Yet Another pfSense FreeNAS integration discussion
-
Sorry to post a new one, I tryed to reply on old ones but most probably are closed to me…
Anyway going to the topic, I should start saying that I fully agree that the more thing you run on a firewall-IDS the more it would be vulnerable and less performant, but said that I think in my case (simple home user) it make sense.
I have already a router firewall integrated in my ADLS modem, and this is the only I had for 2 years to now. Sure there is no comparison with pfSense!
Now a surplus nettop I was setting up my home NAS with FreeNAS and I was thinking to enable access from internet via VPN, and I found out that it will be integrated in the next release or I need something like pfSense in front to have the same functionality. Now I'm in the condition to wait for next release of FreeNAS, since I don't want to have another box.
Instead if it would have been integrated, maybe running the two systems in two different jails on the same machine I would have not only the possibility to have VPN access, but also an additional layer of security!
-
i cant tell if you are asking a question or not, but check this out:
http://www.vmware.com/products/vsphere-hypervisor/overview.html
then install / run pfsense & free nas on the same box ;)
-
ESXi is hardware picky. I recommend XenServer.
-
In reality infact I was looking for an answer but not sure I would get! ;)
(I was ready to wait the module for freenas!…)Interesting answers! Probably easier setup than jails and even more secure!
Hope to try next weekend!
Thank you! :)
-
Soon, I'm going to show how to implement both pfSense and FreeNAS (and other OSes) using example one Debian or Ubuntu Server (100% working server) and KVM hypervisor, but I need some time to write full how-to. I have such config working already, exacly.. a few working servers.
Quick benchmarks: 200Mbit/s for pfSense LAN, up to 60MB/s for FreeNAS transfers. And this is just desktop working as server. Disks RAIDed in mirror and NICs are redundant (2 Gigabit NICs fiber for LAN). Hope somebody will be interested..
In a shortcut: pfSense is VM and all stuff is BEHIND it. I know this is not recommended setup (guest what if Your firewall VM hangs one day??), but.. works well since months. Probably clean FreeBSD OS as hypervisor would be best for performance, however didn't tried myself. If something goes wrong.. I can back to the snapshot and all is back online within minutes.
I also know ESXi, including 4.0, 4.1 and the last one version 5.0. For home use I would stay on KVM or Proxmox VE cluster. For business - ESXi 5.0 + vSphere 5.0 cluster or Xen. Do not even try it on 4.0 due poor performance. -
this looks very interesting. I have been mulling over doing just this thing, and actually got this link off a Google search.
-
Soon, I'm going to show how to implement both pfSense and FreeNAS (and other OSes) using example one Debian or Ubuntu Server (100% working server) and KVM hypervisor, but I need some time to write full how-to. I have such config working already, exacly.. a few working servers.
Quick benchmarks: 200Mbit/s for pfSense LAN, up to 60MB/s for FreeNAS transfers. And this is just desktop working as server. Disks RAIDed in mirror and NICs are redundant (2 Gigabit NICs fiber for LAN). Hope somebody will be interested..
In a shortcut: pfSense is VM and all stuff is BEHIND it. I know this is not recommended setup (guest what if Your firewall VM hangs one day??), but.. works well since months. Probably clean FreeBSD OS as hypervisor would be best for performance, however didn't tried myself. If something goes wrong.. I can back to the snapshot and all is back online within minutes.
I also know ESXi, including 4.0, 4.1 and the last one version 5.0. For home use I would stay on KVM or Proxmox VE cluster. For business - ESXi 5.0 + vSphere 5.0 cluster or Xen. Do not even try it on 4.0 due poor performance.I've installed a setup just like you describe but with XenServer. You will get maximized performance using a dedicated hypervisor than using an OS like ubuntu. I don't recommend using ESXi but XenServer is an excellent choice. Support for pfsense 2.0 and the latest FreeNAS (or FreeNAS 7.2) work perfectly.
The setup requires at least 3 NICS and a physical switch and is very easy to setup. -
I've installed a setup just like you describe but with XenServer. You will get maximized performance using a dedicated hypervisor than using an OS like ubuntu. I don't recommend using ESXi but XenServer is an excellent choice. Support for pfsense 2.0 and the latest FreeNAS (or FreeNAS 7.2) work perfectly.
The setup requires at least 3 NICS and a physical switch and is very easy to setup.I've installed Proxmox, i have Pfsense 2.0 + FreeNaz 8.0.1 + Multiple Vm Servers installed and setup using 2nic card and a access point for wireless. i had the same setup on EXSi and got some what slow performance for the the system never really used XenServer before but i love Proxmox free and open source. 8)
-
More than a year ago I started to integrate FreeNAS services into pfSense because my server was not powerful enough to emulate pfSense/FreeNAS (including direct PCI-bus access for the wireless card). At this moment it works quite well, but most of the code has been rewritten to fit my own needs. Also, I started it as a personal project and I had no desire to release it to the public. Currently it is working very well and stable as my Timemachine backup server, download server, webcam server and more.
I'd like to share a few screenshots: http://www.flickr.com/photos/66004900@N02/sets/72157628604765083/. Please contact me if you would like to try it out. However, do not expect it to work out of the box.
-
I've installed a setup just like you describe but with XenServer. You will get maximized performance using a dedicated hypervisor than using an OS like ubuntu. I don't recommend using ESXi but XenServer is an excellent choice. Support for pfsense 2.0 and the latest FreeNAS (or FreeNAS 7.2) work perfectly.
The setup requires at least 3 NICS and a physical switch and is very easy to setup.I hate to bump an old topic, but I'm curious why the setup requires 3 NICs and not 2? Can't the connection from FreeNAS to the pfSense router be virtualized? Or am I completely misunderstanding what the third NIC is for.
-
@basilfx:
More than a year ago I started to integrate FreeNAS services into pfSense because my server was not powerful enough to emulate pfSense/FreeNAS (including direct PCI-bus access for the wireless card). At this moment it works quite well, but most of the code has been rewritten to fit my own needs. Also, I started it as a personal project and I had no desire to release it to the public. Currently it is working very well and stable as my Timemachine backup server, download server, webcam server and more.
I'd like to share a few screenshots: http://www.flickr.com/photos/66004900@N02/sets/72157628604765083/. Please contact me if you would like to try it out. However, do not expect it to work out of the box.
This was intresting. I would like to try it out, you got PM.
I know pfSense devs never will implement pfSense+freeNAS but in my opinion it would be very neat for a home user, like pfSense-homeedition :) You can use ClearOS for that but I like pfSense alot more.
-
@basilfx:
More than a year ago I started to integrate FreeNAS services into pfSense because my server was not powerful enough to emulate pfSense/FreeNAS (including direct PCI-bus access for the wireless card). At this moment it works quite well, but most of the code has been rewritten to fit my own needs. Also, I started it as a personal project and I had no desire to release it to the public. Currently it is working very well and stable as my Timemachine backup server, download server, webcam server and more.
I'd like to share a few screenshots: http://www.flickr.com/photos/66004900@N02/sets/72157628604765083/. Please contact me if you would like to try it out. However, do not expect it to work out of the box.
This was intresting. I would like to try it out, you got PM.
I know pfSense devs never will implement pfSense+freeNAS but in my opinion it would be very neat for a home user, like pfSense-homeedition :) You can use ClearOS for that but I like pfSense alot more.
Ya, as you have mentioned for those who actually want an all-rounded-box can pick ClearOS instead, yet another capable package with everything available.
While for pf what I like it the most is it is purely a firewall software without anything redundant, instead of adding those unused server functions I do prefer a neat, professional and efficient routing unit with it. -
Freenas works quite opposite of PfSense….Freenas requires a lot of memory to perform.
On bigger systems its not quite uncommon they ask for 192GB ram to run a NAS in an Enterprise setup....
I dont find that in terms with PFSense's way thinking and the hardware requirements...
-
Ya, as you have mentioned for those who actually want an all-rounded-box can pick ClearOS instead, yet another capable package with everything available.
While for pf what I like it the most is it is purely a firewall software without anything redundant, instead of adding those unused server functions I do prefer a neat, professional and efficient routing unit with it.Freenas works quite opposite of PfSense….Freenas requires a lot of memory to perform.
On bigger systems its not quite uncommon they ask for 192GB ram to run a NAS in an Enterprise setup....
I dont find that in terms with PFSense's way thinking and the hardware requirements...
As I said, it would be nice to have 2 versions of pfSense. I am NOT talking about implementing freeNAS with pfSense in a busniness environment, but in a home environment. It would be perfect to cut of one more server. One "enterprise" version (the current pfsense :) ) and one version for home users.
We all know that it is not recommended to combine a firewall with a NAS in same server, but in a home environment its no problem :) virtualization is ofc an option, tho the hardware requirements would exess the "server you have in your home".