Hardware performance Supermicro 5018A-FTN4
-
Hi Guys,
For a medium business, I would like to know, if this supermicro 5018A-FTN4 with 8 GB DDR3 and 2 RAID 1 WD black 2,5" would be enough.
The supermicro MB has 4 ethernet ports + I take an additional four ports Intel NIC.
We have three WAN lines, two ADSL 10 mbits/s and a SDSL one 4mbits.
70 permanents users on the SDSL one, with a squid proxy.
A captive portal on another adsl line with ip 100 to 150 users but not every day.
The last ADSL line has no captive portal for the moment, but sometimes 100 to 150 users too.
And I think to a fourth WAN ports for a public DMZ for a web server and Edge Exchange 2010 server.
For every WAN, I want a LAN port as in my networks, I have several VLAN, but not managed by pfsense.
I want use VPN too on ths SDSL line up to 20 users.My question is :
Is CPU 2758 8 cores is enough ?
Is 8 GB is enough ?
Is WD 320 GB harddrive i senough or is it preferable to use SSD ?Thanks
-
For a medium business,
What is a medium business, please? Is this a coffee bar or a big shopping mall or what is it really?
if this supermicro 5018A-FTN4 with 8 GB DDR3 and 2 RAID 1 WD black 2,5" would be enough.
I would more have a look to an Intel Xeon D-1540 or Xeon E3-12xx v3 system that comes sorted around with
~8 GB - ~16 GB RAM and a big SSD. So you would be able to get higher CPU core frequency and a higher RAM
clock frequency, perhaps something likes;- Intel Xeon E3-12xxv3 4 Cores @3,4GHz - 3,6GHz
- 8 GB - 16 GB of DDR3 1600MHz or 1866MHz
70 permanents users on the SDSL one, with a squid proxy.
A captive portal on another adsl line with ip 100 to 150 users but not every day.
The last ADSL line has no captive portal for the moment, but sometimes 100 to 150 users too.- Squid proxy = SSD that is big enough if you want to use it as a caching proxy
- Captive Portal would be not the problem at all, but pending on the number of users a 4 Core CPU
And I think to a fourth WAN ports for a public DMZ for a web server and Edge Exchange 2010 server.
Then perhaps a policy based "Load Balancing" set up would be the best to handle this WAN ports right.
- policy based load balancing
- service based load balancing
- session based load balancing
For every WAN, I want a LAN port as in my networks,…
This can be easily realized by adding a 4 Port Chelsio server adapter from the pfSense shop
- it is able to fully offload the NAT process from the pfSense
- it is able to fully offload the VLAN process from the pfSense also.
I have several VLAN, but not managed by pfsense.
I prefer this method also, but in sometimes it could be wise to manage this by the pfSense
if a DMZ is also in the game might be perhaps a situation like this.I want use VPN too on ths SDSL line up to 20 users.
The Xeon E3-12xxv3 is capable to handle this with ease and comes with AES-NI support too.
My question is :
Is CPU 2758 8 cores is enough ?Others might be having a different meaning, but I would prefer something stronger
likes the Intel Xeon D-1540 or Intel Xeon E3-12xxv3 4 Core starting @3,0GHz upstairs!Is 8 GB is enough ?
RAM is a point many peoples would be also having a dedicated view on then me,
if RAM is cheap to get and can solve many things out, likes increasing the mbufs
size and on top speeding many tasks up if fast RAM is used, and so 16 GB would
not be wasting because the default RAM usage of the Squid and the mbufs size can
be easily increased to tune this pfSense set up.Is WD 320 GB harddrive i senough or is it preferable to use SSD ?
Go with an SSD or mSATA instead of other drives, and if you wnat to use the Squid as a caching proxy
it is nearly a must be to use one, a great one from 128 GB or 256 GB might be the best option, because
then the wear leveling algorithm is able to use many free blocks for a longer live time and also a bigger
part of the SSD would be used as the cache for the entire SSD or mSATA.
In normal or the most vendors of SSDs, but not all, are using a way likes this.- 32 GB SSD/mSATA = 4 GB cache
- 64 GB SSD/mSATA = 8 GB cache
- 128 GB SSD/mSATA = 16 GB cache
- 256 GB SSD/mSATA = 32 GB cache
- 512 GB SSD/mSATA = 64 GB cache
So more free blocks to be use means also a theoretical longer lifetime for the entire device and
also to use more cache to be faster as smaller ones.For pppoe at this moment only one CPU core is used for the entire WAN area and then with 4 WAN ports
and VPN usage on top you will be perhaps not glad with an Intel Atom processor for your set up. -
Thanks you very much for your response.
When I say a medium business, I think to something like a medium-sized enterprise with 100 to 200 people.
But where I work, it is a training center with sometimes up to 200 -300 people who need to be connected, and with 70 permanent workers, always connected with a desktop PC and sometimes one mobile device, so you can imagine the number of connections.
And now I have to add a web server, and a mail server in a DMZ.
So I am OK with the memory (16 GB is great), and with the SSD too, as I thought to use 2 256 GB SSD in RAID1.
But I am disappointed with the processor, as I thought it was powerful.
In the pfsense store, it's the same CPU Atom C2758 8 cores on the pfsense C2758, and they said "great for medium to large networks or for a small network that is expanding." -
When I say a medium business, I think to something like a medium-sized enterprise with 100 to 200 people.
Together with many installed packages and services it could be that the C2758 will be underperformed.
So I am OK with the memory (16 GB is great),
This all depends on how many simultaneous connections you'll have, and what packages if any you'll run.
The packet filter, the IP forwarding parts, and even NAT (part of pf, but run at a different phase) all hit
the memory system. It's likely not that your CPU can't keep up, it's that your memory system is saturated.
So much more RAM as usual might be better in this case with floating users, VLANs, WiFi client isolations
and Squid + the Captive Portal.and with the SSD too, as I thought to use 2 256 GB SSD in RAID1.
I would be prefer one big SSD over a RAID1, it will be faster then the RAID level and with much more
ease to change if a damage occurs.But I am disappointed with the processor, as I thought it was powerful.
This could be, but then you will need not to connect to your ISP or the Internet connection through
pppoe, you will be needing a static IP address that all CPU core should work on the WAN port and
not only one CPU Core alone!In the pfsense store, it's the same CPU Atom C2758 8 cores on the pfsense C2758, and they said "great for medium to large networks or for a small network that is expanding."
Yes. this could be, because it was tuned and pimped up by the developer team and you might be not able
to reach this level as you will do the same job for your own pfSense box for sure! But also this version of
pfSense will be not able to use more then one CPU core only for the WAN port part. -
:)
Thanks for your advice.
I have a quote for the 2758 + 16 GB RAM + 1 SSD Intel 240GB + a 4 ports LAN card , but the D1540 is almost twice the price.
So I will see in the next days what I do. :'(