restarts as well (the NDI change will drop your pfSense Plus license as well).

rcoleman-netgate

@blaytrail said in Netgate 6100 Appliance:

Also, can you using pfsense+ on a non-Netgate appliance?

Yes: https://www.netgate.com/blog/migrate-from-pfsense-ce-software-to-netgate-pfsense-plus-software