Hey, pfSense team: no love for old hardware?
-
@jwt:
Some things that have no initial cost are still not free.
Like the school district north of me that in the earlier part of last decade had a donor that wanted to give them 20 brand new computers.
The district thought about it and decided to not accept the donation based on the ongoing maintenance and replacement costs that would follow.
-
Please stop using hardware more than 8 years old.
No, thank you.
You would like to keep your old hardware but use new software?
-
I think its time to dig out that old 286 that I have stashed in the garage! ;D
-
I think its time to dig out that old 286 that I have stashed in the garage!
Don't laugh, up until pfSense 2.2.5, I had one site still running on an old P-III w/384MB RAM
They finally succumbed to progress and moved into the 90's with a 64 bit machine - last year
-
The days of grabbing an old piece of junk out of the closet and repurposing it are coming to an end.
Increasingly in the industry, new software requires new hardware. It's becoming a simple fact of life. There are many good reasons behind this, but two that I will call out are 1) the greater overall system advances that are achieved by the software taking advantage of the new hardware, and 2) the dramatic reduction in QA and support costs. The economics are plain and simple. Given a option between "how do we make this work on 5+ year old hardware" and "how can we make use of Intel's new instruction set", the choice is clear. [Btw, don't assume that because something is open source that economics don't apply–the currency is people's time.]
And at some point, all other things aside, old hardware becomes a loosing proposition. The bathtub curve always wins in the end.
Five years and out. Trending down.
-
I'm sad 32bit support has ended as I got a real kick out of my router being a 2004 vintage P4 box I got for free. I've had a lot of great years with this machine. Now, I'm replacing it with a Xeon-based machine I bought from a recycler for about $30. No more will I be on 768MB of RAM, but rather 6GB. Thing is, for what my router does, which is definitely routing and the like, the P4 probably could be good for some years to come. I don't really need or want pfsense to add tons of other features, as I like my infrastructure to be compartmentalized. No matter, the change is more of a minor inconvenience than anything. I might whine more if I were paying anything, but you know… I'm not. So thanks pfsense!
UPDATE: Here I am about an hour later, running on my "new" pfsense router. I gotta admit the switch from a Dell Optiplex GX260 to a Dell Precision 490 (P4 2.26GHz, 1core, 768MB memory to Xeon 5120 1.87GHz, 4 threads, 6GB memory). This $36 Xeon dumpster box from around 2010 should serve me well for another decade or four. I bet it'll be retired only to switch to something more power efficient. My exported pfsense had a lot of customizations in it, but it imported easily. The only issue at all was some interface names had changed. pfsense handled that easily. I even brought over one of my PATA drives without much effort (I use it for squid cache). Hah. Retro upgrade.
Based on numerous before and after throughput tests (speedtest.net), seems my latency is about the same, in some cases a lot higher, in a few cases barely faster. My up and down throughput remains basically identical to before dumping my P4 rig. Any of these changes may simply be due to the time of day (Saturday, mid-day).
UPDATE 2: Well, my new machine derailed pretty hard after not too long. After the initial install, I imported my old config. Then I updated one minor pfsense release to the latest version successfully. Then I made some minor config changes and added a line to my /etc/fstab that I confirmed working by invoking it from the command-line. Finally, I did a last reboot to confirm all was stable and it died with this message:
I tried a few minor things to recover, but ultimately just reinstalled. But this time I opted not to bother with ZFS and just went with UFS. I've added back my fstab mod and all's well. Everything's updated again, reboots are survived. I'm inclined not to blame ZFS, but.. Maybe.
-
dennypage - I disagree. I think the reasonable limits for an opensource project should be OS limits.
For example… An OS won't boot with less than a certain amount of ram. Or the OS removed support for this or that hardware.
If you have to spend time writing code to exclude certain hardware, you are not acting like any opensource project I know of.
Hell - Go that route and people will just buy cisco.
-
dennypage - I disagree. I think the reasonable limits for an opensource project should be OS limits.
Hell - Go that route and people will just buy cisco.Dude- Your replying to a post from April 2016.. ;D
But have you tried to run Cisco software on a non Cisco device? Good luck!
32 bit has another year of updates at this point. At the end of that year the boxes are not going to magically stop working.. (well, maybe have a higher failure rate due to age)
People still using 32 bit equipment will still be more secure than consumer grade store bought routers bought today in a couple of years I bet. But it gives them time to plan and find a new AES-NI box. :)
-
Not building and maintaining and testing the 32-bit subsystem is not more work as asserted. It is less work.
-
In my case I was referring to AES-NI. Which I still think 95% of users don't NEED.
For most people its just a cool spec they get to "oooooohhhhh" over when they look at their dashboard.
I run VPNs on every box I've installed, so I probably NEED it more than most. And I still don't need it.
If I had gigabit connections on both ends of a VPN tunnel I probably would. Thats still an extremely small percent of users.
-
Let's not revive old threads please. The 64bit and AES-NI requirements have been discussed many times, it's time to move on. Thank you.