Need advice for home PFSENSE + SNORT + SQUIZ + OPENVPN



  • Hi,

    I've been looking for a lot of specifications in the forum but I haven't find anything for my home lab.

    I would like a little passive server for my home lab just 2 or 3 users, with pfsense + snort + squiz + openvpn (to test things in my lab when I'm at the office for example), I just need 2 NICs because I have a Cisco Switch so I will use VLAN.

    I've been having a look over the Intel D2500CC but it seems to have problems with 64 bit so are there any other similar to it? You think that this cpu will be able to handle everything?

    For RAM I'm thinking in 4GB and a SATA 2,5 or 3,5 drive. Are drives like SSD16Gb better for my purpose?

    Thank you in advance,


  • Netgate Administrator

    It really depends on what bandwidth you are hoping to acheive.
    The Atom D2500 will likely be capable of >700Mbps of firewall/NAT. That will be reduced by adding packages or running VPNs etc.

    Steve



  • Hi Steve,

    I have a DSL with 20/1 mb, so I think that bandwidth won't be a problem.

    Do you know any other MB supporting the 64 bits version.



  • If you have a VLAN capable gigabit switch, you only need 1 NIC for your needs.  There are several choices including the AMD Fusion APU based boards that you can consider.



  • I have a Fastethernet (Cisco 3550) so I need two NICs.

    I'll have a look on these AMD!

    Can you tell me any example of AMD? I'm looking in the vendors site like Asus, Asrock and Gigabyte but I just find mini-ITX with Atom!


  • Netgate Administrator

    Could you reference where people are having a problem with this board?

    If it can't run 64bit with 2.0.1 it may well be able to under 2.1 (FreeBSD 8.3). Additionally why do you want to run 64bit? It provides almost no advantage in this situation. Indeed because there are many more people running 32bit it is the better tested of the two versions.

    Steve





  • I've been looking for a lot of MB mini-itx both with AMD and Intel but I just find the D2500CC with 2 x NICs and a low price so I think that I'll get this board finally. I would like to use the 64 bit version to use the 4GB RAM. Maybe 2Gb are enough for my requirements?

    I'm a little bit confuse with the hardware to use for my purpose…


  • Netgate Administrator

    I would expect 2GB is plenty for home use. You can probably get 3.5 or something similar anyway. 4GB is the theoretical limit with a 32bit OS but some overheads reduce this.
    Running snort you can never have too much ram though. There are plenty of people running pfSense on the Alix box and that has 256MB, though I suspect not many of them running snort!  ;)

    Steve



  • Sure, Snort is really hungry like the pig of the logo hehe.

    Maybe I'm going to buy the D2700MUD it has a better CPU, just one NIC but I have some NICs at home to put in the PCI and is little bit cheaper!



  • Finally, I'm going to purchase a solution "out of the box" from ebay a with a better price than if I get everything by my myself.

    MB - Asrock AD2700
    CPU - Intel Atom 2700
    RAM - 4GB
    SSD 16GB

    It will be fanless, 16GB for the storage will be enough for my purpose?

    Maybe it's an overkill configuration for my homelab but, I haven't find anything with a lower price (200€) and this type of power comsuption.

    I don't know if I can paste the link here so if someone is interested just send me a PM.



  • I'm waiting for my little new machine.

    Based on your experience, what is better to use the full install or the nanoBSD with my 16GB SSD Kingston?

    THanks!


  • Netgate Administrator

    You should be able to use either though some of those Kingston drives have a nasty reputation, looks like the 8GB version though.

    Personally I would use the NanoBSD install and see how it goes. If you find it too restrictive you can always switch to a full install later.

    Steve


Log in to reply