PFSense on VM or dedicated T620?
-
My current system consist of a Unifi AC Pro AP, an old Asus AC1750 as my router. It serves its purpose. I don't do anything fancy except for a few port fowards to my Blue Iris server and HomeSeer.
The Blue Iris server is an i7 6700 with 32Gb of ram with quite a bit of resources to spare. Instead of jumping in with both feet, I'm thinking of buying a 2 or 4 port NIC and slap it on the Blue iris server and spin up PFSense on a VM.
I have 60 devices on my network but about 10 of those are really using any WAN resources. The rest are IOT, rachio, Ecobee etc..
Would PFsense in a VM would be better than the Asus?
I like the ASUS since it comes with a free DDNS but I also have a duckdns acount that I can rely on.
-
Probably.
There are numerous free dyndns services so that's not really a reason to stick with it IMO.
The disadvantage of running in a VM is if you have to reboot the host you lose all connectivity. That can be very inconvenient. It can require manual intervention to boot back up after a power failure for example if something is relying on pfSense being there to come up correctly. You can find yourself in a chicken/egg situation.
Steve
-
@stephenw10 said in PFSense on VM or dedicated T620?:
It can require manual intervention to boot back up after a power failure for example if something is relying on pfSense being there to come up correctly. You can find yourself in a chicken/egg situation.
Steve
This is all it took to convince me not to put it on a VM. I travel a lot and require my internet to be reliable so I can remote back home. When something goes down, I'd like to be able to have the wife be able to power cycle the device and let everything mingle up.
-
I mean it might not and if you test it to make sure then it should be OK. Just something to be aware of. If your VM pfSense it running DHCP and DNS for the rest of the network and it isn't up yet because the hypervisor is still booting what happens.
Or worse when the hypervisor somehow fails because pfSense isn't up yet! I mean that would be very poor planning but it would not be the first time I've seen that.
Steve
-
I honestly don't know how PFSense will benefit me since I don't do all that much on my home network. My internet speed is only 200/10 so it's not like I'll gain anything there.
I work in the industry and feel like I have an obligation to mess with everything IT related that just seems cool.
-
Ha, I know that feeling!
Install it in a VM and test it.
Steve
-
@cheapie408 FWIW ( and worth every penny paid...), my Hyper-V host has it's BIOS power options set to start when power is restored (and, of course, on a UPS anyway) and pfSense set to always start. Would be a real PITA to set static DHCP reservations for 60 IoBS devices, though.
-
I got PFSense spun up in a VBox and a couple VM's running to play around with, with no problem. I'm going to mess with it for a few days before dropping $180 on a PFSense dedicated box. I'd rather spend that money on adding another AP to add coverage to the home than a PFSense box.
The one thing I think I'll benefit most is the ability to monitor my network traffic and identify bandwidth hogging device and watch for attacks on my network.
-
@cheapie408 You could just hook up a LAN port of your Asus AC1750 to your LAN net to expand your WiFi. So much money I've saved you already!
-
@provels said in PFSense on VM or dedicated T620?:
@cheapie408 You could just hook up a LAN port of your Asus AC1750 to your LAN net to expand your WiFi.
That's exactly what I don't want to do. I turned off the WiFi on the Asus so I can manage all my WiFi devices from the Unifi software.
What's funny is after posting this message, the Asus stalled and I lost all internet connection. I had to power cycle the damn thing. This happened at least 3 times in the past 2 months and one of those time was when I was away. A higher power is trying to convince me of PFSense.
