Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Looking for high performance, brand name hardware

    Scheduled Pinned Locked Moved Hardware
    4 Posts 4 Posters 4.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      ManuCH
      last edited by

      We are an ISP (DSL and web hosting) who has started considering pfSense as an alternative to commercial firewalls.

      I have been browsing through the forum and Google, finding out the various recommended mainboard types, mainly for low-pps usage. We are playing around with an Alix board and definitely having fun with it.

      Now, to protect our entire server network, we are looking for something "bigger". Our current firewall, a Sonicwall Pro 3060, has a 2 GHz CPU and 256 MB RAM. The CPU usage with our current traffic (about 50 Mbit/s, 20 hosting servers and various small additional services) is about 30%.

      I think we're looking at the Intel C2D 2 GHz / 1 GB category with 2-3 GE ports.

      We would like to find "brand name" hardware if possible, although a major brand mainboard known to be reliable and fast will also be considered.

      Has anyone tried pfSense out with Dell/HP/etc. servers? Does it even make sense?
      What mainboard in that category would you classify as "the best", not considering price as a major factor? MSI, Supermicro, I couldn't really find out which models give the "best" result.

      Thank you in advance for your answers  ;D

      1 Reply Last reply Reply Quote 0
      • S
        sowen
        last edited by

        For what it's worth…
        I recently purchased an off-lease (used ) HP DL140 G3, 1U rack mount, 3Ghz Xeon, w/SAS drive bays and 2Gig RAM.
        The base machine was sub $400.00, by the time I added RAM, drive trays, etc...came to just over $500.00 (plus the cost of shipping and new SAS hard drives....)
        I like it so much I ordered another one to keep as a spare.

        pfSense installed with no issues, and recognized all hardware. I was a bit worried about the SAS controller/drives, but they showed up fine.


        Hardware Information
        Processors 1
        Model Intel(R) Xeon(R) CPU 5160 @ 3.00GHz
        CPU Speed 2.99 GHz
        PCI Devices - atapci0: Intel 63XXESB2 UDMA100 controller

        • ehci0: Intel 63XXESB USB 2.0 controller
        • isab0: PCI-ISA bridge
        • pcib10: ACPI PCI-PCI bridge
        • pcib11: PCI-PCI bridge
        • pcib12: ACPI PCI-PCI bridge
        • pcib13: ACPI PCI-PCI bridge
        • pcib14: ACPI PCI-PCI bridge
        • pcib1: ACPI PCI-PCI bridge
        • pcib2: ACPI PCI-PCI bridge
        • pcib3: ACPI PCI-PCI bridge
        • pcib4: ACPI PCI-PCI bridge
        • pcib5: ACPI PCI-PCI bridge
        • pcib6: ACPI PCI-PCI bridge
        • pcib9: PCI-PCI bridge
        • uhci0: Intel 631XESB/632XESB/3100 USB controller USB-1
        • uhci1: Intel 631XESB/632XESB/3100 USB controller USB-2
        • uhci2: Intel 631XESB/632XESB/3100 USB controller USB-3

        IDE Devices - acd0: DV-28E-C/B.4F

        SCSI Devices - da1: COMPAQ RAID 0 VOLUME OK

        • da0: COMPAQ RAID 0 VOLUME OK

        USB Devices none

        Hardware Information
        Processors 1
        Model Intel(R) Xeon(R) CPU 5160 @ 3.00GHz
        CPU Speed 2.99 GHz
        PCI Devices - atapci0: Intel 63XXESB2 UDMA100 controller

        • ehci0: Intel 63XXESB USB 2.0 controller
        • isab0: PCI-ISA bridge
        • pcib10: ACPI PCI-PCI bridge
        • pcib11: PCI-PCI bridge
        • pcib12: ACPI PCI-PCI bridge
        • pcib13: ACPI PCI-PCI bridge
        • pcib14: ACPI PCI-PCI bridge
        • pcib1: ACPI PCI-PCI bridge
        • pcib2: ACPI PCI-PCI bridge
        • pcib3: ACPI PCI-PCI bridge
        • pcib4: ACPI PCI-PCI bridge
        • pcib5: ACPI PCI-PCI bridge
        • pcib6: ACPI PCI-PCI bridge
        • pcib9: PCI-PCI bridge
        • uhci0: Intel 631XESB/632XESB/3100 USB controller USB-1
        • uhci1: Intel 631XESB/632XESB/3100 USB controller USB-2
        • uhci2: Intel 631XESB/632XESB/3100 USB controller USB-3

        IDE Devices - acd0: DV-28E-C/B.4F

        SCSI Devices - da1: COMPAQ RAID 0 VOLUME OK

        • da0: COMPAQ RAID 0 VOLUME OK

        USB Devices none


        The onboard broadcom NIC's (qty-2) seem to be working fine.
        iperf over a 100 meg link showed 96.6 ..... I'm good with that....(.022 jitter with a 5 meg UDP test if I remember correctly...)
        Currently using 1 drive for pfSense, and the 2nd drive for Squid cache (and a small FTP partition to store access.log files on...)

        I currently run Squid (with LDAP and a custom authentication helper for eDir auth), snort (emerging rules only..on both LAN and WAN), cron, lightsquid, bandwidthd, darkstat, and ntop.
        This model has (I believe) room for 1 more NIC, should I ever need to add one.

        I haven't got it under heavy load yet, but I have been buring it in for the last couple of weeks with no issues at all.

        1 Reply Last reply Reply Quote 0
        • R
          rkelleyrtp
          last edited by

          We have pfSense installed in our data center on a pair of Tyan B5377 servers running a quad-core Xeon (2.6GHz) with 2GB RAM, 80GB SATA drive, and a dual-port Intel-Pro GB NIC.  Working flawlessly.

          If you visit newegg.com, you can see their server barebones  offerings.  Typically, any Supermicro or Tyan rack-mount servers  work very well.  Going forward, we will get the Supermicro boards because the IPMI (IP KVM) ports are standard.

          1 Reply Last reply Reply Quote 0
          • valnarV
            valnar
            last edited by

            I recommend Supermicro boards (or barebone servers) simply because they include Intel NIC's on the motherboard.  They are one of the best choices for pfSense.

            As to which one depends on your budget and needs.  When comparing against an incumbent appliance though, you'll want to go a little higher on the CPU to match it.  Despite what the BSD zealots will say, FreeBSD is a full multi-purpose operating system and thus is not quite as tuned as an appliance vendor like Cisco, Juniper, Sonicwall etc.

            If you want something pre-built with a warranty, this company is known to use Supermicro boards.
            http://www.ironsystems.com/products.asp

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.