Best way to change from /24 subnet to /23? Need more IP's
-
If you want cheap, buy a used off lease or refurbished box off newegg, for example.
Assuming you have a server made of server hardware with intel nics just make sure to add in the same number of em interfaces to your new(ish) backup.
So my main box is this: https://www.amazon.com/gp/product/B019Z8T9J0?ref_=pe_623860_70668520
J1900 with 8gb ram & a SSD (64 or 128 - i forget).Should i get something better & my original box becomes the spare?
-
That system will not be able to run the next major release of PFsense as it does not support the AES-NI CPU instruction set that will be required. you might plan on purchasing a replacement and a spare.
-
Buying a new box from netgate to use as the main or building your own and making it the main also works.
Just be sure the wattage is low enough for your tastes, the cpu supports AES-NI, it is 64 bit and you build it with compatible intel nics.
I prefer speed to maximum energy efficiency, so these processors are my pick for building a new pfsense.
My way includes fans. May not make you happy.
https://ark.intel.com/products/codename/82879/Kaby-Lake (You have to love one of them)
Otherwise, you can buy one of those reasonably powerful server board that come with a 8 core atom chip and a whole bunch of intel nic ports built in. $$$$
Or a board with only 2 intel nics. 1 for lan and 1 for wan. And a managed switch with a nice web gui and vlan support. So long as your 1 LAN port can match the speed of your ISP
-
"if I use DHCP & need to reboot a PC & the router is down"
Why would your router be down.. This is when dhcp failover becomes important for any org that needs dhcp to work because systems are on and off the network all the time, etc.
-
That system will not be able to run the next major release of PFsense as it does not support the AES-NI CPU instruction set that will be required. you might plan on purchasing a replacement and a spare.
Whats amusing is I started running PFsense with as a VM on my Esxi box & moved it to that physical box for the sake of ensuring a dedicated box would be running. It looks like i may have to go back to running it on a VM .
-
I bought a 10" samsung windows tablet which has a Kaby Lake processor & man it is fast! Right on par with my 4th Gen I7 laptop in terms of speed.
I will have to look at what is available off the shelf. I prefer lower energy consumption if possible as electricity gets expensive with all these 24/7 devices. The fan noise is OK with me as its in a server room / wiring closet.
Anything less spendy than $550 for a small form factor fanless AES-NI 64 bit system?
Buying a new box from netgate to use as the main or building your own and making it the main also works.
Just be sure the wattage is low enough for your tastes, the cpu supports AES-NI, it is 64 bit and you build it with compatible intel nics.
I prefer speed to maximum energy efficiency, so these processors are my pick for building a new pfsense.
My way includes fans. May not make you happy.
https://ark.intel.com/products/codename/82879/Kaby-Lake (You have to love one of them)
Otherwise, you can buy one of those reasonably powerful server board that come with a 8 core atom chip and a whole bunch of intel nic ports built in. $$$$
Or a board with only 2 intel nics. 1 for lan and 1 for wan. And a managed switch with a nice web gui and vlan support. So long as your 1 LAN port can match the speed of your ISP
-
"if I use DHCP & need to reboot a PC & the router is down"
Why would your router be down.. This is when dhcp failover becomes important for any org that needs dhcp to work because systems are on and off the network all the time, etc.
I think I need to do some reading on DHCP failover - however could i use a VM as the Secondary DHCP?
Is this what I need to make it happen: https://doc.pfsense.org/index.php/Configuring_pfSense_Hardware_Redundancy_(CARP)
I cant find any video online but any hints would be great!
-
Some of those Kaby lake processors have low enough power requirements to run fanless.
Still, I think the 4 and 8 core atom boards would be fire and forget reliable.
I'm running one atom system fanless… The fan died and it made no difference in cpu temps so I just pulled off the fan.
-
That being said - if I use DHCP & need to reboot a PC & the router is down, I think I am out of luck for internal communications. Am I missing a big Pro beyond it would be much easier to change subnets?
-
You can have multiple DHCP servers. DHCP is designed that way, so the client goes with the first server that responds. You can configure the DHCP servers to hand out different blocks to prevent multiple devices from getting the same address, but these days, duplicate address detection is used to prevent that. Of course that's not an issue when you map IP to MAC addresses.
-
You can set a long lease time that will likely see you through any failure. Once a device has an address, it owns it for the duration of the lease.
-
-
Yeah the simple way to run multiple dhcp is just have them hand out different blocks.. But there are much better ways to do it where the dhcp servers exchange the leases so, etc. Sure you could run pfsense via carp to do it. But you can also set it up on other systems like MS latest server versions dhcp has added a lot of dhcp failover and redundancy features.
