Urgently needed - Examples of Enterprise Level pfSense use
-
whatcha gonna use openvpn for ? openvpn is really cpu intensive if you want to push >100mbit over it
-
To introduce myself: I am an economist. Which means I will whine about many things, but certainly, when ever seeing the opportunity to whine about economics, expect not to invite me in: I am already on board, I sneaked in right behind you when you weren't paying attention. Obviously, I simply got lost and ended up in this forum, while still looking for the correct forum where people like me should reside.
(Trying to be funny: you decide ;D ).
That being said:
covering c32000 homes.
a major Social Housing provider
Is the c a typo error and is this 32k social housing houses that get free WiFi?
Any help you can give in providing the evidence we need would be very gratefully received.
I'd advise you to contact the admins/owners of this fine place and ask for their consulting. I'm sure you'll need it if you win it, and I'm sure the company behind this project is more than willing to help you out with some consulting ;D
-
Its actually very easy to setup but difficult to maintain.
I run pfSense in an Enterorise environment running a cloud hosting provider seeing heavy bandwith usage.
I can provide you with a lof of scenarios for this solution, but not for free when we are discussing this magnitude of setup.
-
Its actually very easy to setup but difficult to maintain.
That tickled me, Mule: what is difficult to maintain?
-
This scenario takes 10+ pfsense boxes to be maintained and running in CARP scenarios to secure uptime in different physical locations spread across North England to secure uptime and redundancy.
If you run 1 or 2 boxes then you cant take multiple nodes out of the equation without sacrificing bandwith and uptime…
-
example 1
I have a client using wireless links in the 3.x gig range (licensed) with multiple locations and primarily for (private) VOIP solutions throughout their region. They use bare metal units running pfSense and only use the routing capabilities "inside" the network with only one firewall enabled at the point where the network touches the rest of the world.The system is used in the broadcast industry and works very well for them.
example 2
I have a main data room at my main location that hosts company servers and my primary pfSense loaded box. This location hosts (as of right now) 6 OpenVPN connections to our other business locations including a couple of "customers" systems we installed so we can maintain their networks. Simple example but the OpenVPN connections are very rock solid.and this if you haven't seen it…
https://doc.pfsense.org/index.php/Comparison_to_Commercial_Alternatives
-
This scenario takes 10+ pfsense boxes to be maintained and running in CARP scenarios to secure uptime in different physical locations spread across North England to secure uptime and redundancy.
If you run 1 or 2 boxes then you cant take multiple nodes out of the equation without sacrificing bandwith and uptime…
Thanks Mule ;D
Ah, now I see: it's configuration management-related (yes, even economists can learn words out of their own field :-X ).
Question comes up: how do the Google's of this world manage this, with their a quadrillion servers?
A simple rsync of changes doesn't cut it, I understand, as box 1 needs a different config than box 7.
-
https://forum.pfsense.org/index.php?topic=89479.0
Cross post. :o
-
Do you know how Google routes their traffic and how its distributed??
We are talking 32.000 end users…. Streaming, downloading and who needs to be secure and in a controlled environment.
Peak hours is maybe averaging 5+mbit pr. user and that amounts to 20 GB/s average bandwith....and the peaks can be much higher.
Since you cant adjust kern.ipc.maxsockbuf to much more then 4262144 then you will run into bandwith issues using pfsense with less than 10 boxes as the endpoint and that is only average use....
Use L3 switching instead and give every user a SOHO FW as a gift...
-
I guess we really should have mentioned that this is a not a network that will route ALL traffic via a single pfSense, that would be insane :-)
pfSense would be deployed within local segments of the network where Internet connectivity would also be deployed. OpenVPN would be used to
connect key locations together over the network.