Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Two or more pfsense boxes

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 4 Posters 675 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Z
      ZeroNine
      last edited by

      Is there ever a reason why you would want to have two or more pfsense boxes in your network?
      I was wondering if this is a common practice to separate functionality to separate devices like having one pfsense as firewall only and running another for squid or any other task. Is this a common or best practice for better cpu/memory management?

      1 Reply Last reply Reply Quote 0
      • T
        tim.mcmanus
        last edited by

        Many reasons for it. Redundancy in an HA or warm-spare setup is common. You could off-load some services to other pfSense instances, but it may be a better idea to build a server/appliance just for those things w/o needing pfSense specifically to do that. It's really up to your requirements.

        1 Reply Last reply Reply Quote 1
        • Z
          ZeroNine
          last edited by

          Thank you for the info.

          1 Reply Last reply Reply Quote 0
          • A
            akuma1x
            last edited by akuma1x

            You DO NOT need a pfsense instance to run squid, it's actually a stand-alone program that can be installed on almost any PC operating system, be it bare metal or even virtualized. Has been that way for a long time...

            https://en.wikipedia.org/wiki/Squid_(software)

            I can't think of many reasons (besides redundancy or high availability) to run multiple pfsense boxes on the SAME network. Maybe some of the other pros can chime in. If you've got enough ports on a pfsense box, or use managed switches, that's kinda all you really need to create a pretty robust network.

            Jeff

            Z 1 Reply Last reply Reply Quote 0
            • Z
              ZeroNine @akuma1x
              last edited by

              @akuma1x
              Thank you for the info.
              I have one pretty stable pfsense box running as a firewall for my network however whenever I try to add any packages, the cpu/memory/tempature starts to climb and the box starts to become unstable. It could be miss configuration on my part however I started to think maybe I need to run another pfsense box to add on any extra packages.

              A 1 Reply Last reply Reply Quote 0
              • A
                akuma1x @ZeroNine
                last edited by

                @ZeroNine said in Two or more pfsense boxes:

                I have one pretty stable pfsense box running as a firewall

                What hardware might this be? It could be out-of-spec if it's too old, underpowered, etc.

                Jeff

                1 Reply Last reply Reply Quote 0
                • Z
                  ZeroNine
                  last edited by

                  Intel Dual Core Celeron, 64 bit, up to 2.48GHz, AES-NI hardware support
                  2x Intel i211 Gigabit Ethernet NIC ports
                  4GB DDR3L RAM, 32GB mSATA SSD
                  4x USB 2.0, 2x USB 3.0, 1x RJ-45 COM, 2x HDMI

                  1 Reply Last reply Reply Quote 0
                  • M
                    Mats
                    last edited by

                    having a prod and a test/dev FW can be good.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.