4. Suggestion on hardware for new pfsense build

Suggestion on hardware for new pfsense build

  • P

    Hi,

    I am new to this forum. And also a new pfsense user. I am working on setting up a HA pair with Dell hardware. The following are the specs. I am looking into. Since I am not sure if the RAID cards are compatible with pfsense (freeBSD 11.2R release), I am hesitating a bit whether to purchase Dell nodes for this or not.

    Below are the specs. on a Dell PowerEdge R640 I am looking at:

    (1) PowerEdge R640 Server with the following configuration ->[1] PowerEdge R640 Motherboard
->[1] No Trusted Platform Module
->[1] 2.5 Chassis with up to 8 Hard Drives and 3PCIe slots ->[1] PowerEdge R640 Shipping
->[1] PowerEdge R640 x8 Drive Shipping Material
->[1] Intel Xeon Silver 4110 2.1G, 8C/16T, 9.6GT/s , 11M Cache, Turbo, HT (85W) DDR4-2400 ->[1] No Additional Processor
->[1] Blank for 1CPU Configuration
->[1] Standard 1U Heatsink
->[1] 2666MT/s RDIMMs
->[4] 16GB RDIMM, 2666MT/s, Dual Rank
->[2] 1TB 7.2K RPM SATA 6Gbps 512n 2.5in Hot-plug Hard Drive
->[1] Performance Optimized
->[1] Unconfigured RAID
->[1] PERC H330 RAID Controller, Minicard
->[1] No Operating System
->[1] No Media Required
->[1] iDRAC9,Enterprise
->[1] iDRAC Group Manager, Enabled
->[1] iDRAC,Legacy Password
->[1] Riser Config 4, 2x16 LP
->[1] Intel X710 Quad Port 10GbE SFP+, rNDC
->[2] Intel X550 Dual Port 10GbE BASE-T Adapter, PCIe Low Profile
->[4] Dell EMC PowerEdge SFP+ SR Optic, 10GbE, 850nm
->[1] No Internal Optical Drive for x4 and x8 HDD Chassis
->[1] 5 Standard Fans for R640
->[1] Standard Bezel
->[1] Dell EMC Luggage Tag
->[1] No Quick Sync
->[1] Performance BIOS Settings

    As you can see, this proposed config has PERC controllers - have anyone used a Dell system with PERC RAID cards to build a pfsense system?

    Do you have any recommendation on an alternative system (or specs. ) of choice for a pfsense build?

    thanks for your help in advance.

    0
  • A

    What are you going to put on the other side of pfsense, like on your LAN network(s), of other optional networks? That's a lot of machine, what do you actually want to do with it?

    Jeff

    0
    P
     1 Reply
  • P

    @akuma1x

    I am setting this up so we can put about 105 nodes behind it in the LAN side. there are several VLANs that this box would have to handle and mange traffic to/from.

    thanks.

    0
    A
     1 Reply
  • A

    @pfsense_rookie said in Suggestion on hardware for new pfsense build:

    @akuma1x

    about 105 nodes behind it in the LAN side

    When you say "nodes" does that mean client machines?

    What kind of bandwidth are you going to push? What's your internet WAN connection look like (speed, connection type, single provider or multi provider, etc). Do you want to do heavy-filtering of inbound or outbound traffic? Do you want to do any kind of monitoring or proxying of content or traffic?

    Jeff

    0
    P
     1 Reply
  • P

    @akuma1x

    To answer your question in short, 'yes' to everything you mentioned. Multi WAN provider, heavy duty filtering on both ends, some proxying, etc.

    I know the CPUs are good enough, I am worried whether Intel X710 cards are good enough or the RAID cards are good enough , etc. . I can even get a better CPU system, if needed.

    thanks

    0
  • LAYER 8

    there are still trouble with the x710 ( ixl driver) under pfsense --> aq_add_macvlan err -53, aq_error 14:
    https://forum.netgate.com/topic/136201/new-version-2-4-4-interface-error-aq_add_macvlan-err-53-aq_error-14/
    x550 work great for me
    based on this
    https://www.freebsd.org/releases/11.2R/hardware.html
    there should be no problems installing pfsense
    PERC H330 is supported

    0
  • P

    Thanks. I was not comfortable with x710 cards as well. I had issues with them in CentOS 7.5 , I had to turn off TSO.

    Since my switches are all SFP+ I can’t use a 550 card directly ( I have to get a converter). How about x520s? Do you or does anyone have experience using intel x520 cards? In your installation, what driver the x550 use? I might be able reference that to see if a x520 might use the same driver.

    Also , Dell does not sell chelsio cards in their site. Perhaps I can buy chelsio cards in the netgate store and add them in the box? That’s another thought I was having.

    0
  • LAYER 8

    the x550 use ix driver
    the x710 use ixl driver
    idk about x520
    maybe @stephenw10 can aswer about it and the chelsio

    0
  • P

    Thanks! Do you get full 10gbps throughout with the x550 card?

    0
  • Netgate Administrator

    x520 is fine, also uses the ix(4) driver.

    The NIC will not be the limitation in getting close to 10Gbps, the CPU usually is. But with that CPU... I've never run pfSense on anything that powerful personally.

    Steve

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy