1U Server Recommendation - R210 vs R410

  • Hi,

    I'm brand new to pfsense and this community. Our small business would like to protect two different app servers on the web with pfsense. These app servers are hosted in a datacenter and are connected with Gb ethernet. These servers are high traffic and we'd like to enable Suricata for intrusion detection and prevention.

    Since we are a small business, our budget is tight. We are looking for a high performance 1u rack mount server that will run full speed (~950Gbps) with Suricata running with lots of rules enabled. The two servers we are looking at are the:

    • Dell PowerEdge R210 II (4 core Xeon) ~$250 used on eBay
    • Dell PowerEdge R410 (12 core Xeon) ~$125 used on eBay

    Oddly the R410 has way more impressive hardware and is half the cost of the R210. I've read that the R410 is louder and requires more power than the R210, but I don't care since it's sitting in a datacenter and we don't pay the power bill.

    Appears lots of folks are preferring the R210 for pfsense, but why would I pay twice as much for the R210 when I could get much more processor with the R410? As of mid-2019 is there even a better choice that I am not considering?

    I have noticed in my lab testing that more than Suricata won't start if you have more than 4 cores, unless you bump up the memory settings. Would I expect even more issues by having 12 cores (24 thread) in pfsense?

    Lastly, any benefit to using ECC RAM over non-ECC?

  • Banned

    Don't be a fool an rely an important part of your business on used hardware. Go with fully supported hardware: https://www.pfsense.org/products/

  • Netgate Administrator

    I would certainly at least get two and put them in HA if that is business critical.

  • LAYER 8 Netgate

    You can also get pretty good deals on used dell hardware with a warranty if you want from places like www.stikc.com and www.servermonkey.com (I have used and been happy with both) instead of some random ebay seller. That said, a pair of XG-1537s would sing here.

  • Actually, I just found the SG-3100. It has a built-in switch and may be ideal as it may just be small enough to fit without taking up another 1u slot or at worst, only take a 1u slot as I don't need a separate switch. The price is just within the budget.

    Only question is, is this SG-3100 powerful enough to route full gigabit speed with Suricata running?

  • Netgate Administrator

    It's hard to be exact about that since Suricata can affect throughput widely depending on what rulesets you have loaded and the detection engine settings but; probably not.
    The SG-300 can route/firewall at close to Gigabit line rate (depending on test conditions). Adding Suricata to that will impact it to a greater or lesser degree.


  • Thank you for all your replies and help. I ended up going with the SG-3100, which includes a built-in switch. I believe it's going to be fast enough based on my research. At the very least, it'll be more secure (if I can get Suricata working).

Log in to reply