[ Show your pfSenses! ] - Thread - (bandwidth warning!)
-
Work in Progress - Probobly one of the weirder setups.
We do event work and next year we take over a large event due to issues with the previous supplier. This is one of two PF powered racks we will use to cover the 100 Acre site.
200Meg LL arrives in the switch at the top via 1KM of Fibre from the 'office'. This loops into the switch at the top and out again via fibre to the next rack (not built)
48port managed Gigabit switch doing all manner of VLAN silliness at the top.
24 port FXS under that. Generates the coltaged for the DSLAM and provides POTs lines to the site locations, lot more resilient than VOIP in this case as the event suffers frequent power issues due to generators.
Next up, 24 port VDSL2 DSLAM. This means we dont have the issues with Wifi the previous guys did but dont have the limitation on ethernet cables and expense of fibre. Yes thats a stack of Openreach modems on the right!
Under that, 24 POTS/VDSL ports
Under that a repurposed and upgraded Smoothwall UTM running ESXI 6
Memory bumped to 8Gb, boot SSD, SSD for Cache and a 1TB Drive for VMs.
Three vms, one running Asterisk/freepbx as a local PBX slaved to the office system.
One, minimal running Win7 for management, monitoring and looking after the LCD (not installed)
And most of it allocated to PF which provides PPPOE/DHCP services to the DSLAM via a LAGG. DHCP is locked down and used for kit that runs the modems as a plain bridge, CCTV etc. PPPOE runs those in router mode for site offices, wifi access points etc. Squid is used to do some load alleviation and hold a local cache, this has raw access to the cache drive (only has to survive a week). One network allows direct access to our Sat link for use ONLY with NHS IT for the Medical team, their traffic is kept clear of everything else and encrypted all the way through from the router in the hospital all the way oput to the NHS systems. This traffic only goes onto the Fibre as a VLAN and then picked back out further up at the switch with our Sat gear. To get at this traffic one would need to compromise the PF box, or switch, or the fibre and the VPN. Regardless unless the VPN is compromised there's no point anyway.At the bottom a large ups supplied by two external 12V AGMs
It also looks after the modified UPS at the bottom of the rack, provides captive portal for WiFi acees and one port is direct access to the Windows machine for testing modems etc without the hassle of having a laptop sat there too.
Oh and the cool thing, this whole rack has cost under £300 to build! That includes the huge pile of 24 VDSL modems.
.jpg)
.jpg_thumb) -
Yes thats a stack of Openreach modems on the right!
Ha! :D
I'd watch the cooling on those modems especially if they are the earlier Huawei model. I've had a number of those that would only work reliably if mounted vertically to allow air flow through the case.
Steve
-
of the 10 we have thus far purchased I've had to re-cap 8 of them. Makes a difference. They sync up at 35/50down and 10 up with the bad caps, after changing them I get 100/50. Def worth a look if you get sudden speed drops. Very rare the whole pile is on. Struggling with SNMP silliness at the moment.
-
Hmm, I've not seen that symptom myself, I'll be checking for it now though. :)
Steve
-
There is one on the front right of the board (EC16) that has failed on a couple too.
-
Ouch, can't argue with that.
Steve
-
PFSNSE version:2.3.4-RELEASE-p1
SYSTEM:
SuperMicro SuperServer 5017A-EFMotherboard:
X9SBAA-FCPU:
Intel
Atom
Processor S1260;
2.0GHz 8.5W, VT-x, 64-bit, Dual-Core, Hyper-ThreadingRAM:
DDR3-1333 ECC 8GBHD:
2x 2.5inch Western Digital 320GB ( ZFS )NIC:
2x Onboard Intel NicsPower Supply:
200WPackages:
Snort
FreeRADIUS 3
OpenVPN Client ExportThere is 3x Raspberry Pi 3 Model B+.
One is running Unifi Controller for the AP's in the House ( right red case )
One is running Nagios ( middle red case)
One is a NTP Server with the Adafruit GPS Hat (left black case )The HP MicroServer G8 is running FreeNAS.
The Dlink NAS 323 is purely a torrent box. -
pfSense version:2.4.3-RELEASE-p1
Motherboard - Asus H110M-K
CPU - Intel Celeron G3930
Ram - 8GB HyperX Fury DDR4-2133
HD - Hitachi 5K500 250GB (from a laptop I had to turf)
Power - EVGA 500B (500w)
NIC - 2 x Intel Gigabit CT
all inside a Cooler Master N200 case -
This post is deleted! -
pfSense C2758 1U firewall appliance, circa July 2014. Still working great! Not hooked up in this photo. But I love it.
-
Pfsense 2.4.4 on a APU2C0 Board with Compex WLE200NX WiFi Card.!
🔒 Log in to view
Display is attached via USB. -
My pfSense set up, a 2011 Mac Mini server with 8inch 1080p monitor just to share!
The setup as it is now with the Akitio thunderbolt 2 PCIe enclosure with Intel i350-T2.
-
Here is my Smoothwall SWG700 motherboard hidden in the front room with the LCD to show stats no mess no cables lovely no sound too :)
-
This post is deleted! -
This is my rebuilt pfSense / network after moving to a new location/apartment and rejigging the complete network structure.
It's an older Atom C2558 with 6 1Gbps Intel NICs and 8GB RAM. Multiple VLANs (on the gray line), Lab VLAN (blue one), decicated management (black) and LAN (green). Uplinks are white. Same scheme on the Unifi Switches. WiFi uses Radius-based VLANs with FreeRadius running on pfSense, switches are using Mac-Auth 802.1x to allow/deny/map appropriate VLAN on the ports. The small ones above the "sense" are 3x Raspi 3B+ and below a BackUPS attached via USB to pfSense with the NUT package.
That's the final shot of the build, the whole thing (in german) was documented/detailed in this Thread
-
This post is deleted! -
Hopefully this picture is self explanatory:
Phizix
P.S. The SG-5100 shown was upgraded to 16 GB memory and 64 GB M.2 SSD.
-
SUPERMICRO SYS-5015A-EHF-D525 1U Intel Atom D525 Dual Gigabit LAN IPMI Server
4 gig ram
Intel EXPI9402PT 10/ 100/ 1000Mbps PCI-Express PRO/1000 PT Dual Port Server Adapter
two 250gig WD black 2.5 inch drives mirrored
1500AV UPS (not shown) for 1.5 hours of backup time.
And for the heck of it a Crystalfontz display.
Have gigabit wireless access point as well hooked up. -
Finally finished my pfSense router/firewall box:
- Intel Pentium Gold G6400 4GHz CPU
- Asus B460 motherboard
- 2x8GB Corsair DDR4
- Corsair 550W PSU
- Samsung EVO 970 250GB nvme SSD
- 3 x Intel CT gigabit desktop adapters
- 1 x 3com 905C PCI network adapter
It has WAN,LAN,DMZ and WLAN networks
3com card services WLAN p2p link it being only 100mbps card it is perfect for the job :)
Onboard intel ethernet as of current pfSense release is not supported it will serve future expansion needs.
Half the components are somewhat overkill for the job however it is there incase i want to repurpose it at some point.
With powersave options enabled in bios and in software it uses 15 watts of power according to APC UPS power meter, which is better than what i imagined it would be.
This router/firewall project started because my OpenWRT router only managed to handle 40mbps so now i should be futureproof when i upgrade to gigabit internet.
-
