Need help spec'ing new pfSense box - 1 Gbps WAN
-
Snort might be a little tricky for 1 Gbps throughput. A Intel Pentium G630T (2.3 GHz) caps (hits 100% on the core running Snort) out at ~100 Mbps (torrent traffic, 100/10 Mbps connection). The faster GHz Intel's will probably cap somewhere between 200-500 Mbps too. Remember that a single Snort monitor will only utilize a single core.
This blog post has some ideas on Snort capacity planning: http://mikelococo.com/2011/08/snort-capacity-planning/
Thanks for the info/link. Most likely it will only have bursts to 1 Gbps for very short periods of time, and maintain around 10-100 Mbps for the majority. Sad to see that Snort is only optimized to use a single-cpu.
-
I'm gathering the data here: http://www.pfsense.org/index.php@option=com_content&task=view&id=52&Itemid=49.html may be a little outdated given feedback thus far.
If anyone currently uses pfSense on 1 Gbps WAN uplink, please let me know the hardware you use :)
All other info has been great just hoping to get someone who actually uses 1 Gbps with pfSense.
-
a Xeon with 8GB RAM should suffice your needs. Keep room for RAM growth for future needs.
-
Yes the info on that page is somewhat outdated.
The 1Gbps WAN connection is far less a consideration that trying to run Snort at 1Gbps.
There are plenty of people running 1Gb WANs using relatively low end hardware. For example a Celeron G530: http://forum.pfsense.org/index.php/topic,45439.0.htmlSteve
-
Thanks guys, appreciate all your feedback!
-
For rack mounting, I always recommend 2U boxes as it gives the machine room for air flow and in turn less heat. Hot air dessipates out easily as air circulation is better. The hardware lasts longer in good air flow conditions. You would pay less in electric bills as the fans wont be over tasked in cooling like in a 1U pizza box.
Got an aluminum "pizza box" (Casetronic C159) for US$39.99, I'm unable to use it without 3 40mm fans spinning at 7000rpm just to keep it a Core i3 330M below 50C.
-
You mean like this?:
I hope your fans are arranged better than that. No ducting. CPU cooling fan drawing air from the top which is probably mostly obstructed.
Steve
-
You need to check how your fans spin direction (in or out). My 1U ASUS RS700-E6/RS4 has 7 fans and I have kept just 3 of them placed close to the CPUs which have passive cooling. My fans speeds rarely go over 5500 RPM. Usually they hover around 4500/4800 RPM.
-
There is no other way to use the fans.
-
We are using CARP with two dell poweredge R610 with bi-CPU E5506 and 16Gb of memory.
It has been running well for us.
It handle: a 650Mbps WAN which average at 200Mbps and can peak to 600Mbps for a few hours which generate ~70TB of traffic/month
50000+ states, ~60 simultaneous OpenVPN users, 4 IPSec tunnel (3DES 256bits)
