Building Standardized Router
-
With availability in mind.
http://www.pfsense.org/index.php?option=com_content&task=view&id=44&Itemid=50 -
I have a couple of Jetway mini-ITX systems with daughter cards I use to run pfSense on my home network. Both use a PicoPSU. One uses an external switchmode 12V "brick" the other piggy backs off the 12 V supply of a nearby computer. I agree the Jetway parts are not especially easy to source but http://www.linitx.com stock them and ship outside the UK.
If I was starting afresh I would use a fanless motherboard and a VLAN capable switch as a "port multiplier" to get additional ethernet interfaces without using a PCI slot.
The Intel D510MO mini ITX board is passively cooled and has a PCI Express mini card slot as well as the PCI slot. The ASUS AT5NM10-I is also fanless. Both seem to be available at reasonable prices. I have no experience with these boards.
If you search the forums for ITX you will probably find mention of MSI boards and SuperMicro boards with multiple LAN ports that are known to run pfSense but these seem considerably more expensive than the boards I have mentioned.
-
I've had nothing but success with pfSense on alix boards for SOHO use. Netgate is an excellent source for them in the US and a major supporter of the pfSense project besides. For larger installations, I've had a great deal of success with supermicro hardware, although this hardware is generally overkill for anything except very high performance environments.
-
How powerful are the alix kits compared to something like a Linksys RV082? With the RV line we need to turn off features such as SPI because it can't handle the traffic without screwing up the voip. RTP needs to come every 20ms for smooth audio and the RV line just doesn't have the power to do it with SPI enabled. I need to be able to comfortably sit 50 users behind one. Is the Geode powerful enough to run pfSense with everything turned on like filtering, traffic shaping, and SPI? I like the Netgate m1n1wall 2D3 / 2D13 and only a few dollars more to have them assemble it and install the OS is nice. It's essentially what I would like to make, but is it powerful enough?
Actually, I just reviewed benchmarks for the Geode and they don't seem to do well, especially with VPN. :(
-
Not cheap but worth every penny. Two in 1U for CARP.
http://www.lannerinc.com/Network_Application_Platforms/x86_Network_Appliance/1U_Network_Appliances/FW-7872
-
There's no price on the site for the items that I can see. What's the price range?
Also, has anyone checked out www.mini-box.com? They seem to have some pretty nice stuff from what I can tell. I can put together a box for between $275 (including a separately sourced NIC) and $400 (going all out).
-
I've had very good luck with the Hacom stuff. They even have a few articles that describe the throughput differences of their boxes.
-
There's no price on the site for the items that I can see. What's the price range?
Mine ran a little under $2K for the two boxes, rack mount hardware (you want one unit with the rackmount kit and one without it if you're going to mount them in a single RU), two C2D T7400 CPUs, 4GB of RAM each, and a pair of 8GB SLC CompactFlash cards for full installs.
You could probably do a bit better on the units themselves if you're buying multiple to resell. You could also save some cash by using less RAM, slower CPUs (I originally installed Celeron M 440 CPUs because I already had them sitting around, and the T7400 was kind of hard to find in stock), or 2.5" hard drives instead of SLC CompactFlash (MLC cards + NanoBSD would also work to lower the price).
-
@submicron:
I've had nothing but success with pfSense on alix boards for SOHO use. Netgate is an excellent source for them in the US and a major supporter of the pfSense project besides.
Taking a SOHO basis up to 10 hosts, alix2d3 + 4gb CF: is that enough running pfsense+squid/havp+snort
-
Hacom is another heavy supporter of pfSense and while I have no personal first-hand experience with their gear, a number of pfSense commercial support customers have used it with complete success. Definitely another recommended vendor.
