PowerEdge R200 configuration
-
We're currently running pfSense on our out-of-warranty box. It's fulfilling our needs, so we're ready to invest in real hardware.
pfSense is serving internet to our 25 employees, increasing in the near future to 50 employees or maybe some more and a couple of development servers.
We have a multi-wan configuration with two ADSL connections. Besides the LAN there's an extra LAN for our voip phones and the phone server.
With the new firewall probably one or two extra LANs or maybe DMZ will be added.
OpenVPN is serving our guys in the field.This is what I'm thinking of:
DELL PowerEdge R200 (SV3R200)
Dual Core Intel Xeon E3110, 3.00GHz, 6MB Cache
1GB Memory, DDR2, 667MHz (2x512MB Single Ranked DIMMs)
C1 - Onboard SATA, 1 Drive connected to Onboard SATA Controller - No RAID
160GB SATA (7,200rpm) 3.5inch Hard Drive
Two times: Intel PRO 1000PT 2-poort serveradapter, Gigabit-NIC, Cu, PCIe x4
Or even with: Intel PRO 1000VT Quad Port Gigabit Network Card, PCI-EWe use Dell servers all the time because of their good support, so this is a logical choice for us.
The CPU is fast enough, even an 700MHz pc was holding our users.
1GB RAM should be fine I think.
Hard disk and controller have no minimum requirements. Too bad Solid State Disks aren't available.I'm in doubt of the Network Interface Cards driver support.
Is the integrated NIC supported (The PowerEdge 1750 integrated BCM5704C NIC is in the HCL)
Both the 100PT and 1000VT aren't in the FreeBSD 6.2 nor 6.3 release notes.I would love to hear your thoughts of this configuration and whether it will work.
-
I would focus on looking at what's supported in the freebsd 7 arena, 1.2.1 is based on 7 and the hardware support is MUCH improved. The main complaints I've heard with newer rackmount equipment is the RAID/SATA controllers…
-
You've probably already seen a post about this, but I was in the same boat a couple of weeks ago. I ran across an alternative here:
http://www.abmx.com/1u-miniserver-with-gigabit-lan-p-362.html
The advantage is that you get plenty of intel nics without having to purchase them extra on the Dell box. I've also spoken with a rep. at ABMX and they have sold this model for pfSense in the past. They are even installing pfSense for their internal QA purposes before sending me the boxes.
The ABMX warranty doesn't compare with Dell's NBD or 4 hour response but even a 4 hour response is awfully long for your perimiter firewall. So I wound up buying two of the ABMX machines for the cost of a souped up r200 with Raid, 4 hour warranty etc.. The idea is to have a hot stand buy or go for the gold and cluster them with CARP. (CARP requires extra public IP's to work, or so I've heard).
Jim
-
You can't use an R200 with pfSense 1.2-RELEASE as neither the built in ICH9 SATA controllers nor the optional SAS 6/iR controller are supported in FreeBSD 6.2-RELEASE, and hence in pfSense 1.2-RELEASE. Without a storage controller, you're stuck!
This problem is solved in FreeBSD 6.3-RELEASE or later, and 7.0-RELEASE or later. Accordingly, you can use an R200 with the pfSense 1.2-RELEASE build based on FreeBSD 6.3-RELEASE, pfSense 1.2.1-BETA or pfSense 1.3-ALPHA-ALPHA.
The built in NICs are perfectly decent Broadcom server NICs - they work with the bge(4) driver in FreeBSD, and support ALTQ, so you can use them with pfSense's traffic shaper. To that end, I see no point spending money for add-in Intel NICs, so long as 2 NICs are enough. You can always use 802.1q VLANs - I do.
-
You've probably already seen a post about this, but I was in the same boat a couple of weeks ago. I ran across an alternative here:
http://www.abmx.com/1u-miniserver-with-gigabit-lan-p-362.html
Noise level (during normal operation): ~ 56dBA (ISO 7779 operator position 0.6 meter)
Ouch! Does it come with ear muffs? :)
Cheers,
-
Before you get A dell R200.. read this :
http://forum.pfsense.org/index.php/topic,12372.0.html
Anybody know how to get the stable 1.2 build working on the dell? It seems the 1.2RC version will not work properly on the dell r200 :(
-
Thank you guys for all your answers!
Unfortunately we have come to the conclusion that pfSense is not mature enough for enterprise use in our company. I'm not saying it can't be used that way, but make it running on new enterprise hardware seems to be bothersome. Together with some other small, and less small issues, we decided to switch back to a hardware firewall; a cheaper and in our eyes more reliable solution which is less risky.
Maybe we get back on this decision some day, but for now it seems the best choice.