Dedicated Server for PFSense or VM on said hardware?

  • Good Evening,

    I am upgrading from my current PF Sense box (Dell R300 / 24GB ram / Single - Intel(R) Xeon(R) CPU X3323 @ 2.50GHz 4core/4thread) which only has dual onboard NICS to a Dell R610 which has Quad onboard NICS / Dual - Intel® Xeon® Processor E5620 @ 2.40 GHz 4core/8thread and 32Gb of ram. I have a 2nd R610 that has no CPU or Ram so I could take half of the CPU and Ram and sell the other box or do you think I should keep it in the current server and run PFsense in a VM with maybe something else along side it. I run Dual ISPs and have a Dell R710 running UnRaid for Plex and some home automation work. Just trying to get an idea. Are you more prone to issues with PF if you are running it in a VM instead of stand alone on the box? Sorry for the ramblings.

    Will G.

  • How do I fix the run on post?

  • Netgate Administrator

    It was the initial text indent. nodebb sees that as formatting to be interpreted. As code in this case for some reason.
    I fixed it.

    Nothing you can do in pfSense requires either 32GB or 24GB. You could certainly use that more efficiently as a hypervisor. That is more complex though.


  • This post is deleted!

  • Can you advise if a Hypervisor would be just as stable as a dedicated box?

  • Netgate Administrator

    It can certainly be as stable, sometimes more so. The hardware presented by a hypervisor to pfSense is very generic and usually well tested. No exotic driver controllers etc!
    There are advantages to running as a VM. Take a snapshot before an update (or any change) to reduce the risk to close to zero.

    There are disadvantages. Is it secure? It's easy to misconfigure something and end up connecting it outside the firewall.
    What happens if you have to reboot the hypervisor? Are you in a chicken and egg situation where the hypervisor needs pfSense to be running?

    Those are things to be aware of. Test it and make sure the hypervisor can reboot. There are lots of people running virtualised.


Log in to reply