Need some quick feedback, have to build a new box



  • So in typical Colorado spring time fashion, my old pfsense box got fried during a power trip (damn snow / branches on the power lines) and I need to build a new box post-haste.

    I have a 22/4 line from Comcast.  I have read the docs that say I need 400-600 MHz for this kind of connection, but I wanted to see if anyone else is using something this "slow" for their pfsense box.  I have an old Celeron 700 that I can rush into service, but I was used to having my burly 3.0 GHz Hyperthreaded P4 doing my pfsense chores for me.  Will the celly be overloaded, or should it be ok you think?  I'll probably plug 256 MB of RAM into it, don't know if I have any more than that.

    I have an old Duron 1.3 GHz here as well if that would fit it better, I just don't trust the heatsink retaining clips, as one of the pegs is busted, so I'd prefer to use the Celeron.


  • Rebel Alliance Developer Netgate

    The 700MHz box would probably pass traffic on that just fine.

    Even a little embedded ALIX unit can push about 85Mbit total and it's only about 500HMz or so.



  • Ok, thanks.  I wanted to err on the side of caution before I invested too much time into it.  Good to know!  I know BSD/pfsense is lightweight, just didn't know how light it really is.  :)



  • Ugh.  So slow.  I realize it's a Celeron 700, but it's slower than I thought it would be.  Not nice.  Guess I'll see about salvaging the P4.  It turned out to be a toasted PSU, so it's not all lost.



  • Are you sure it's just the chip speed that causing it.  I went from a dual Opteron Linux box with iptables, to a Thin Client runnin pfSense, at 1Ghz, and from my internal network I didn't notice any difference.

    Cheers.



  • What kind of NICs are in it?  What's "slow"?  Very doubtful your CPU is the bottleneck.



  • @EddieA:

    Are you sure it's just the chip speed that causing it.  I went from a dual Opteron Linux box with iptables, to a Thin Client runnin pfSense, at 1Ghz, and from my internal network I didn't notice any difference.

    Cheers.

    What thin client did you put this on?  Very curious, have an HP something-something thin client at the office that I'd like to pinch for a packet sniffing role on a mirrored port.  Does your thin client have two NICs?



  • @gravyface:

    What thin client did you put this on?  Very curious, have an HP something-something thin client at the office that I'd like to pinch for a packet sniffing role on a mirrored port.  Does your thin client have two NICs?

    It's an HP T5720, currently with 512MB, but moving to 1GB as soon as the memory I bought gets here.  I'm also thinking of getting a bigger DOM module for it.

    I bought it off eBay, with the PCI Expansion kit already installed, so it has the internal NIC, and a second plugged into the expansion.

    Cheers.



  • whats the current DOM size you currently have and how well is it working for you?@EddieA:

    […]

    It's an HP T5720, currently with 512MB, but moving to 1GB as soon as the memory I bought gets here.  I'm also thinking of getting a bigger DOM module for it.

    I bought it off eBay, with the PCI Expansion kit already installed, so it has the internal NIC, and a second plugged into the expansion.

    Cheers.

    and did you plan for using packages that will possibly write to the disk (DOM?) a lot? if not the the DOM would be good since you don't want the DOM to end its life earlyer then needed…lots or writing to any DOM (or any flash based item is not good for there health...)



  • @jaime:

    whats the current DOM size you currently have and how well is it working for you?

    It's 512MB, which is the smallest image size of pfSense available.  I'm thinking of the future, where this size might be dropped.

    @jaime:

    and did you plan for using packages that will possibly write to the disk (DOM?) a lot? if not the the DOM would be good since you don't want the DOM to end its life earlyer then needed…lots or writing to any DOM (or any flash based item is not good for there health...)

    I know all about the write cycles, and have no plans to add any packages. Well, not yet anyway.

    Cheers.



  • @EddieA:

    @jaime:

    whats the current DOM size you currently have and how well is it working for you?

    It's 512MB, which is the smallest image size of pfSense available.  I'm thinking of the future, where this size might be dropped.

    @jaime:

    and did you plan for using packages that will possibly write to the disk (DOM?) a lot? if not the the DOM would be good since you don't want the DOM to end its life earlyer then needed…lots or writing to any DOM (or any flash based item is not good for there health...)

    I know all about the write cycles, and have no plans to add any packages. Well, not yet anyway.

    Cheers.

    ok, if you looking to "future proof" the box with out too much over kill I would suggest a 1 - 2GB DOM (which I have my self) and as far as processer goes the celly should be enough, I have a single core sempron running the show on my PF box and I have yet to see it spike above 1% CPU useage…and its about 2.x (might be more) GHz with 2 GB ram (incase I get enough states with all 5 computers in my house and any other i may have running at the time) and thats plunty for me, as for your situation you don't seem to be doing too much more so based on your your doing you should be ok with at least 512MB ram (recommend 1GB ram for better performance and the ability to handel more states incase you need it).

    my PF box is running on a 2GB ram DOM and I have no fans in it (ecept for the PSU which I refuse to do any thing with (its quiet enough anyways) so it uses pasive cooling for the most part which does not seem to effect its performance much (its not doing alot so its not needing to work hard...)

    all in all based on what you have you should be god to go for the most part...


Log in to reply