Pfsense capabilities
-
The biggest factor in determining your hardware requirement is what sort of bandwidth you hope to have. What is your internet connection?
Then if you want to use any packages, squid, squidguard, snort etc. that will also increase your requirement.Steve
-
The biggest factor in determining your hardware requirement is what sort of bandwidth you hope to have. What is your internet connection?
Thanks for your reply Steve. We are currently connected to 100MBit/s network and we hope it will be more than enough for this year.
Then if you want to use any packages, squid, squidguard, snort etc. that will also increase your requirement.
What would be your choice? :D
Thanks again
-
There's loads of good information on the forum, though it can be a bit tricky to find!
I was reading this thread recently which has some interesting info: http://forum.pfsense.org/index.php/topic,14366.0.htmlAre you expecting to push 100mps up and down through the pfsense box?
The biggest message from the above thread and others is: use intel NICS. Use 'server' nics if you can.
Perrsonally I'm using an old Watchguard Firebox which is way overkill for my requirements. However they are cheap from Ebay!
Steve
-
Steve,
thanks for the link. I will try to research as much as I can and will also take a look at the Firebox. Our goal is to create a firewall on a long run and that's why I'm asking the questions you were kind enough to provide answers to.Are you expecting to push 100mps up and down through the pfsense box?
We do expect to push that much since we plan to include hosting for game servers. At this time we are using only a fraction of the bandwidth we have, but when we start to gain more popularity, we will certainly push 100mps.
Thanks for the link and please, inform me if you find anything interesting like the the link you posted. -
Be saure you can push all of the domains through PFSense and route it to the correct servers.
-
Be saure you can push all of the domains through PFSense and route it to the correct servers.
Can you be more specific? Thanks.
-
You can only forward any single port on an IP to a single device. If you're running multiple game servers that all use the same port you'll need to have one WAN IP per game server. For HTTP (not HTTPS) you can use the likes of HAProxy to handle redirecting clients to the correct server.
-
I understand that.
As to gameservers (those are not our main priority), they will use multiple ports so no problem there.
For now we are focusing on a 5 server computers and about 1.000 domains in the next year or so. What would be your choice of hardware? -
Ibm Xseries X3630 M3 and runs ESXi on it. It will handle all you need.
-
Official hardware sizing guide
You're probably going to want to search the forum for advice on sizing and tuning the state table for a large number of states. ISTR that more memory will be important, particularly if you're running packages like HAProxy.
