I need a better network. Opinions please!
-
I'll start with an introduction of what I currently have and then what I want, and hopefully some of you can help.
I wired my house with Cat5e about 2 years ago (16 drops) and my little "NOC" is in the basement, under the stairs. I built my own custom rack which has a 24 port unmanaged gigabit switch, 24 port patch panel, and a 4U server running FreeNAS. I'm currently using my ISP-approved modem (SB6121) plugged into a modern Netgear wireless router (running stock firmware), and I have a re-purposed Linksys E4200 (V1) running DD-WRT as an AP in my bedroom (this was previously my main router). The FreeNAS box is also running jails for Apache and Plex.
I've been using FreeNAS for about 5 years now, so I know some basics about FreeBSD, but I am by no means an expert. I'm just really interested in networking. My profession is a Software Engineer, but I found a passion for networking a few years ago. I like to build it all myself and customize everything the way I see fit. So, here's what I want to do:
-
Get rid of both the Netgear router and Linksys AP
-
Install a Ubiquiti AP on the ceiling in the center of my house
-
Make my own beefy router running pfSense (full install) and place it into my rack
-
Spend less than $400 on the pfSense box
I thought I'd be fairly comfortable doing this because of my years of experience with FreeNAS and the hardware needed, but I'm having trouble figuring out what hardware is really necessary for me. Do I need tons of RAM? Is a Celeron too much CPU? Can I use some existing hardware to build it?
I still have my old FreeNAS CPU and mobo (AMD A4-5300, MSI FM2-A55M-E33), as well as 8GB of DDR 1333 RAM from that machine. Could I use this stuff and add a gigabit NIC to a PCI Express slot, or do I need to start from scratch? Also, how does pfSense's UI compare to something like DD-WRT? Will it be easy for someone like me to grasp, or is it Network Engineering level stuff?
Please let me know if more information is needed. I want to get this project moving along. :)
-
-
I'd recycle my old hardware and make your new pfsense.
But you do need to say how much bandwidth this thing needs to handle?
VPNs?
What will be demanded of it other than being there in the rack?
-
I'd recycle my old hardware and make your new pfsense.
But you do need to say how much bandwidth this thing needs to handle?
VPNs?
What will be demanded of it other than being there in the rack?
I'd like to be able to saturate the gigabit network, and possibly leave room to expand to a 10gbit network in the future. I frequently do large file transfers between my NAS and my computers on the network. My internet is only 60mbit/4mbit, so I'm not too worried about supporting that, but I'd like to make sure I can control QOS and do a lot of port forwarding without losing performance. I also need it to support custom Dynamic DNS servers.
-
I don't know about 10gbit, but 1 should be no problem I'd guess.
-
I would take the opportunity to audit the situation before transitioning.
How many devices. What kind of devices.
I've recently learned the benefits of segmenting as much as possible to keep protocol broadcast traffic to a minimum.
Actually, just following PCIDSS made the network incredibly faster.
-
I would take the opportunity to audit the situation before transitioning.
How many devices. What kind of devices.
I've recently learned the benefits of segmenting as much as possible to keep protocol broadcast traffic to a minimum.
Actually, just following PCIDSS made the network incredibly faster.
20+ devices, I'd say. Tablets, laptops, desktops, phones, gaming consoles, TVs. The usual stuff.
-
"how does pfSense's UI compare to something like DD-WRT? Will it be easy for someone like me to grasp, or is it Network Engineering level stuff?"
Dude where did you get the idea there was a gui?? ;) Its all done via cli using vi and editing conf files.. You then have to run them through a compiler.. Its really easy peasy stuff you will pick it up in no time ;) ROFL…
status of what is going on is simple to grasp
You can see here that flux capacitor is fully charged and that all the interfaces are online.. j/k
Yes the gui is very simple to use, if you could handle the dd-wrt gui then yeah pfsense is going to just as easy if not easier..
If you have 400$ to spend on pfsense box - why not just buy direct from the store? The SG-2220 is only $299.. But sure you could take that freenas box add some nics and away you go..
Good luck, have fun and remember lots of people here to help!!
-
"how does pfSense's UI compare to something like DD-WRT? Will it be easy for someone like me to grasp, or is it Network Engineering level stuff?"
Dude where did you get the idea there was a gui?? ;) Its all done via cli using vi and editing conf files.. You then have to run them through a compiler.. Its really easy peasy stuff you will pick it up in no time ;) ROFL…
status of what is going on is simple to grasp
You can see here that flux capacitor is fully charged and that all the interfaces are online.. j/k
LOL. Awesome. vi and conf files don't scare me too much though. :)
Yes the gui is very simple to use, if you could handle the dd-wrt gui then yeah pfsense is going to just as easy if not easier..
If you have 400$ to spend on pfsense box - why not just buy direct from the store? The SG-2220 is only $299.. But sure you could take that freenas box add some nics and away you go..
Good luck, have fun and remember lots of people here to help!!
Well, I looked into that, but I figured if I could build something much more powerful for $100 more, I'll just do it, if it all possible. The SG-2220 is kinda weak on specs. I know, it's probably 4x more powerful than my Netgear R6400, but why not go crazy and build something outrageous? I'd also like to build it myself just because I like to build new machines. :D
EDIT: I've also read the 2220 isn't capable of true 1Gbps throughput, which I would like to have. Even the 2440 isn't capable, so I've heard.
-
You will be using a switch as a backbone network, none of the interlan transfers even get to pfsense box at all, so there is no point to invest anything to it. Your AMD A4-5300 have WAY more than enough power to move bytes on 60mbit.
Build with what you have now, if you will be satisfied - you can always upgrade or move to more efficient hardware, assuming what moving configurations between pfsenses is a piece of cake (well, 99.999% times)
-
@pan_2:
You will be using a switch as a backbone network, none of the interlan transfers even get to pfsense box at all, so there is no point to invest anything to it. Your AMD A4-5300 have WAY more than enough power to move bytes on 60mbit.
Build with what you have now, if you will be satisfied - you can always upgrade or move to more efficient hardware, assuming what moving configurations between pfsenses is a piece of cake (well, 99.999% times)
I cannot seem to find my motherboard anywhere…weird. How about the AMD E-350? That was my first FreeNAS CPU a long time ago, and it did an OK job, so I'd imagine it'd be alright for pfSense?
-
1.6Ghz? Sure.
-
@pan_2:
1.6Ghz? Sure.
Thanks. I ordered an AP, a 2nd NIC for the board, and an SSD last night. Only about $180 total including the AP, so well under budget. I'll use that E-350 unless I can find the other mobo somewhere. Should be a good system to try out until I can find an inexpensive 2U or 1U chassis to put it all in.
-
which AP did you order?
-
I like ubiquity….
-
-
Good choice.. I have one of those, the LR and the lite in my house. Very happy with their performance.
-
Can't go wrong with that.
