Building my first PFSense machine ( Yeah Baby ! )
-
Hello,
We are currently having a look at a PFSense solution for a few customers, and I would like to have some advice in building cheap Box.I am currently looking at some HW components, but would love to have the community opinion on this hardware setup before purchasing it.
Since I am kind of a noob on PFSense please feel free to give my any advice that you would think relevant ;)HW List :
CPU: AMD Athlon II X2 3Ghz
MB: Gigabyte a75-UD4H FM1 DD
Video: ATI Sapphire HD5450
RAM: 8GB DD3 1333 Kingston
Hd: 160GB IDE Caviar
Ethernet: Conceptronic C1G32I (ver 6.0)Since I am in Europe, I have found it hard to find matching equipment’s on the FreeBSD 7.2 comp list. Maybe some users could also give me some tips on this issue
Thank you all in advance for your Help ;D
FlyPig.
-
Several things:
Welcome to pfSense! :)
You haven't told us what you are going to be doing with this box so it's impossible to judge the hardware. What throughput do you need, are you using VPNs or additional packages (squid snort etc)?
That list will produce a powerful machine though so it'll probably handle anything you need.
That motherboard appears to have on-board graphics so there is no need for a discrete card.
That network card is 32 bit PCI which may restrict your throughput if you are looking for close to 1Gbps. Also it's Realtek based which is not necessarily a problem but generally Intel NICs are preferred.pfSense 2.0 is built on FreeBSD 8.1 so check the hardware list for that.
Steve
Edit: I've just seen that the onboard NIC is a Realtek RTL8111E. If you search the forums for that NIC you'll see that there are a number of hardware revisions for it and only some of them are supported by the driver that ships with pfSense 2.0.
-
Several things:
Welcome to pfSense! :)Thank for your warm welcome and fast response :) Actually just discovered about this system, can't wait to get my fingers on it. I am originally a Microsoft guy ( Yes.. I Know ;) )
About time for me to look at other options I guess :PYou haven't told us what you are going to be doing with this box so it's impossible to judge the hardware. What throughput do you need, are you using VPNs or additional packages (squid snort etc)?
Basically the machine will need to connect to different media ( 3G Router, DSL, and satellite) and will need to provide automated link switching, fire-walling, link aggregation between ADSL's and client bandwidth management and monitoring.) This is part of a project I am putting together for my new business. I would love to use it as a central node for our WiFi client network also over a public domain. So plenty of different applications. But for the moment this is a test machine.
That list will produce a powerful machine though so it'll probably handle anything you need.
lol, I tried to find the lowest spec machine actually :)
That motherboard appears to have on-board graphics so there is no need for a discrete card.
Possible, I am not sure, but if she has one, I will go for it yes.
That network card is 32 bit PCI which may restrict your throughput if you are looking for close to 1Gbps. Also it's Realtek based which is not necessarily a problem but generally Intel NICs are preferred.
OK. This machine will mainly be a gateway for internet access, so I think that the odds of reaching Gbps are low ;)
pfSense 2.0 is built on FreeBSD 8.1 so check the hardware list for that.
Steve
Ok, I thought it was on a 7.2, my bad, I will look in to that.
Edit: I've just seen that the onboard NIC is a Realtek RTL8111E. If you search the forums for that NIC you'll see that there are a number of hardware revisions for it and only some of them are supported by the driver that ships with pfSense 2.0.
OK, So basically I can go for virtually any Intel based NIC ?
FlyPig
Edit: I will actually run into a problem very fast : I will probably need at term to have something like 5 or 7 or 10 ADSL's attached to the Pf Sense box. The problem is that there is no way I can have that many physical NIC's on the machine. Is there a way to create virtual Nic ?s ? and connect them all to a switch that will access the routers ?
-
Ha, I'm used to dealing with dusty old P3s and passively cooled Atoms so this looks quite fast to me. ::)
Almost everyone started as a Microsoft guy! (though I guess there are increasing numbers of Mac guys)
I've never used link aggregation but I know pfSense can do it: http://doc.pfsense.org/index.php/LAGG_Interfaces
If you need a lot of interfaces just use a VLAN capable switch and virtual interfaces as you suggest:
http://doc.pfsense.org/index.php/Multi-WAN_using_VLANs_with_pfSense
That page is a bit old now but it mostly still applies.Intel NICs are, generally speaking, better supported by FreeBSD than others. Though there are exceptions. Because the pfSense 2.0 is built on FreeBSD 8.1 it has drivers from around May 2010, when the code was branched. Newer cards may, therefore, not be supported. It's best to search the forums and check. pfSense 2.1 will be built on FreeBSD 9, the first pre-alpha builds may be available soon.
-
Ok, I will try to get this machine working and have a look for the Intel NIC 's then. That is a soon I have figured a way to get it running. ( I have just won the award of the supidest question on this forum I think there : http://forum.pfsense.org/index.php/topic,43540.0.html ) ;)
thanks for you help, I will keep you posted as soon I get working on the Link aggregation. ( VLan's seem to be the answer yes :) )Thank you for your Help,
FlyPig.
-
Actually I believe (though I've not tried this either) you need to use ML-PPP to aggregate several DSL lines and this seems to be a bit dependent on your ISP.
http://doc.pfsense.org/index.php/Multi-Link_PPP_%28MP/MLPPP%29Oh and it's web based in case you haven't realised yet! ;)
Steve
-
Hello,
We are currently having a look at a PFSense solution for a few customers, and I would like to have some advice in building cheap Box.I am currently looking at some HW components, but would love to have the community opinion on this hardware setup before purchasing it.
Since I am kind of a noob on PFSense please feel free to give my any advice that you would think relevant ;)HW List :
CPU: AMD Athlon II X2 3Ghz
MB: Gigabyte a75-UD4H FM1 DD
Video: ATI Sapphire HD5450
RAM: 8GB DD3 1333 Kingston
Hd: 160GB IDE Caviar
Ethernet: Conceptronic C1G32I (ver 6.0)Since I am in Europe, I have found it hard to find matching equipment’s on the FreeBSD 7.2 comp list. Maybe some users could also give me some tips on this issue
Thank you all in advance for your Help ;D
FlyPig.
Some things to take note of:
Your choice of motherboard is NOT compatible with the CPU you chose. That is a FM1 board which needs an AMD Fusion chip (CPU contains a Radeon HD GPU).
You should look for an Nvidia 7025/ 7050/ 6150SE board if you want something cheap. Other good choices are boards with AMD's 740/780/785/880 chipsets. These will accept the Athlon II/ Phenom II processors like the one you opt for. Also, they have integrated graphics so you do not need an additional graphics card.
The add-on NIC you chose uses a Realtek 8169 chip. If you want something stable, which you should since you're going to be maintaining these for your clients, get an Intel based network card instead.
As for the HDD, SATA is probably a much better option than IDE these days. Particularly on modern platforms. More and more motherboard makers are ditching the IDE interface on motherboards.
-
As for the HDD, SATA is probably a much better option than IDE these days. Particularly on modern platforms. More and more motherboard makers are ditching the IDE interface on motherboards.
Where I live it is increasingly more difficult to find IDE drives in local retail shops. Before the recent floods in Thailand SATA drives were considerably cheaper than IDE drives. I haven't looked at prices lately.
Motherboards that were available at least six months before the base version of FreeBSD was released (8.1 in Feb 2010?) are much less likely to give you trouble than newly released motherboards.
Some people have reported problems with newer PCIExpress Intel NICs.
Almost everyone started as a Microsoft guy! (though I guess there are increasing numbers of Mac guys)
Guess I must be an old fella now. I started on DECsystem10s, then PDP-11s (RT-11 and RSX-11M) then VAXes (VAX/VMS then OpenVMS), Alphas (OpenVMS and Ultrix/FreeBSD) and x86 (FreeBSD and Linux).
-
Guess I must be an old fella now. I started on DECsystem10s, then PDP-11s (RT-11 and RSX-11M) then VAXes (VAX/VMS then OpenVMS), Alphas (OpenVMS and Ultrix/FreeBSD) and x86 (FreeBSD and Linux).
OT: I thought that i know something concerning IT and when i readed your list i familiarized last four words :(
-
WoW,
Thank you guys for overwhelming responses. Will need to digest this one and get back to you.
Digging in the old stock of crap we have in the backyard, I unearthed an old 1U server ( HP Prolient DL360) So I am going to try wipe it ( Win SBS2003 on it.. Lol) And no doubts the Pf sense will run on this one.. Well I hope.I will let you know as some I get the noise out of my head..
( Hate it when my imaginary friends argues with the little voices…) -
YESSS !!!
Up and running really cool with the old Proliant340. Actually using it on the company network, and looks pretty cool. Now have to figure out a few extra things.
Thank you all for your very ( I mean VERY ) valuable help :)
FlyPig.
-
That's a good selection I think. In my company we still have DL360 G3 running in production. Only issue noted thus far is the hard drives seem more likely to fail after 60,000 hours or so.
-
Yup, Typical HP ^^
For my part, In IBM we trust. SO production will probably go on an IBM ( If I have my way that is ^^ )