CPU grunt required to route WAN<->LAN… AND.... LAN<->LAN
-
Hey there, lurker for years, used Smoothwall early last decade on some old gear. Now that I actually pay for my power bill, I want a new low power solution to assist moving away from DD-WRT which I love to death, so stable over 4 yrs.
Environment:
• 120Mbit/2.4Mbit connection
• ESXi x 2
• NAS's X 2
• Microsoft file server X 2
• 3-5 wired clients (desktops, HTPC etc)
• Apps server (AirVideo, SAB, SQL etc)
• Wifi devices, have a WRT400N with DD-WRT for N traffic that I can stick in AP mode on an adaptor I assume (3 tablets, 3 phones, 2 laptops)
• HP Procurve GB 8 port and a 24 port switch.http://www.pfsense.org/index.php?option=com_content&task=view&id=52&Itemid=49
The page says "No less then 1.0Ghz CPU" to route 51-200 worth of traffic, which I thought I would be within, but does that include LAN to LAN traffic? I'm a little network green. If I'm moving traffic from a subnet (say my DMZ) through to my inside LAN, this routes through pFsense correct? What if I setup pFsense control VLAN's?
From this thinking plus threads on the forum, I don’t need just ~1Ghz, but enough grunt to move 1Gbps.
I want to be able to run Snort, maybe cache and a few VPN connections.It "seems" that my Q is A here >>
http://forum.pfsense.org/index.php/topic,45922.0.html"If you need Gbps transfer between internal subnets/interfaces then the G530 is the right choice.
Steve"
Actual Question: Would a intel BLKDH61WWB3 + G620 suffice? Ill being running either a dual port intel NIC or the single onboard one with VLAN.
PS: Some sort of matrix that could answer my question would be well cool.
A package in pFsense that pushed "benchmark type" results to a cloud, the data could be well useful to peeps I would have thought.Thanks sooo much!!!
Michael
-
Welcome, nice router! (Hitachi?)
The page says "No less then 1.0Ghz CPU" to route 51-200 worth of traffic, which I thought I would be within, but does that include LAN to LAN traffic? I'm a little network green. If I'm moving traffic from a subnet (say my DMZ) through to my inside LAN, this routes through pFsense correct? What if I setup pFsense control VLAN's?
pfSense filters traffic between any of its interfaces. Therefore if you are moving files from a 'dmz' to a LAN you need pfSense hardware that can filter that traffic at the required speed, possibly up to gigabit.
Actual Question: Would a intel BLKDH61WWB3 + G620 suffice? Ill being running either a dual port Intel NIC or the single onboard one with VLAN.
Yes. You will be able to route at gigabit wire speed with that board/cpu. If you use VLANs all your traffic has to use a single connection but that may not be such a problem. Since you already have a nice VLAN capable switch you can try it without any cost.
I agree we need some more recent figures for the hardware page. The trouble is there are so many variables that hard figures can be misleading.
Steve
-
Thanks, its a FESTOOL Oberfräse OF 1010 EBQ-Plus :)
Thanks so much for your reply Steve!
Traffic going through interfaces requires CPU usage, gotcha.
If i go VLAN, it would seem all traffic go through pfSense, as I would be firewalling various subnets., gotcha.
The trouble is there are so many variables that hard figures can be misleading.
There are a lot of variables but then there are a lot of pfSense users. Mashing a few 10,000 tables of data together would show some commonalities i would have thought. Shame I lack statistical analytic skills, would be fun and beneficial to the community.
Thanks so much again, gunna go grab some hardware!
Michael
