Pfsense on old laptop
-
@stephenw10 i saw a YouTube video tutorial on how to do vlans using a managed switch. just wondering, my laptop only has a 100Mbps ethernet card. if i use the vlan approach, won't it lessen the speed of the ethernet card on the laptop? will it affect the overall speed?
-
That NIC will do 100Mbps full-duplex, both ways at the same time. So if you're send 100M UDP into one VLAN it can send it back out on a different VLAN and not lose speed. For TCP traffic there are also replies and that eats into the total bi-directional so you will see less that 100Mbps.
What is your WAN connection there?
If that laptop only has a 100M NIC I would question using it at all. That's the Mac I assume? Hard to imagine anything with an i3 could not have a Gigabit NIC.
Steve
-
hi @stephenw10,
i've decided to use the dell n4050 instead as it consumes less power compared to the mac. as for my wan speed, i only get a max of 100Mbps for my internet.
this will be one of my options. to use the existing lan card and use a managed switch and setup vlans. i found a cheap ($25) one online (tp-link tl-sg105e). although since this is a smart switch that supports vlan and not a actual managed switch, i'm not sure if it will work.
https://www.tp-link.com/us/business-networking/easy-smart-switch/tl-sg105e/#specifications
i've also been looking into some more options as well.
option #2 is using a mini-pcie to pcie x1 adapter. i found one on-line and it's pretty cheap ($10 more or less).
here are the specs for reference.
PCI Express Mini Card Electromechanical Specification Revision 1.0; PCI Express base Specification 1.1 (Up to 2.5Gpbs); USB Specification, Release 2.0 Hi-Speed (Up to 480Mbps); System Management Bus (SMBus) Specification. Version 1.1; PCI Express Card Electromechanical (CEM) Specification 1.1; Power Supply: 3.3V (For PCIe Slot. from Mini PCIe slot). 5V (For USB, from FDD 4 pin). 12V (For PCIe. from FDD 4pin);
based on my understanding from the specs above, i can get a max speed of 2.5Gbps for the pcie so i'm guessing i can use a cheap intel dual nic ethernet adapter instead of a quad nic card.
option #3 is to get this one below which is a mini-pcie to one gigabit ethernet (around $7) and plug the connection to the managed switch from here instead of the 100Mbps built-in lan card. the only concern i have with this is if pfsense will detect it. specs doesn't say which chipset it is using.
Support existing CAT-5 UTP cabling with automatic crossover detection Fully compliant with PCI-Express Base Specification Revision 1.1 Single-Lane (x1) PCI-Express with throughput up to 2.5Gbps Compatible with PCI-E Mini Card Electromechanical specification revision 1.2 Compatible with Half size Mini card type form factor Fully Plug and Play compatible A high performance 1000BASE-T Ethernet controller card Backwards compatible to 10/100BASE-T networking 10/100/1000Mbps data rate auto negotiation operatio Compatible to existing CAT-5 UTP cabling Fully compliant with IEEE 802.3, 802.3u, 802.3ab Supports full duplex flow control (IEEE 802.3x) Supports IEEE 802.1P Layer 2 Priority Encoding Supports IEEE 802.1Q VLAN tagging Supports jumbo frame to 9K bytes Crossover Detection and Auto Correction operation
any advise on which option looks best?
-
Hmm, I mean by the time you're adding a bunch hardware and spending money I would question using a an old laptop at all. You don't need to spent much on second hand gear to get something with a number of dedicated 1G ports.
There is no way of knowing if that mPCIe adapter will work unless someone has already tried it.
Steve
-
@stephenw10 your response got me thinking and so i did some more research on other options.
-
buying old hardware like dell optiplex etc. just need more research with regards to energy consumption.
-
virtualize pfsense. i already have a freenas (11.3) at home running on a pentium G4600 with 16gb RAM. good thing about this is that the processor supports aes ni (not a requirement for me but nice to have). i've seen others do this. my motherboard has a PCIe x1 2.0 (which based on my research can handle gigabit quad nic). i can dedicate these to the pfsense vm.
what are your thoughts on the #2?
appreciate your feedback.
regards,
allen -
-
@asandiego said in Pfsense on old laptop:
what are your thoughts on the #2?
I ran pfsense as VM for many years.. And many people do that.. There are some things I loved about it.. One being the easy method of taking a snapshot before playing with the latest snap of whatever dev build was being worked on.. Bad thing about it - any time I had to reboot my VM host, had no internet.. Update of VM (esxi) caused loss of internet for the whole house..
So its not like that solution doesn't come with its own little issues. Other thing I like about it - is it made for easy playing with other router distros, or running stable version of pfsense - and then booting a new dev version.. Since I had my VMs using the same mac address for wan and same IPs for lan side.. You could move to this or that VM for your router with very little loss of connectivity, and not even a change in the public IP (using cable modem)..
Again ran that for many years - through multiple generations of esxi.. I finally had to move away from that and use hardware for router when increased internet connection, and the VM way just didn't have enough umph to handle new faster internet speed. So it was either get a beefer VM host, or just put pfsense on its own hardware. I went with downsizing what I was using for VM and storage.. I can still run VMs on the nas, and do run some play with pfsense VMs as downstream routers in my network for testing stuff.. And getting a sg4860 as my router.
Worse case if hardware router took a dump - I could in a pinch fire up a pfsense VM and route the whole network through the nas VM setup..
Now I can reboot my nas with still having internet.. So while VM is a very viable and workable method.. Just be sure you understand it comes with a few grains of salt to running your router on its own hardware.
If your going to spend money to get some hardware you have laying about to work.. And its going to be some sort of frankinbeast. For my 2 cents, I would take that money and put it towards something actually meant to be a router.. The sg1100 is great entry level router.. If your internet isn't all that fast anyway.. Great solution.. Prob out perform your VM version, unless you have a pretty hefty VM host box..
I would either go VM, or something meant to be a router for hardware..
-
@johnpoz Thanks. I'll probably go this route. Forgot to mention that I'll be using dual wan, load balancing, openvpn, dns and probably qos. For the vm, I plan on allocating 1 cpu and 1gb RAM. Will it be enough for my requirements?
The sg-1100 is currently above my budget as it costs around $300 here but maybe sometime in the future.
-
@asandiego said in Pfsense on old laptop:
Will it be enough for my requirements?
What are the speeds of the wans? What is host cpu(s).. Ram and number of cpus - doesn't always = speed in routing.. Even if you throw 32 gig and 4 cpus to the VM..
My issue was the esxi host VM just couldn't handle 500mbps - no matter how much ram and cpus I gave the VM.. I could only get about 120ish mbps out of it.. Even though everything was gig connected..
-
@johnpoz i recently found out that primary isp boost my speed up to 115mbps (plan on upgrading to probably 400 mbps). the other is around 50mbps (backup lte).
my processor is an Intel
Pentium Processor G4600 3M Cache, 3.60 GHz.CPU Specifications # of Cores 2 # of Threads 4 Processor Base Frequency 3.60 GHz Cache 3 MB Bus Speed 8 GT/s # of QPI Links 0 TDP 51 Wregards,
allen -
This post is deleted! -
This post is deleted! -
This post is deleted! -
S stephenw10 locked this topic on
