Thoughts on this possible hardware purchases?
-
I am thinking of purchasing these for each of my offices for my pfSense deployment.
What do you folks think?
http://www.mitxpc.com/proddetail.asp?prod=EKIAD2500DL&cat=209
-
I've never used one of those but the specs look like it should be fine. Buy 1 and test before you buy them all, but I foresee no problems.
-
How many users are you planning to have behind each of the offices? For official use I always recommend having a bit robust system. This one is fine but I wouldn't deploy it to offices without any backup in case this goes down.
-
Hi Asterix
Office 1
15 users
1 Domain Controller
1 Terminal Server accessed over IPsecOffice 2
20 users
1 Domain Controller
Users access TS at Office 1To be honest I thought the specs were overkill for my application. As for backup, I will have a spare system regardless of what I end up choosing, but are you implying this config is more prone to instability?
-
I think you are safe also, but if things get slow for you, you can try one of these slightly faster systems.
http://www.liquidnitrogenoverclocking.com/monolith.shtml
-
haha very funny ;) ;) ;)
-
See - You probably thought I was pranking you but I was actually teasing Asterix :P
After you stress-test the first one, you will know if its enough or not.
If you start loading a bunch of packages that gobble CPU, its possible you can tax this system.
-
Yeah that's what I am starting to think because I am going down the UTM path. So I'll be running Snort, AV, pfBlocker, Squid, bandwidthd and who knows maybe more. Suggestions based on this? I should have included this info from the start…my apologies.
-
In that case - Take Asterix's advice. Asterix runs all that stuff and prefers zippy hardware for that reason.
-
The board in that box, the Intel D2500CCE is well tested and written about here on the forum. You would have no issues running it but it probably won't like all those pakages. It depends on what bandwidth you are expecting it to handle. 2Mbps - no problem. 500Mbps with all those packages - not a chance.
Steve
-
Yeah that's what I am starting to think because I am going down the UTM path. So I'll be running Snort, AV, pfBlocker, Squid, bandwidthd and who knows maybe more. Suggestions based on this? I should have included this info from the start…my apologies.
Go for a simple i3 with 4GB RAM and 40-60GB SSD. What kind of WAN throughput are you looking to serve the users?
-
I think you are safe also, but if things get slow for you, you can try one of these slightly faster systems.
http://www.liquidnitrogenoverclocking.com/monolith.shtml
Kinda overkill for 15 user's - unless the system is doing IDS, crazing filtering, HVAP, and other things.
The D2500 should have no issues with even a few of those features are turned on.
-
Go for a simple i3 with 4GB RAM and 40-60GB SSD. What kind of WAN throughput are you looking to serve the users?
A SSD is prone to wear and tear, especially if there is a misconfiguration and it starts spewing out logs/writes to disk, I suggest a fast 2.5" drive instead.
-
"An SSD is prone to wear and tear"
I can agree with this for pretty much all the MLC and especially the TLC drives… (I suppose 4 values per cell is up next?)
The SLC drives should outlast the pfsense according to my observations.
Something good for pfsense need not be bigger than 64GB and I'd bet 20GB could actually be good in all honesty.
Either way, this will be a controversial point.
However - Those SLCs don't cost what they cost because they are no better than MLCs.
-
Something good for pfsense need not be bigger than 64GB and I'd bet 20GB could actually be good in all honesty.
Either way, this will be a controversial point.
However - Those SLCs don't cost what they cost because they are no better than MLCs.
Agreed, the rest of the 40GB can be used for over provisioning and the drive will last many lifetimes, but I think an SSD is not necessary for pfSense? I'm not sure what services besides squid would take advantage of it, and especially for a small network environment. Memory caching would probably be more cost effective and feasible for a small network.
-
OK - My experiences so far.
I recently switched to a small 64GB SLC SSD for my pfsense. Obviously, its not been years and years yet, but I notice no performance difference at all over the Western Digital Black SATA that was in there before. Basically I threw it in to see how it lasts.
I also installed SSD on the Host of main computer here and 1 SSD drive per VM for each server I'm running to see how they last in that role as well. All SLC.
Again - Not noticing any noticeable performance difference. Now, of course the benchmarks absolutely scream, even inside the VMs but thats a number and not really noticeable to me in actual use. I do hope they last forever, but just incase, everything is backed up on massive HDD storage.
-
A HDD is fine, but with 15 users I would bet Squid will play a critical role and SSD would be a bit more faster. Typical HDD will be just fine.. hey we lasted so many years with them :D
I like embracing new technologies and let go of old ones. The more we use the more it becomes common ..the more we progress. Holding on to things just hinders progress.. lol ;)
-
The data retention of some of the new SSDs are abit scary to me. I'm not using any MLCs or TLCs but the thought that if I turn my system off for a couple of months its going to just forget everything is funny to me. I'm not sure if thats what they actually do, but it does appear to be what their specs suggest. Somethings gonna need to be fixed about that if it is the case.
-
The board in that box, the Intel D2500CCE is well tested and written about here on the forum. You would have no issues running it but it probably won't like all those pakages. It depends on what bandwidth you are expecting it to handle. 2Mbps - no problem. 500Mbps with all those packages - not a chance.
Steve
What about the same packages with 6meg dsl connection (max they can go is 18meg), with 5-7 users?
-
Thats lower throughput - So, original specs should be fine. (I'd think)
