1RU (or 2RU) computer for PFSense
-
Thats why I was kind of thinking the 2U also since it would ultimately be cheaper in the end. Throughput…well that would be limited to the person connected to it since I am at a location with 1gig down/up. Ultimately it would be nice to throughput the VPN connection along with some IPTV streams at some point. So the faster the better really. It would be nice not to have to worry about changing it out for while.
I was thinking about a firebox but just know they have issues every once in a while and will freeze up. I need this box to be very reliable and ultimately should have two running for backup.
-
"what about a firebox? 1U cheap on ebay and will handle VPN"
You like tinkering? looking for a new full time hobby?
-
Thats why I was kind of thinking the 2U also since it would ultimately be cheaper in the end. Throughput…well that would be limited to the person connected to it since I am at a location with 1gig down/up. Ultimately it would be nice to throughput the VPN connection along with some IPTV streams at some point. So the faster the better really. It would be nice not to have to worry about changing it out for while.
I was thinking about a firebox but just know they have issues every once in a while and will freeze up. I need this box to be very reliable and ultimately should have two running for backup.
An Atom will choke on that, even just with straight FW+NAT.
You should head to eBay. Try and find a system which supports AES-NI (aside from a few specialty chips, this means all recent Intel Xeon, i5, and i7 CPUs, as well as some AMD CPUs, not sure of the models on those). I don't believe it's working 100% in pfSense 2.1 (based on a quick forum search), but once it does, it should help with the VPN offload. Something like that will be a tough pull at $300 though, so you may have to make a decision on whether the budget or the throughput is more important.
-
what about a firebox? 1U cheap on ebay and will handle VPN
Usually me suggesting that. :)
Only the xtm5 will get 1Gbps throughput and they don't appear on ebay very often or very cheaply. However if you did find one they are completely stable. Only the oldest (x-core) firebox has ongoing driver issues.Steve
-
This is for a work environment if I forgot to mention that and thats why its needs to be up and running pretty solid that being said it there will be two separate networks at the company. Obviously reliability always wanted. I have a x500 at my house and it seems to be running fairly well it has been only running for 2 weeks though. Either way I figured with dedicated If I did a 2ru, sounds like that would be the cheapest yet but is there anything in particular that I should be looking for in the motherboard (ex Intel NIC's opposed to Realtek, etc) and processor? Would an i3 suffice?
-
You didn't state for how much users it needed to be, but for basic functionality (even with VPN, multiple WAN or policy based routing requirements) the following should do: http://www.applianceshop.eu/index.php/opnsense-rack-edition-pfsense-appliance.html
(hint: that's an Alix 2D13 in a rack ;) Reliable hardware, well supported, close to your budget, however no Gb nics…)
If you can get your hands on a firebox e550/750/1250 (or even a ssl core) they all run fine, and if you follow StephenW10's instructions you should be able to get that up&running in a couple of hours... If you buy bare parts, you need the time as well in assembling.
Just my 2 cents. Good luck hunting. -
So lets just make a 2RU firewall box. I have the budget upto $500. Could you buys give me hardware recommendations? (Case, Mobo, CPU, RAM, PSU, etc) Please let me know, thanks!
-
How does this setup look and is there anything that I should change?
Intel S1200BTSR LGA 1155 Micro ATX Intel Motherboard - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16813121714Intel Core i3-3240 Ivy Bridge 3.4GHz LGA 1155 55W Dual-Core Desktop Processor Intel HD Graphics 2500 BX80637i33240
http://www.newegg.com/Product/Product.aspx?Item=N82E16819116773Western Digital Scorpio Black WD2500BEKT 250GB 7200 RPM 16MB Cache SATA 3.0Gb/s 2.5" Internal Notebook Hard Drive
http://www.newegg.com/Product/Product.aspx?Item=N82E16822136279SeaSonic SS-300ET Bronze 300W ATX12V V2.3 80 PLUS BRONZE Certified Active PFC Power Supply - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16817151086G.SKILL 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1333 (PC3 10666) Dual Channel Kit Desktop Memory Model F3-10666CL9D-4GBNQ
http://www.newegg.com/Product/Product.aspx?Item=N82E16820231190iStarUSA D-213-MATX Black Metal/ Aluminum 2U Rackmount microATX Server Chassis 1 External 5.25" Drive Bays - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16811165213Total comes to $495
-
How does this setup look and is there anything that I should change?
Intel S1200BTSR LGA 1155 Micro ATX Intel Motherboard - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16813121714Intel Core i3-3240 Ivy Bridge 3.4GHz LGA 1155 55W Dual-Core Desktop Processor Intel HD Graphics 2500 BX80637i33240
http://www.newegg.com/Product/Product.aspx?Item=N82E16819116773Western Digital Scorpio Black WD2500BEKT 250GB 7200 RPM 16MB Cache SATA 3.0Gb/s 2.5" Internal Notebook Hard Drive
http://www.newegg.com/Product/Product.aspx?Item=N82E16822136279SeaSonic SS-300ET Bronze 300W ATX12V V2.3 80 PLUS BRONZE Certified Active PFC Power Supply - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16817151086G.SKILL 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1333 (PC3 10666) Dual Channel Kit Desktop Memory Model F3-10666CL9D-4GBNQ
http://www.newegg.com/Product/Product.aspx?Item=N82E16820231190iStarUSA D-213-MATX Black Metal/ Aluminum 2U Rackmount microATX Server Chassis 1 External 5.25" Drive Bays - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16811165213Total comes to $495
I see you are paying a lot more for a server board (C206) but using regular ram. That cpu also has no aes-ni which you can do cheaper with haswell i3s, not sure if that platform is too new for even 2.1 though.
If you do want ECC, there are better supermicro models.To be honest the easiest way to get reliable intel server nics is $25 for a dual port on fleabay and they also come low profile, instead of paying extra for onboard versions. ($75~100 for LP quads)
Any chance you live near a microcenter? There are a couple nice cpu+board options, $90 S1155 and S1150 uATX boards with intel nics. (DH77EB w/ 82579V and H87M Pro4 w/ i217V respectively)
If haswell works on 2.1 this will get you aes-ni with the same clockspeed:
i3 4130 http://www.newegg.com/Product/Product.aspx?Item=N82E16819116946
http://www.newegg.com/Product/Product.aspx?Item=N82E16813157384 -
This will do what you want forever! http://www.ebay.com/itm/IBM-X3650-3-5-2U-Server-2x-2-5GHz-Quad-Core-16GB-4-x-73GB-15K-DVD-Rail-Kit-/331006101690?pt=COMP_EN_Servers&hash=item4d118048ba
-
This will do what you want forever! http://www.ebay.com/itm/IBM-X3650-3-5-2U-Server-2x-2-5GHz-Quad-Core-16GB-4-x-73GB-15K-DVD-Rail-Kit-/331006101690?pt=COMP_EN_Servers&hash=item4d118048ba
I totally agree with you on that but my company is wanting us to buy all new stuff. The other box that I was looking at is this:
http://www.ebay.com/itm/221280755944?ssPageName=STRK:MEWAX:IT&_trksid=p3984.m1423.l2649But they seem adamant about only getting brand new.
-
How does this setup look and is there anything that I should change?
Intel S1200BTSR LGA 1155 Micro ATX Intel Motherboard - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16813121714Intel Core i3-3240 Ivy Bridge 3.4GHz LGA 1155 55W Dual-Core Desktop Processor Intel HD Graphics 2500 BX80637i33240
http://www.newegg.com/Product/Product.aspx?Item=N82E16819116773Western Digital Scorpio Black WD2500BEKT 250GB 7200 RPM 16MB Cache SATA 3.0Gb/s 2.5" Internal Notebook Hard Drive
http://www.newegg.com/Product/Product.aspx?Item=N82E16822136279SeaSonic SS-300ET Bronze 300W ATX12V V2.3 80 PLUS BRONZE Certified Active PFC Power Supply - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16817151086G.SKILL 4GB (2 x 2GB) 240-Pin DDR3 SDRAM DDR3 1333 (PC3 10666) Dual Channel Kit Desktop Memory Model F3-10666CL9D-4GBNQ
http://www.newegg.com/Product/Product.aspx?Item=N82E16820231190iStarUSA D-213-MATX Black Metal/ Aluminum 2U Rackmount microATX Server Chassis 1 External 5.25" Drive Bays - OEM
http://www.newegg.com/Product/Product.aspx?Item=N82E16811165213Total comes to $495
I see you are paying a lot more for a server board (C206) but using regular ram. That cpu also has no aes-ni which you can do cheaper with haswell i3s, not sure if that platform is too new for even 2.1 though.
If you do want ECC, there are better supermicro models.To be honest the easiest way to get reliable intel server nics is $25 for a dual port on fleabay and they also come low profile, instead of paying extra for onboard versions. ($75~100 for LP quads)
Any chance you live near a microcenter? There are a couple nice cpu+board options, $90 S1155 and S1150 uATX boards with intel nics. (DH77EB w/ 82579V and H87M Pro4 w/ i217V respectively)
If haswell works on 2.1 this will get you aes-ni with the same clockspeed:
i3 4130 http://www.newegg.com/Product/Product.aspx?Item=N82E16819116946
http://www.newegg.com/Product/Product.aspx?Item=N82E16813157384Is there a chance that I could get a good NIC on newegg? I live in a pretty remote area, so no microcenter around here. Dont mind spending the money for a intel server nic if that would be much more reliable. Do you have a suggestion on RAM, or just any good server RAM will do?
