Server VS HOME
-
A decent quality desktop motherboard with all solid caps would work fine and save a bit. If your using a dual-port x520 then your probably fine with that route. Depending on your true need, for a business I would probably build a pair of systems and use CARP to cover the HA scenario….also covers the need for redundant power supplies in many scenarios. If you need redundant power supplies, I would check for a second-hand chassis somewhere or look for a deal with a pre-built system as they usually cost a couple hundred by themselves.
I'm not sure what kind of workloads or plugins your planning on throwing at it but does anyone else think the i7-3770 is overkill? i5-3470s possibly?
Depending on need/budgeting you can pickup some DL160 G6's with Nehalem for under $300/each off eBay.
-
@Patrick_:
A decent quality desktop motherboard with all solid caps would work fine and save a bit. If your using a dual-port x520 then your probably fine with that route. Depending on your true need, for a business I would probably build a pair of systems and use CARP to cover the HA scenario….also covers the need for redundant power supplies in many scenarios. If you need redundant power supplies, I would check for a second-hand chassis somewhere or look for a deal with a pre-built system as they usually cost a couple hundred by themselves.
I'm not sure what kind of workloads or plugins your planning on throwing at it but does anyone else think the i7-3770 is overkill? i5-3470s possibly?
Depending on need/budgeting you can pickup some DL160 G6's with Nehalem for under $300/each off eBay.
Thank you for your response,
well, it has multiple reasons, cheaper, less power, faster. Of course a e3 or e5 is possible with supermicro mainboard pretty cheap to(low power, high speed :D). I got here a DELL 2950(2xE5345) but that uses 250 to 380 Watt, this might be on the borderline for production server, but it's not really nice to have two of these running with overage speed with high power usage for a firewall. That is why I though an alternative would be better.
-
Perhaps a better question here would be 'what hardware is appropriate for your requirements'. As Patrick said there is no point running a top spec desktop i7 because it uses less power than a Xeon server if a fanless Atom box would do the job. ;)
Steve
-
you need to compile the driver for that intel 10 GE card i think.
I have them in my zfsguru nas servers and in 1 it works the other not. That runs freebsd 9.1 and does not have the newest intel drivers included even.
Further it is hard to fill up that 10 GE connection also, i only can put 350 Mbyte/sec through it (source system is not faster)
-
Perhaps a better question here would be 'what hardware is appropriate for your requirements'. As Patrick said there is no point running a top spec desktop i7 because it uses less power than a Xeon server if a fanless Atom box would do the job. ;)
Steve
Well, the x520 NIC is a 10gbit so it must be capable to handle that. Of course that will be with capabilities like snort, BW info so in other words a fully loaded Pfsense.
You are right, a atom would be enough in normal cases with 100mbit connection, but on co-located hosting is reliability and speed important regardless a 100mbit connection or not. But of course, that would be going to far :P i3 would have been sufficient in that case.
-
you need to compile the driver for that intel 10 GE card i think.
I have them in my zfsguru nas servers and in 1 it works the other not. That runs freebsd 9.1 and does not have the newest intel drivers included even.
Further it is hard to fill up that 10 GE connection also, i only can put 350 Mbyte/sec through it (source system is not faster)
Because you will have tweak parts yourself, take a look here this is one of the many things you can do to speed it up http://forum.pfsense.org/index.php?topic=42952.0;prev_next=prev
also search on google: network tuning
-
Did you post the correct thread link above? Doesn't seem relevant.
My atom example above was just to make the point. You're better off defining your requirements than just choosing the fastest you can get.
Having said that if you need 10Gbps throughput then you'll probably need the fastest single thread CPU you can get.
Steve
-
Did you post the correct thread link above? Doesn't seem relevant.
My atom example above was just to make the point. You're better off defining your requirements than just choosing the fastest you can get.
Having said that if you need 10Gbps throughput then you'll probably need the fastest single thread CPU you can get.
Steve
woops the link and number was correct but did not seem to work correctly when the rest is not there, correct that one.
Sorry, well, this thread was actually ment to know the difference server and home, it had a twist which I do not mind, might be good.
as far I know that could not be a problem, since as far I know openbsd handles multi core pretty well, also polling and offload will be enabled or might that be the problem you ment? that it will use a core?
-
The pf process in FreeBSD, and hence pfSense, uses only a single thread. The OpenBSD pf process, from which is came, is now significantly different.
Building a box with this throughput is outside my experience but it's my belief that you will see the greatest throughput with fastest single thread CPU. http://www.cpubenchmark.net/singleThread.html Open to be corrected on this though. ;)
Steve
-
The pf process in FreeBSD, and hence pfSense, uses only a single thread. The OpenBSD pf process, from which is came, is now significantly different.
Building a box with this throughput is outside my experience but it's my belief that you will see the greatest throughput with fastest single thread CPU. http://www.cpubenchmark.net/singleThread.html Open to be corrected on this though. ;)
Steve
You might be right about that:
Packet routing (and therefore, filtering) are performed in the kernel-space of an operating system. This is the part of a (monolithic) operating system that actually supports multiple threads. However, as I recall, the kernel-mode packet routing and filtering cannot be threaded, so therefore, that will not scale up with multiple CPU.So, I wonder if he ment CPU or Cores, which might refer to the same. Also this is from 2012 and god knows when he heard that, that might already be fixed already.
-
http://mikelococo.com/2011/08/snort-capacity-planning/
If you want to run Snort on a 10 GB link, it's going to need some tweaking. There's no way to get 10 GB throughput through just one Snort instance. You need to split your throughput into smaller chunks and feed them each into it's own Snort instance.
-
This post is deleted! -
Yep. I would think that to do 10G Snort you are going to want all the processing power you can possibly muster! ;) That's way out of my experience though.
I was just pointing out that, due to pf's single thread, you need to look at a CPUs single thread rating rather than it's overall benchmarks. I.e. a 2 core, 4GHz CPU is likely to give faster throughput than a 48 core, 1GHz CPU even though such a CPU would have massive processing power on paper. That's ignoring the Snort requirement.Steve
-
you need to compile the driver for that intel 10 GE card i think.
I have them in my zfsguru nas servers and in 1 it works the other not. That runs freebsd 9.1 and does not have the newest intel drivers included even.
Further it is hard to fill up that 10 GE connection also, i only can put 350 Mbyte/sec through it (source system is not faster)
Because you will have tweak parts yourself, take a look here this is one of the many things you can do to speed it up http://forum.pfsense.org/index.php?topic=42952.0;prev_next=prev
also search on google: network tuning
Thanks, i have no more problems now with the 10GE cards.
I check the logs and it was caused by to low buffers for 10GE cards. -
@SunCatalyst:
the other issue nobody has touched on is the NOISE factor with the 1u and 2u boxes…
1U are USUALLY pretty damn noisy (due to the fans) and if your using this in a home
environment you may not be happy with the Noise.ALSO.
if the OP is wanting to do Wire speed and Snort / Etc with 10GE , your gonna WANT multiple
cores. NOT a single core. and then theres ECC ram.The noise depends on the amount of fans, and the fan itself, but yes it makes to much noise for a regular home, But it is ment for co-location in a datacenter, Do not see any reason why to use a 10gbit lan at home :P
about the, single core, I don't think anyone said a single core is better, they did say that snort uses by default a single core and it would be better to get a cpu with a high rating per core. But indeed, a quad core is required for that speeds.
you need to compile the driver for that intel 10 GE card i think.
I have them in my zfsguru nas servers and in 1 it works the other not. That runs freebsd 9.1 and does not have the newest intel drivers included even.
Further it is hard to fill up that 10 GE connection also, i only can put 350 Mbyte/sec through it (source system is not faster)
Because you will have tweak parts yourself, take a look here this is one of the many things you can do to speed it up http://forum.pfsense.org/index.php?topic=42952.0;prev_next=prev
also search on google: network tuning
Thanks, i have no more problems now with the 10GE cards.
I check the logs and it was caused by to low buffers for 10GE cards.No problem, glad it helped came across it when I was searching for info. Perhaps you can post your speeds here?
Yep. I would think that to do 10G Snort you are going to want all the processing power you can possibly muster! ;) That's way out of my experience though.
I was just pointing out that, due to pf's single thread, you need to look at a CPUs single thread rating rather than it's overall benchmarks. I.e. a 2 core, 4GHz CPU is likely to give faster throughput than a 48 core, 1GHz CPU even though such a CPU would have massive processing power on paper. That's ignoring the Snort requirement.Steve
Yes, you are right, but well it depends how it's used. It's said a single core, is that per instance or per process, there is also something called PFRING which enables you to use multi threading for snort, but i'm not sure how to do that yet nor I have the space to setup a server at the moment :(
