Need more clearification on PFSENSE & MIKROTIK
-
i saw this as well and am waiting for the final solution to it http://forum.pfsense.org/index.php/topic,28851.msg157901.html#msg157901
-
here is the results of my legwork
which I'll correct as you're WAY off in several regards. ;D
- no documentation and reasonable support is a problem
Not true at all. It's documented in great depth in the book and there is a lot of freely available info at doc.pfsense.org. As for support, this forum has more members and is more active than Mikrotik's. If you're willing to pay, it simply doesn't get any better than our commercial support offering - nowhere else are you going to work with the world's foremost experts on the product when you call support. There are no first level script reading support people and never will be.
Especially compared to Mikrotik, their support is their biggest downfall from everything I've heard from a number of their customers (who are running away from it as quickly as they can, where they can at least).
- not so many features (compared with MT)
I just did a comparison between the two a couple weeks ago, and there aren't many differences. VRF and MPLS are the only two I could find that we're missing. Those aren't used a whole lot, though they're critical in some portions of some networks. Features aside, being able to run on dirt cheap hardware is the only compelling benefit MT has.
- very slow development (one release per year, or two …)
There haven't been any further 1.2.x releases because it's rock solid and hasn't needed any security updates, and 2.0 is taking longer than we'd hoped as there was a huge amount of work in cleaning up all the features added in the past 3-4 years. From 2.0 onwards we're making much smaller steps from one release to another and you'll see considerably faster release cycles. Every single feature has drastically changed from 1.2.x to 2.0 as that's when the project gained mass popularity.
the billing aspect is what i really want to know how to lay hands on it in pfsense.
We work with companies who use a wide range of billing methods, including typical subscription based, prepaid cards, pay per visit/hour/minute, you name it. Your billing system is virtually never on your gateway platform. Every worthwhile billing system supports RADIUS, and that's all you need. No the billing system isn't built in, but it really shouldn't be (that's not a scalable solution) and there are numerous options that will integrate easily with any centralized billing system.
PS: pFsense having older brother, called m0n0wall. On the small scale, this may be a better choice. It's based on newer BSD version, and is faster, simpler and with more features.
Not sure what you're looking at with m0n0wall, it's not actively developed, it's based on a much older FreeBSD version, is slower as the newer FreeBSD versions we use have much better throughput capabilities, and has drastically fewer features including major lackings that make it unsuitable for serious deployments (no HA capabilities, no routing protocols, no firewall alias abilities, no ability to scale state table without building your own image, and more). It's a great platform for home or small office where you don't have complex needs, but not at an ISP level.
-
@cmb:
I just did a comparison between the two a couple weeks ago, and there aren't many differences. VRF and MPLS are the only two I could find that we're missing. Those aren't used a whole lot, though they're critical in some portions of some networks. Features aside, being able to run on dirt cheap hardware is the only compelling benefit MT has.
They do also provide a full command line interface to configuring their boxes, which having used it I have to admit has it's advantages. The flip side is that their GUI is really quite horrendous and their web interface is far from complete. It's really not well suited to the less experienced (it took me a few hours to get one running the first time I used one and that's despite years of experience of Cisco et all).
Their relatively low hardware cost is a meaningful advantage however - I recently picked up one of their units for not much more than it would have cost to replace the (failing) hard disk in my pfSense box. That said, the biggest advantage of pfSense is IMO the packages. No way can my little RouterBoard support half the things I can do with my pfSense host.
-
which I'll correct as you're WAY off in several regards.
We work with companies who use a wide range of billing methods, including typical subscription based, prepaid cards, pay per visit/hour/minute, you name it. Your billing system is virtually never on your gateway platform. Every worthwhile billing system supports RADIUS, and that's all you need. No the billing system isn't built in, but it really shouldn't be (that's not a scalable solution) and there are numerous options that will integrate easily with any centralized billing system.
pardon me for my ignorance. am yet to understand the meaning of this words and how they work with each other.
talking of billing system, like which of the companies are you talking about? i really thought that pfsense 2.0 will have billing system inbuilt just like mikrotik… -
Commercial support, when this forum just isn't enough: http://www.pfsense.org/index.php?option=com_content&task=view&id=62&Itemid=73
RADIUS will keep track of when users log in and log off (among other things), and put it in a database. Then, some other software will run on your billing system that will take the RADIUS records in the database and use them for billing your customers.
Firewalls, in contrast, are supposed to do one thing, and one thing only: prevent intrusion. They're not really supposed to be running web servers and billing servers and mail servers too - they just provide more avenues for attack, and personally I wouldn't even want to run a billing server that was visible to the internet. Which is why the RADIUS server should be storing its logs elsewhere, for another server to pick up the load for billing.
-
what do you guys think about this: http://daloradius.com/ ?
-
@cmb:
We work with companies who use a wide range of billing methods, including typical subscription based, prepaid cards, pay per visit/hour/minute, you name it. Your billing system is virtually never on your gateway platform. Every worthwhile billing system supports RADIUS, and that's all you need. No the billing system isn't built in, but it really shouldn't be (that's not a scalable solution) and there are numerous options that will integrate easily with any centralized billing system.
Are examples of companies that provide these numerous billing methods that can be employed with pfSense documented anywhere? http://www.dmasoftlab.com/cont/radman#comp lists support but it took a lot of hunting around to find that. I'm interested in billing solutions that count data rather than time.
-
I have worked with http://billmax.com/ before and it's not too bad, though I know it can control RADIUS and do billing based on time, I'm not sure if it does it by data. If not, they're a pretty responsive group and could probably tell you if it does it, and if not, give you a quote on what it would take.
-
Thanks for the suggestion, will check it out.
-
Ok, Guys is time for practicals now, my definitive guide just arribved. so i have to kick off as soon as possble.
