Hey, pfSense team: no love for old hardware?
-
I made the jump to 'old' 64-bit hardware around the time of 2.1.5 and I am pleased that I did. I still have one 32-bit pfSense machine in service but that's simply because it is practically silent and is used in a noise sensitive area. I reluctantly scrapped most of my 32-bit hosts at the recyclers and bought thirteen old 64-bit server class machines to replace them for less than the cost of a budget spec new Windows10 laptop.
I think amd64/x64 hardware will be common for a long time yet but ARM kit will flash by as quick as mobile phone hardware does. I am surprised about pfSense considering ARM it must be a 'factory' requirement. For the Community Edition ARM has the added complexity of processor variety that is almost proprietory with bits and bobs of some ARM versions being used in others E.g. RaspberryPi ARM6+7 as well as 32-bit and 64-bit versions needing some GPL violating binary blob for some functionality.
-
Please stop using hardware more than 8 years old. Supporting old hardware holds everyone back. Either you're moving forward or backward.
-
-
Please stop using hardware more than 8 years old. Supporting old hardware holds everyone back. Either you're moving forward or backward.
I don't think what matters here is the age of a piece of hardware, but the technology standards it conforms to.
There's a huge difference between an Intel Pentium 4 an a Core i7 for sure, but not much difference between a Core 2 Duo and a Core i7 when it comes to hardware compatibility.
Performance in the other hands has to be scaled, but that's another conversation entirely…
In any case, the SG-2440 on the pfSense store does better with a cheap price than most old Hardware you can buy.
-
Please stop using hardware more than 8 years old. Supporting old hardware holds everyone back. Either you're moving forward or backward.
Free hardware trumps holding you back every time.
-
Some things that have no initial cost are still not free.
-
@jwt:
Some things that have no initial cost are still not free.
Like the school district north of me that in the earlier part of last decade had a donor that wanted to give them 20 brand new computers.
The district thought about it and decided to not accept the donation based on the ongoing maintenance and replacement costs that would follow.
-
Please stop using hardware more than 8 years old.
No, thank you.
You would like to keep your old hardware but use new software?
-
I think its time to dig out that old 286 that I have stashed in the garage! ;D
-
I think its time to dig out that old 286 that I have stashed in the garage!
Don't laugh, up until pfSense 2.2.5, I had one site still running on an old P-III w/384MB RAM
They finally succumbed to progress and moved into the 90's with a 64 bit machine - last year
-
The days of grabbing an old piece of junk out of the closet and repurposing it are coming to an end.
Increasingly in the industry, new software requires new hardware. It's becoming a simple fact of life. There are many good reasons behind this, but two that I will call out are 1) the greater overall system advances that are achieved by the software taking advantage of the new hardware, and 2) the dramatic reduction in QA and support costs. The economics are plain and simple. Given a option between "how do we make this work on 5+ year old hardware" and "how can we make use of Intel's new instruction set", the choice is clear. [Btw, don't assume that because something is open source that economics don't apply–the currency is people's time.]
And at some point, all other things aside, old hardware becomes a loosing proposition. The bathtub curve always wins in the end.
Five years and out. Trending down.
-
I'm sad 32bit support has ended as I got a real kick out of my router being a 2004 vintage P4 box I got for free. I've had a lot of great years with this machine. Now, I'm replacing it with a Xeon-based machine I bought from a recycler for about $30. No more will I be on 768MB of RAM, but rather 6GB. Thing is, for what my router does, which is definitely routing and the like, the P4 probably could be good for some years to come. I don't really need or want pfsense to add tons of other features, as I like my infrastructure to be compartmentalized. No matter, the change is more of a minor inconvenience than anything. I might whine more if I were paying anything, but you know… I'm not. So thanks pfsense!
UPDATE: Here I am about an hour later, running on my "new" pfsense router. I gotta admit the switch from a Dell Optiplex GX260 to a Dell Precision 490 (P4 2.26GHz, 1core, 768MB memory to Xeon 5120 1.87GHz, 4 threads, 6GB memory). This $36 Xeon dumpster box from around 2010 should serve me well for another decade or four. I bet it'll be retired only to switch to something more power efficient. My exported pfsense had a lot of customizations in it, but it imported easily. The only issue at all was some interface names had changed. pfsense handled that easily. I even brought over one of my PATA drives without much effort (I use it for squid cache). Hah. Retro upgrade.
Based on numerous before and after throughput tests (speedtest.net), seems my latency is about the same, in some cases a lot higher, in a few cases barely faster. My up and down throughput remains basically identical to before dumping my P4 rig. Any of these changes may simply be due to the time of day (Saturday, mid-day).
UPDATE 2: Well, my new machine derailed pretty hard after not too long. After the initial install, I imported my old config. Then I updated one minor pfsense release to the latest version successfully. Then I made some minor config changes and added a line to my /etc/fstab that I confirmed working by invoking it from the command-line. Finally, I did a last reboot to confirm all was stable and it died with this message:
I tried a few minor things to recover, but ultimately just reinstalled. But this time I opted not to bother with ZFS and just went with UFS. I've added back my fstab mod and all's well. Everything's updated again, reboots are survived. I'm inclined not to blame ZFS, but.. Maybe.
-
dennypage - I disagree. I think the reasonable limits for an opensource project should be OS limits.
For example… An OS won't boot with less than a certain amount of ram. Or the OS removed support for this or that hardware.
If you have to spend time writing code to exclude certain hardware, you are not acting like any opensource project I know of.
Hell - Go that route and people will just buy cisco.
-
dennypage - I disagree. I think the reasonable limits for an opensource project should be OS limits.
Hell - Go that route and people will just buy cisco.Dude- Your replying to a post from April 2016.. ;D
But have you tried to run Cisco software on a non Cisco device? Good luck!
32 bit has another year of updates at this point. At the end of that year the boxes are not going to magically stop working.. (well, maybe have a higher failure rate due to age)
People still using 32 bit equipment will still be more secure than consumer grade store bought routers bought today in a couple of years I bet. But it gives them time to plan and find a new AES-NI box. :)
-
Not building and maintaining and testing the 32-bit subsystem is not more work as asserted. It is less work.
-
In my case I was referring to AES-NI. Which I still think 95% of users don't NEED.
For most people its just a cool spec they get to "oooooohhhhh" over when they look at their dashboard.
I run VPNs on every box I've installed, so I probably NEED it more than most. And I still don't need it.
If I had gigabit connections on both ends of a VPN tunnel I probably would. Thats still an extremely small percent of users.
-
Let's not revive old threads please. The 64bit and AES-NI requirements have been discussed many times, it's time to move on. Thank you.
