USED Supermicro Server - anything to watch out for ?
-
I'm interested in putting together a Pf FW for testing and to start learning Pf.
I want to try out packages - squid (+ squid guard or DG), Ntop, Snort (reason for snort - interested in trying to identify which machine is spewing out viruses on a LAN so it does not kill the WAN link - i've had multiple recurring problems with this and need to find a way to identify the PC out putting these viruses). Possibly others packages i dont even know about at this stage.
From what i've read so far around here Ntop and snort are pigs that eat a lot. I was going to try the supermicro Atom board (D510 or newer D525 if i could find one) as i am very interested in IPMI. However the Atom is not going to do all i want when it comes to running packages (i think - not sure since i've never installed a Pf before).
The Pf needs to handle up to about 20 users max but most times around 5 -10 users. Speeds are very slow, around 512Kbps down 512Kbps up mostly but sometimes around 1M/bit down and possibly but rarely 1M/bit UP ( VSAT link - so slow and expensive is the order of the day )
I definitely need squid to try to cache static web content as much as possible and i definitely need to restrict what can be browsed and i definitely need to track what users are downloading/browsing - that VSAT BW is super expensive and its frustrating to have the manager complain about not being able to download email and all because someone in stores is downloading bit torrents. No use asking them to stop is there ;-0. So squid is a must have. I understand this means quite a bit of RAM and HDD space.
As mentioned we have HUGE problems with viruses - no matter how much office workers are asked not to click on attachments in emails they carry on doing it - so need to identify which machine is spewing viruses out this day - tomorrow it will be another machine , so this is a real problem. For this we want to try snort. Again a big resource HOG i understand.
I need to monitor BW usage as much as possible - a number of ways of doing this but want to start with NTOP - again resource intensive.
So those are my needs. I think the little Atom may have trouble doing all this ?
So what i am thinking is to buy an old Supermicro server off ebay. Doesn't have to be late model - all i want to do is run Pf as listed above. I am thinking anything from a Xeon 2.4Ghz to a Xeon 3GHz CPU will be fine. I plan to add 4GB of RAM - that should be plenty no ? Power consumption is a non issue - i live in a developing country where the power off the grid is all Hydro generated (so as green as can be ) and it is cheap - about 5c US per KW. So it doesn't matter about how much power is consumed. Only reason i was considering the Atom is it has everything i want including the IPMI in one neat little package. Power was never a thought in considering the Atom board.
SO given all this is there anything that i should definitely avoid in a Supermicro server? Is SCSI OK or best avoided? Is it better to stick with SATA HDD's? or it does not really matter. I see many old supermicro servers listed with Raid - i should just be able to take the card out or disable any on board raid i think so that should not be a problem. In general i am really only concerned about the HDD sub system ..ie SCSI or SATA (or ide on a really old server) and the NICs on board - i think everything else should be OK.
Anyone got any pointers before i buy something that wont work ?
Thanks for any help or opinions expressed.
-
The only advice I can give you is to take a look inside if possible. Pay attention to capacitors look for swelling and leaking. Those servers on ebay are usually pulled off some big corporations that use them for years before they decide to change them just in case.
About SCSI / SATA dilemma, what kind of SCSI disks are we talking about? If they are 15K cheetah or even 10K they can easily outperform any SATA disk. If budget is an issue you will have to settle with SATA disks. 4 GB of ram will handle 20 users with ease, but again it depends on how fast is your outside link and will you be using QoS, heavy routing, rules etc. 1 Mbit up/down link can be handled by the atom without problem.
-
Hi ARMac
Yep the atom will do the BW as it is so small - but i fear it wont do the packages i want to run - and i plan to run several.
As for the SCSI - no real plan on what to use - really its about whats available. I'm just cautious about SCSI because i don't want to end up with a server that has some weird controller that FreeBSD cant use - that would sink the ship. I'm in the middle of Africa so i have to have whatever i buy shipped in - no way to inspect. I thought $300 - 400 for a used server should be OK - the Atom costs this + ram and HDD etc.
Having said all that - is there a need for SCSI? i know there is a big difference in performance Vs SATA but do we need that sort of performance out of the HDD system and would it make THAT big a difference to the performance of the FW/Squid/Snort?
Learning lots here - thanks !
-
I don't think it will really matter with 20 users and 1 megabit connection. You can use Sata safely and the overall configuration of that box will serve 20 users without problem for that matter.
I really only noticed the advantage of SCSI disks (15k cheetahs) when 100+ clients are hitting the file server. On Gigabit LAN they make significant difference.
-
Some notes on squid here.
http://forum.pfsense.org/index.php/topic,29307.msg151896.html#msg151896I have no experience with snort, but I hear it's a pig :P
Update: squid reported working on 2.0 64-bit now.
http://forum.pfsense.org/index.php/topic,27536.msg152345.html#msg152345 -
So we will not be I/O bound then for low BW and relatively small number of users (say 10 to 20 max).
How much RAM is ideal? I know, i know …...how long is a piece of string...... but in general should we max out the ram on 1.2.3 to 3Gb? Ram is always beneficial of course but trying to get an idea of how much RAM we really need. In ver 2.0 is there much benefit to use, say 6 to 8Gb RAM? Just trying to get a feel for what is ideal and what is practical in the real world.
Can Pf use multiple CPU's and/or cores? Is it possible to set it up such that snort uses one CPU and the OS uses another CPU etc?
By understanding how Pf uses resources we can better identify what class of machine..ie/CPU/RAM/HDD to look for.
-
Can Pf use multiple CPU's and/or cores? Is it possible to set it up such that snort uses one CPU and the OS uses another CPU etc?
Check out this thread, in particular reply #4.
http://forum.pfsense.org/index.php/topic,26244.0.html
He's quoting a forum post that was addressing pf and ipfw specifically, so you will still want to look into snort's requirements.
-
Thanks ClarkNova!
Clears things up a bit.