Thoughts on this possible hardware purchases?
-
A HDD is fine, but with 15 users I would bet Squid will play a critical role and SSD would be a bit more faster. Typical HDD will be just fine.. hey we lasted so many years with them :D
I like embracing new technologies and let go of old ones. The more we use the more it becomes common ..the more we progress. Holding on to things just hinders progress.. lol ;)
-
The data retention of some of the new SSDs are abit scary to me. I'm not using any MLCs or TLCs but the thought that if I turn my system off for a couple of months its going to just forget everything is funny to me. I'm not sure if thats what they actually do, but it does appear to be what their specs suggest. Somethings gonna need to be fixed about that if it is the case.
-
The board in that box, the Intel D2500CCE is well tested and written about here on the forum. You would have no issues running it but it probably won't like all those pakages. It depends on what bandwidth you are expecting it to handle. 2Mbps - no problem. 500Mbps with all those packages - not a chance.
Steve
What about the same packages with 6meg dsl connection (max they can go is 18meg), with 5-7 users?
-
Thats lower throughput - So, original specs should be fine. (I'd think)
-
That WAN throughput is a walk in the park for an Atom. Packages would run just fine on it. Just ensure you fine tune Squid and Snort to how you like them to behave and keep an eye on page loads and download times.
Let us know how it all worked out ! :)
-
My internet connection is a measly 5/0.5 ADSL
The business park we are in has oooooolllld infrastructure and there is literally zero other option for our connection.
-
Have you considered transmitting wifi from a 4G phone to your pfsense. It might be alot faster… haha.
(Kidding - You would no doubt eventually get throttled).
Yeah - Any old dual core atom can handle this.
-
The board in that box, the Intel D2500CCE is well tested and written about here on the forum. You would have no issues running it but it probably won't like all those pakages. It depends on what bandwidth you are expecting it to handle. 2Mbps - no problem. 500Mbps with all those packages - not a chance.
Steve
What about the same packages with 6meg dsl connection (max they can go is 18meg), with 5-7 users?
I think smallnetbuilder did a bechmark of the D525 with IDS features enabled, it was able to push around 230 - 250mbps on an Atom. For most small networks that is more than adequate. Also, with such small numbers if users, it is hard to saturate a connection continuously with such a speed anyways.
But if you're worried about headroom, the G530 is a great choice or a low-end/low power i3. Price of all the hardware should be comparable.
-
Yeah.. that was on v1.2.3 .. or whatever that old version was.. with snort barely having any major rules processing. A lot has changed since then with over 10 version changes on Snort. Plus no dans with clamd or pfBlocker. Those are CPU hoggers.
-
My internet connection is a measly 5/0.5 ADSL
The business park we are in has oooooolllld infrastructure and there is literally zero other option for our connection.
For this? I don't see the need for anything more than a Netgate 2D3. Add the HiFN crypto board if the IPSec brings you down. 15 users on a 5/.5? lets be real. That puts you at $300/site. Buy a third as a hot spare or buy 4 and go HA.
Nothing was said about squid, snort, AV, etc. I've seen the Alix board handle 90 mbits (no proxy, no snort)