Tournament Setup using pfSense



  • @GruensFroeschli:

    Maybe a bit late in the discussion, but this might help you:
    http://forum.pfsense.org/index.php/topic,32700.msg169054.html#msg169054

    That sounds kinda overkill for a smallish LP ~40-50 users.

    The antivirus part is important though.

    Past LP's I've helped out in, we had similar and more measures in place.  Including allowing only headsets (since we were holding parties in houses and didn't need neighbours complaining), checking of antivirus and also, verifying power consumption usage of the rigs.
    The last part started after we had power trips when people started bringing in heavily overclocked dual-opterons and overloaded the grid.

    Other funny issues we had were people spilling coffee onto powerstrips and tripping the circuit breakers.  Since then, we enforced having all powerstrips stuck on to the bottom of the tabletop especially since the incident took out a linux fileserver cum gameserver and we lost the 12 drive raid array.



  • @dreamslacker:

    1. You shouldn't need to if the games are purely on LAN unless there is a need for achievements or VAC secure.

    That's what I thought. We wouldn't want people from outside connect to our tournament game either ;)
    But still, games like League of Legends and Heroes of Newerth require a constant internet connection. In either case, we'd like that every client has internet access in case they'd want to use Skype, TeamSpeak, etc. as a means of communication. This only means that we won't be forwarding the CS/:S ports.

    @dreamslacker:

    1. It's similar to most other routers configuring for Port forward.  Static Port NAT works similarly except in the reverse direction.  Plenty of guides on this in the Games sub-forum

    2. With that much bandwidth, you're unlikely to have an issue since most of your games are hosted locally (or at most up to the WAN gateway).

    Okay, that's great to hear!  :)

    @GruensFroeschli:

    Maybe a bit late in the discussion, but this might help you:
    http://forum.pfsense.org/index.php/topic,32700.msg169054.html#msg169054

    Thanks, I'll look into it!



  • @Nachtfalke:

    <snipped>PS: Please do not install squid or such stupid things on a LAN party. Not all games like it if you connect through a proxy and it makes no sense to "cache" any data. You want to play and this game data you cannot cache. Forget about squid for that.</snipped>

    In my prior experience a lot of LAN parties involve downloading drivers, games, game levels, etc.  All of these work well coming from Squid and can reduce the bandwidth usage a lot.



  • @jwelter99:

    @Nachtfalke:

    <snipped>PS: Please do not install squid or such stupid things on a LAN party. Not all games like it if you connect through a proxy and it makes no sense to "cache" any data. You want to play and this game data you cannot cache. Forget about squid for that.</snipped>

    In my prior experience a lot of LAN parties involve downloading drivers, games, game levels, etc.  All of these work well coming from Squid and can reduce the bandwidth usage a lot.

    We've been given a very large bandwidth and because of this I'm willing to not install Squid. It simplifies the network setup and I don't really see it necessary.



  • We usual provide a "public" r/w fileserver which is intended to store all updates, maps, ect. for everyone.
    If something is missing anyone can upload it.



  • @GruensFroeschli:

    We usual provide a "public" r/w fileserver which is intended to store all updates, maps, ect. for everyone.
    If something is missing anyone can upload it.

    Well, considering that we're going to have a large amount of bandwidth and a "larger-than-needed" machine to handle the connections, is it possible to also setup a file hosting server that runs simultaneously with pfSense? I was thinking something like a simple HTTP or FTP server, nothing fancy. It is running on Linux, so maybe we could provide a 3rd party app to run on the kernel that pfSense provides?



  • @kxx:

    Is it possible to also setup a file hosting server that runs simultaneously with pfSense? I was thinking something like a simple HTTP or FTP server, nothing fancy. It is running on Linux, so maybe we could provide a 3rd party app to run on the kernel that pfSense provides?

    Does anyone know if this could be accomplished using on of the addons for pfSense?



  • @kxx:

    @kxx:

    Is it possible to also setup a file hosting server that runs simultaneously with pfSense? I was thinking something like a simple HTTP or FTP server, nothing fancy. It is running on Linux, so maybe we could provide a 3rd party app to run on the kernel that pfSense provides?

    Does anyone know if this could be accomplished using on of the addons for pfSense?

    I "fileserver-tool" is not a common package what should be used on a firewall.
    Something similar to pfsense is "freenas".
    http://www.freenas.org/

    You can use "Proxmox"
    http://www.proxmox.com/
    as virtualization basis. Then virtualize pfsense for routing and freenas as storage system.



  • @Nachtfalke:

    I "fileserver-tool" is not a common package what should be used on a firewall.
    Something similar to pfsense is "freenas".
    http://www.freenas.org/

    Silly me, of course not! FreeNAS looks like it's what we'll need! Thank you for that!

    @Nachtfalke:

    You can use "Proxmox"
    http://www.proxmox.com/
    as virtualization basis. Then virtualize pfsense for routing and freenas as storage system.

    To me, Proxmox appears as a Mail Gateway. How could I use it to virtualize pfsense and freenas? Also, what does "virutralize" mean? :P



  • @kxx:

    @Nachtfalke:

    (…)
    To me, Proxmox appears as a Mail Gateway. How could I use it to virtualize pfsense and freenas? Also, what does "virutralize" mean? :P

    :P

    http://www.proxmox.com/products/proxmox-ve



  • @Nachtfalke:

    http://www.proxmox.com/products/proxmox-ve

    I wasn't even looking for that, thank you! The machine we're building for our network doesn't have a harddrive.
    How would you go about installing Proxmox, FreeNAS and pfSense? Extract the files like so?:

    
    G:\ [USB drive root]
      |
      +pfSense--- [folder]
         |
         |... [files from pfSense image]
      +FreeNAS--- [folder]
         |
         |... [files from FreeNAS image]
      +Proxmox---  [folder]
         |
         |... [files from Proxmox image]
    
    

    then mount the USB drive and … ? The HDD is blank from install, so I don't know how I am going to do something like this.



  • usb-drive? i wouldn't even dream about running virtualhost with two clients on usb-drive. It just taste like bad christmas meal



  • @Metu69salemi:

    usb-drive? i wouldn't even dream about running virtualhost with two clients on usb-drive. It just taste like bad christmas meal

    The install will be from an usb-drive, as in, we will boot from an usb drive to install different things. The installation itself will be on a hard drive (as mentioned in my original post).



  • aah ok, I haven't used Proxmox-ve by myself so i don't know if it supports or not installing from usb-drive


  • Netgate Administrator

    You could try this:
    http://code.google.com/p/pfsense-cacheboy/wiki/Pfsense_Samba
    Though I haven't tried it and I can't recommend it!  ::)

    Steve



  • Is there a special reason why you want to have everything on the same machine?
    Keep everything as simple as possible.
    I bet you have somewhere a 5 year old machine lying around that noone uses.
    It doesn't have to be fast, just be able to serve files :)



  • @GruensFroeschli:

    Is there a special reason why you want to have everything on the same machine?
    Keep everything as simple as possible.
    I bet you have somewhere a 5 year old machine lying around that noone uses.
    It doesn't have to be fast, just be able to serve files :)

    After realizing that the built-in CPU doesn't even support Proxmox VE (due to the lack of VX-T on the Intel Atom), I decided that we'll just run the fileserver on another machine. The reason why I wanted to have things on one machine was because that the machine we're building has the capacity to support it, albeit not the hardware requirements. Plus, it makes things look neat! :-)

    Also: I managed to get both pfSense and FreeNAS up and running in a virtual environment yesterday, although the pfSense wasn't running as I wanted it to (because I only have 1 NIC in my computer). But still, things are looking brighter and brighter! I'm actually excited for this project: Getting the budget approved, ordering the hardware, having it delivered, installing, configuration… Everything! I really look forward to the setting up the hardware and installing pfSense, it actually excites me!



  • @stephenw10:

    You could try this:
    http://code.google.com/p/pfsense-cacheboy/wiki/Pfsense_Samba
    Though I haven't tried it and I can't recommend it!  ::)

    Steve

    Although it looks like the exact thing that I'd want, I've decided to just run the FreeNAS fileserver on a separate machine.


  • Netgate Administrator

    Good decision.  :)

    Steve



  • @stephenw10:

    Good decision.  :)

    Yeah, I figured since I already knew how to setup FreeNAS that it wouldn't be a problem running it from another machine. By the way, I tried installing the pfSense-Mamba in my Virutal Machine setup of pfSense… Turns out the whole installation will fail, as the requested package repository is offline (seems to have been permanently removed).



  • I would suggest you also set your self up a free opendns account and turn on most of the options.

    Two reasons, it will help you control your users in the form of stopping them accessing high bandwidth source sand consuming your bandwidth -although I don't think you're going to have bandwidth issues per say.

    The other thing it will help with is that you have a responsibility to prevent the cconnection being used for illegal use. Sounds very big brother, but sadly the digital economy bill does apply to what you are doing.

    You can't possibly know what is installed on each computer on your network, what they are going to download. Etc,

    We use pfsense in two locations, one is holiday apartments and the other is a leisure facility, you'll be surprised what appears on the blocked domains list report generated by opendns. And these are family environments…...oooooo

    Good luck with your project.


Locked