Netgate c2758 or Er Lite good enough?
-
So I'm getting 1gig/200 internet in the next couple of weeks and looking to get a beefier router so I can maximize my WAN\LAN performance. I don't currently use any QOS or anything like that, just the standard firewall and NAT that the r7000 comes with, so it seems if that's all I want to do is the simple NAT\block everything firewall an ER LITE may be ok, right? I know if I turn on QOS the ERLITE performance takes a dump, and given I'll have a bigger pipe and more tempted to use it, QOS may be something I look more toward now; then again maybe not because it is a big pipe. Below is a picture of my network as it sits now:
http://ctrlv.in/699538
I was thinking of getting the NETGATE C2758 and then loading it up with pfSense. I also contemplated building my own similar to that in a different form factor and purchasing support as I like to build things.
I do like the flexibility and add-in modules that pfsense has to offer like snort, squid, various reporting tools, etc and I'm sure i'd play with them some. The big question is, is it $400 better? This build will come in around the $500 mark versus $100 for an ERLITE. Thanks!
-
Hello,
I would more have a look on the SG-4860 or SG-8860 to get right sorted. Not quiet but powerful enough
to build a real and full UTM device. So I really would do it in that way.The ERlight router will be a s,all router for NAT and VPN only as I se it right also the more intuitive
webgui from pfSense will be pointing more or better, in my eyes. The r7000 could be a Netgear router
and also offers only SPI/NAT and would do the mostly work in silicon based on a ASIC/FPGA insideof this
device. So nothing to compare it to pfSense that is a software firewall. -
Thanks for your response, I actually got the bug to build my own so the parts should be here in a few days.
SuperMicro Cse-505-203B 1U case with 200w gold psu
SuperMicro A1SRi-2758F-O c2758 2.4 ghz Atom
2x8 Kingston ECC 204Pin DDR3 memory KVR16LSE11/8KF
60 Gig Kingston SSDAll the parts should be here within a week, we'll see how it goes!
-
SuperMicro Cse-505-203B 1U case with 200w gold psu
If you get at one day a new one, you could convert it to a NAS or something
else by using this cases.- Supermicro SC721 TQ-250B / CSE-721TQ-250B mini ITX Tower
- Supermicro SC101i CSE-101i mini ITX
SuperMicro A1SRi-2758F-O c2758 2.4 ghz Atom
- please activate the PowerD (hi adaptive) option
2x8 Kingston ECC 204Pin DDR3 memory KVR16LSE11/8KF
- high up the mbuf size to 1.000.000
- high up if needed the default Squid RAM size from 256 MB to 4 GB or 6 GB
60 Gig Kingston SSD
- Enable TRIM support if this SSD is capable of TRIM support
Please create a boot/loader.conf.local file that will be hold this custom settings that they will survive
the next update or upgrade process, or you will need to re-enter all custom settings in again!Remember that the PPPoE connection to your ISP will be only running over a single CPU core!!!
So please don´t bother with the hardware that you will get only something lower then a full 1 GBit/s. -
Will do, good settings to know. I don't believe my provider uses PPPoE so I shouldn't have that problem :)
-
Will do, good settings to know. I don't believe my provider uses PPPoE so I shouldn't have that problem :)
The best will be if you get a real static public IP address from your provider! Then all CPU cores will be in usage
and this "problem" is not affecting you. The other custom settings might be a good realizing a good start with this
hardware for you. Good luck and have fun with this hardware.