XG-1537 1U HA questions before purchase
-
Hi All,
We're thinking of purchasing the XG-1537 1U HA to replace our virtualized PFSense installation.
This will be sitting in a data center 50 VoIP calls during business hours in addition to some RDP, WWW, FTP, etc. This is about an 80 / 20 split. We hover around 2Mbps during the day and then spike to 800+Mbps after hours when some backups are pushed in.
What will the physical infrastructure look like? The XG's will be the standard config ... no extra RAM, network ports, SSDs, etc. We'll use one of the XG-1537's 1Gbps links for CARP and then place it's two 10Gbps ports in primary / backup mode with one link going to switch 1 and 1 to switch 2. 1 XG will be powered by primary power and the other by a secondary feed ... typical HA setup.
We'll be running PFSense with a dozen rules, minor IPSec (VTI) traffic, PFBlocker and Snort. Snort is a big part of why I'm targeting the XG-1537 and not for example the 7100. Snort is running a large rule set ... mostly to block VoIP attacks ... for context we block for 15 minutes and have about 50 IPs blocked at any given time ... that's North American IPs only ... most other locations are Geo-blocked.
Questions for the community:
-
Any suggestions? Things to look out for?
-
We're looking to move to Netgate hardware to avoid bugs when updating to new releases as well as issues with Linux kernel that makes up our virtual environment that we're running. We're also looking to separate the firewall from the cluster so that it's a separate piece of our DR strategy. Feel free to comment here.
-
How limiting will the XG-7100 HA (should I entertain this to save $2000 upfront?) be when pushing traffic through Snort? Right now we have no issues pushing 800Mbps+ with the current setup.
-
Does it make more sense to buy from Netgate (my preference) or a partner?
thanks for any ideas / feedback in advance,
James
-
-
What hardware do you assigned to the current VM?
My preference would be for the XG-1537 if you need close to 1Gbps through Snort with a lot of defs/rules loaded.
Steve
-
Hi Steve,
It's a 3 node cluster running Proxmox. PFSense sits on the "spare" node by itself and has access to a Xeon X5670 and 4GB of RAM.
James
-
@binary_bandit said in XG-1537 1U HA questions before purchase:
Xeon X5670
All 6 cores (12 threads) from that?
What sort of CPU usage do you see currently?
The XG-1537 is a far closer match to that.
Steve
-
That's what I was thinking @stephenw10. I've assigned 6 CPU cores to the VM but since there are no other VM's running on the node, yes the VM has access to the entire CPU.
I don't see much more than 10% load during the day ... in the evenings the CPU spikes over 60% when backups come in from a remote site.
-
Mmm, it's hard to compare those directly but I'd guess you might be pushing an XG-7100 with that spike loading.
Steve
